0
BREAKING INTO SECURITY          1
JOHNNY LONG     2
JOE MCCRAY    3
BRIAN DOMSCHKE      4
W HO ARE WE ?      5
JUSTIN “SPRIDEL”  BROWN     OSINT NinjaWeb App Ninja in Training    HFC Booth Guy   Newest Co-Host of      ISDPodcast     ...
FRANK J. HACKETTSenior Systems Engineer     Network Guru Sys Admin From HellSecurity guy in training     WVU Dropout      ...
W HAT ARE WE TALKING           ABOUT ?‣Why do you want to listen to us?‣What’s worked for us and what hasn’t‣What we’ve do...
L EARN TO C OMMUNICATE‣IRC  ‣irc.freenode.net - use SSL!  ‣Tools that you use (#snort, #nmap, #ettercap-  project, etc)  ‣...
T WEETER !!‣Get an account!  ‣Get over it and stop shunning all social media‣Tweet and make friends‣See new ideas‣Links!‣O...
T WEETER C ONT ’ D !!@DerbyCon            @iampr1me@Dave_Rel1k          @mubix@Irongeek_ADC        @hdmoore@fjhackett     ...
M EETUPS‣Local Spots (AustinHA, NoVAH, PhoenixSSH, OSOC,RVAsec, etc‣Professional Spots (ISSA, ISACA, Infraguard, etc‣Cons!...
O NLINE‣IRC‣Skype‣Google Hangouts‣Twitter‣Failbook‣LinkedIn‣Your Trusted Mentors/Friends/Random Hackers                   ...
L EARN TO L ISTEN‣Podcasts   ‣ISDPodcast   ‣Pauldotcom   ‣Securabit   ‣Risky Business                     14
L EARN TO S TOP B EING L AZY‣Get involved with those friends you made at the con  ‣Hackers for Charity - Go sign up!!! (NO...
B UDGET L ABS‣VirtualBox‣VMware Player‣VMware Workstation ($$)‣VMware Fusion ($$)‣Parallels ($$)‣Think small - one victim ...
L EARN TO R EAD‣Books! zOMG   ‣Professional Penetration Testing - Thomas Wilhelm   ‣Grey Hat Hacking - Harris, Harper, Eag...
L EARN W HAT D OESN ’ T W ORK‣Don’t troll‣Take a joke... seriously just take it and laugh‣Be respectful‣Don’t spam‣Be open...
L EARN W HAT D OESN ’ T W ORK‣Don’t troll‣Take a joke... seriously just take it and laugh‣Be respectful‣Don’t spam‣Be open...
K NOW W HO Y OU ’ RE T ALKING            TO‣Distinct difference between Anonymous and a securityprofessional‣People lie on...
K NOW W HO Y OU ’ RE T ALKING            TO‣Distinct difference between Anonymous and a securityprofessional‣People lie on...
S UGGESTIONS T HAT H ELPED           US‣Scripting! The power of the “for loop”‣Get comfortable in CLI‣Be an aggressive lea...
Q UESTIONS AND C OMMENTS       @spridel11       @fjhackett           21
Upcoming SlideShare
Loading in...5
×

DerbyCon 2012

323

Published on

Frank J Hackett and Justin Brown. "Breaking into Security"

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
323
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "DerbyCon 2012"

