Presenters please use this slide to direct participants to websites, books, trials, product pages etc as a follow through to your presentation
Transcript of "Hey you... Stay away from my network - Techinsights 2011 SEA"
Hey you… Stay away from my network… Esmaeil Sarabadani Systems and Security Consultant Redynamics Asia Sdn. Bhd.
What will be covered…• Cloud computing, Social Networking and the Information Leak• Social Engineering• Port Scanning and Nmap• Vulnerability scanning with MBSA & Nessus• Microsoft Security Response Center• Enhanced Mitigation Experience Toolkit• Security Best Practices
Revealing Information… Social Networks vs. Social Engineering There is no patch for human stupidity!
What kind of risk ?!! • Employees reveal so much information about the company. • Hackers create fake Facebook profiles pretending to be your colleagues. • Convincing the employees to click on malicious URLs that they post on Facebook. • People leave their: • Phone numbers • Photos • Status messages containing very important information
What kind of risk ?!! How much would you get to sell out your colleague? Would you accept 1000 USD to give out a simple document from inside the company? • How about 10,000 USD ??? • How about 100,000 USD ??? Do you trust everyone at work? How do you realize if someone is the bad guy?
Do not block Facebook to them at work… Educate your users and employees... Let them know about the threats... Evaluate their awareness every now and then…
The Steps in Hacking Step 3 Step 2 Step 4 Step 1 Establish a Initial intrusion Obtain userReconnaissance backdoor into into the network credentials the network Step 7 Step 6 Step 5 Privilege escalation Maintain /lateral movement Install various persistence /data exfiltration utilities
Port Scanning Scanning the target computer to detect the open ports. What hackers do… • Detect Open Ports • Detect the services behind those ports • Find security vulnerabilities of those services • Attack the vulnerabilities
Vulnerability Scanning Scanning the target computer: • For possible security bugs and vulnerabilities • For open and filtered ports • To detect the target OS • To get a solution to fix the bug • To get a link for the exploits
• Discovering Vulnerabilities in Microsoft Products• Releasing Security Updates, Patches and Service Packs• Advanced Update Notifications• Microsoft Security Essentials• Malicious Software Removal Tool
What if Hackers are Faster ?!! 1 week Security Vulnerability Security Patch 3 Days Exploit
Enhanced Mitigation Experience Toolkit (EMET v 2.1)• Uses Security Mitigation Technologies• Makes it Difficult to Exploit the 0-Day Bugs on Systems• Can Cover Security Bugs on any Softwares on the System