Defending Against Pass-the-Hash Attacks

Defending Against Pass-the-Hash Attacks (

Cyber Security

How Password Hashes Work

Well-designed authentication systems expend considerable effort to prevent passwords and other credentials from unauthorized disclosure. Storing and transmitting passwords in plaintext puts them at risk of exposure to hackers, eavesdroppers, and malware. To prevent such exposure, strong authentication systems use multiple mechanisms to reduce the likelihood that unencrypted credentials will be exposed, and to ensure that any authentication data that does get stored and transmitted will be of limited use to an attacker.

In Microsoft Windows, hashes are stored in one of two places: a local Security Accounts Manager (SAM) database and/or a networked Active Directory database (which is stored as a physical file called NTDS.DIT on each participating domain controller). Password hashes can be stored in one of four forms: LAN Manager (LM), NT, AES key, or Digest.

(Continue reading at

My Two Cents: This is very good information about PTH attacks and what these attacks go after with regard to Microsoft operating systems. The attacker needs to have already compromised the computer or network before these hacking tools can be used to harvest and use hashes.

Netgear ProSecure UTM Series

Netgear ProSecure UTM Series (

Technology Hardware

A comprehensive all-in-one gateway security solution. The ProSecure UTM combines application proxy firewall, VPN, zero day protection, anti-virus, anti-spyware, anti-spam, intrusion prevention, and URL filtering for total protection.

ProSecure Unified Threat Management (UTM) appliances combine performance with comprehensive security coverage for small businesses. The flexible modular software design architecture leverages patent-pending Stream Scanning technology to scan files and data streams up to 5x faster than conventional methods. This architecture in turn enables ProSecure UTM to utilize virus and malware threat databases from NETGEAR and Sophos that are over a million signatures in size – up to 400x more comprehensive than legacy small business UTM platforms
(Continue reading at

My Two Cents: I have been very happy with the Netgear ProSecure UTM50. I replaced a Mikrotik RouterBoard with the UTM50 and attached it to two Core Routers. Unified Threat Management with in hardware systems is the way to go these days even at data centers, based on what your mission is. The price is reasonable, and most come with a 3 year (UTM) subscription.