  1. 1. BREAKING INTO SECURITY 1
  2. 2. JOHNNY LONG 2
  3. 3. JOE MCCRAY 3
  4. 4. BRIAN DOMSCHKE 4
  5. 5. W HO ARE WE ? 5
  6. 6. JUSTIN “SPRIDEL” BROWN OSINT NinjaWeb App Ninja in Training HFC Booth Guy Newest Co-Host of ISDPodcast Baylor Grad 6
  7. 7. FRANK J. HACKETTSenior Systems Engineer Network Guru Sys Admin From HellSecurity guy in training WVU Dropout 7
  8. 8. W HAT ARE WE TALKING ABOUT ?‣Why do you want to listen to us?‣What’s worked for us and what hasn’t‣What we’ve done to get involved‣Tips for Mentors!! 8
  9. 9. L EARN TO C OMMUNICATE‣IRC ‣irc.freenode.net - use SSL! ‣Tools that you use (#snort, #nmap, #ettercap- project, etc) ‣OS’s (#backtrack-linux, #pentoo, #ubuntu, etc) ‣Ask questions ‣Don’t ask if you may ask ‣CHECK GOOGLE, FAQ, FORUMS BEFORE!!! 9
  10. 10. T WEETER !!‣Get an account! ‣Get over it and stop shunning all social media‣Tweet and make friends‣See new ideas‣Links!‣Open and free knowledge 10
  11. 11. T WEETER C ONT ’ D !!@DerbyCon @iampr1me@Dave_Rel1k @mubix@Irongeek_ADC @hdmoore@fjhackett @c0ncealed@spridel11 @gl11tch@oncee @hacktalkblog@Hack3rcon @carnal0wnage@j0emccray @n00bznet@JaysonStreet @ihackstuff@nullthreat @ISDpodcast 11
  12. 12. M EETUPS‣Local Spots (AustinHA, NoVAH, PhoenixSSH, OSOC,RVAsec, etc‣Professional Spots (ISSA, ISACA, Infraguard, etc‣Cons! (AIDE, DerbyCon, Shmoocon, Hack3rcon, BSides) ‣Make friends! Talk to people. They won’t bite. ‣Hangout have a beer ‣Listen to the talks don’t just hangout in the CTF all day 12
  13. 13. O NLINE‣IRC‣Skype‣Google Hangouts‣Twitter‣Failbook‣LinkedIn‣Your Trusted Mentors/Friends/Random Hackers 13
  14. 14. L EARN TO L ISTEN‣Podcasts ‣ISDPodcast ‣Pauldotcom ‣Securabit ‣Risky Business 14
  15. 15. L EARN TO S TOP B EING L AZY‣Get involved with those friends you made at the con ‣Hackers for Charity - Go sign up!!! (NOW!) ‣Random Hacks of Kindness ‣Security R00kies ‣Make your own group! 15
  16. 16. B UDGET L ABS‣VirtualBox‣VMware Player‣VMware Workstation ($$)‣VMware Fusion ($$)‣Parallels ($$)‣Think small - one victim vs entire network‣Start Vulnerable ‣MS08_067 ‣Metasploitable(s) ‣Webgoat ‣Mutillidae 16
  17. 17. L EARN TO R EAD‣Books! zOMG ‣Professional Penetration Testing - Thomas Wilhelm ‣Grey Hat Hacking - Harris, Harper, Eagle, & Ness ‣Metasploit: The Penetration Tester’s Guide - O’Gorman, Kearns, Kennedy, Aharoni‣./command -h‣nano/vi/vim - look at the code!‣Forums‣Googlefu 17
  18. 18. L EARN W HAT D OESN ’ T W ORK‣Don’t troll‣Take a joke... seriously just take it and laugh‣Be respectful‣Don’t spam‣Be open to new ideas - different approaches‣Don’t expect step by step instructions 18
  19. 19. L EARN W HAT D OESN ’ T W ORK‣Don’t troll‣Take a joke... seriously just take it and laugh‣Be respectful‣Don’t spam‣Be open to new ideas - different approaches‣Don’t expect step by step instructions 18
  20. 20. K NOW W HO Y OU ’ RE T ALKING TO‣Distinct difference between Anonymous and a securityprofessional‣People lie on the internet‣Not everyone wants to help you‣Protect yourself 19
  21. 21. K NOW W HO Y OU ’ RE T ALKING TO‣Distinct difference between Anonymous and a securityprofessional‣People lie on the internet‣Not everyone wants to help you‣Protect yourself 19
  22. 22. S UGGESTIONS T HAT H ELPED US‣Scripting! The power of the “for loop”‣Get comfortable in CLI‣Be an aggressive learner‣Help out where you can‣Give back - don’t only take‣Finding your niche 20
  23. 23. Q UESTIONS AND C OMMENTS @spridel11 @fjhackett 21
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×