• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Hacking Cracking 2008
 

Hacking Cracking 2008

on

  • 1,189 views

 

Statistics

Views

Total Views
1,189
Views on SlideShare
1,183
Embed Views
6

Actions

Likes
1
Downloads
0
Comments
0

2 Embeds 6

http://www.linkedin.com 4
https://www.linkedin.com 2

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Hacking Cracking 2008 Hacking Cracking 2008 Presentation Transcript

    • hacking/cracking the other side of the story jim geovedi guide to ict megatrend 31 January 2008 — Hotel Shangri-La, Jakarta
    • ‣ information security ‣ 0-day vulnerabilities
    • infosec ≠ satpam ‣ current trends: identity thefts, botnet, mobile communication hacking, 0-day vulnerabilities, corporate espionage, wiretapping
    • industry status ‣ big security companies acquire small start-up or spin-off companies to offer more solutions ‣ "palugada" propaganda
    • software development ‣ cheap software development? outsource to india or china!
    • security investment ‣ companies bought a lot of security devices or applications ‣ firewall, anti virus, spam and content filtering, ids, ips, patch management, etc.
    • common issues ‣ companies do not have enough resources. ‣ vendors re-introducing: ‣ weak and easy guessed passwords ‣ clear-text protocols ‣ misconfigurations
    • ‣ information security ‣ 0-day vulnerabilities
    • ‣ 0-day, pronounce zero-day, sometimes oh day, means new. ‣ the term has it's origin in the warez scene, but has become firmly entrenched in the exploit trading scene.
    • ‣ 0-day is used to refer to exploits, software, media or vulnerability information released today and those that have not yet released.
    • vendor noticed patch released intrusion time value life cycle of 0-day (quick response from vendor)
    • vendor noticed patch released intrusion time value life cycle of 0-day (very late response from vendor)
    • ‣ 0-day users: intelligence agents, professional penetration testers, product vendors, random hackers/crackers
    • obtaining 0-day ‣ conducting research (source code/ binary audit) ‣ share/trade between friends ‣ install honeypot ‣ buy from 0-day brokers
    • market ‣ current 0-day business model is considered weak ‣ the auction model
    • the players ‣ corporate: ISS, eEye, iDEFENSE, TippingPoint (3Com/ZDI), Immunity, Gleg, Argeniss, wabisabilabi, etc ‣ group or personal: cirt.dk, piotr bania, inge henriksen, mario ballano, neil kettle, etc.
    • programs ‣ https://labs.idefense.com/vcp/ ‣ http://www.wslabi.com/wabisabilabi/ rrp.do? ‣ http://www.zerodayinitiative.com/ details.html
    • prizes ‣ remote arbitrary code execution vulnerabilities in specified e-mail clients and servers (outlook, outlook express, thunderbird, sendmail, exchange) $8,000 - $12,000 ‣ remote arbitrary code execution vulnerabilities in specified critical internet infrastructure applications (apache httpd, bind, sendmail, openssh, iis, exchange): $16.00 - $24.000
    • how many? ‣ every complex software have bugs ‣ we should assume every popular application exist has at least one 0-day exploit in wild ‣ professionals keep their own 0-day!
    • fin. jim@geovedi.com