• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Hacking Cracking 2008

Hacking Cracking 2008






Total Views
Views on SlideShare
Embed Views



2 Embeds 6

http://www.linkedin.com 4
https://www.linkedin.com 2



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Hacking Cracking 2008 Hacking Cracking 2008 Presentation Transcript

    • hacking/cracking the other side of the story jim geovedi guide to ict megatrend 31 January 2008 — Hotel Shangri-La, Jakarta
    • ‣ information security ‣ 0-day vulnerabilities
    • infosec ≠ satpam ‣ current trends: identity thefts, botnet, mobile communication hacking, 0-day vulnerabilities, corporate espionage, wiretapping
    • industry status ‣ big security companies acquire small start-up or spin-off companies to offer more solutions ‣ "palugada" propaganda
    • software development ‣ cheap software development? outsource to india or china!
    • security investment ‣ companies bought a lot of security devices or applications ‣ firewall, anti virus, spam and content filtering, ids, ips, patch management, etc.
    • common issues ‣ companies do not have enough resources. ‣ vendors re-introducing: ‣ weak and easy guessed passwords ‣ clear-text protocols ‣ misconfigurations
    • ‣ information security ‣ 0-day vulnerabilities
    • ‣ 0-day, pronounce zero-day, sometimes oh day, means new. ‣ the term has it's origin in the warez scene, but has become firmly entrenched in the exploit trading scene.
    • ‣ 0-day is used to refer to exploits, software, media or vulnerability information released today and those that have not yet released.
    • vendor noticed patch released intrusion time value life cycle of 0-day (quick response from vendor)
    • vendor noticed patch released intrusion time value life cycle of 0-day (very late response from vendor)
    • ‣ 0-day users: intelligence agents, professional penetration testers, product vendors, random hackers/crackers
    • obtaining 0-day ‣ conducting research (source code/ binary audit) ‣ share/trade between friends ‣ install honeypot ‣ buy from 0-day brokers
    • market ‣ current 0-day business model is considered weak ‣ the auction model
    • the players ‣ corporate: ISS, eEye, iDEFENSE, TippingPoint (3Com/ZDI), Immunity, Gleg, Argeniss, wabisabilabi, etc ‣ group or personal: cirt.dk, piotr bania, inge henriksen, mario ballano, neil kettle, etc.
    • programs ‣ https://labs.idefense.com/vcp/ ‣ http://www.wslabi.com/wabisabilabi/ rrp.do? ‣ http://www.zerodayinitiative.com/ details.html
    • prizes ‣ remote arbitrary code execution vulnerabilities in specified e-mail clients and servers (outlook, outlook express, thunderbird, sendmail, exchange) $8,000 - $12,000 ‣ remote arbitrary code execution vulnerabilities in specified critical internet infrastructure applications (apache httpd, bind, sendmail, openssh, iis, exchange): $16.00 - $24.000
    • how many? ‣ every complex software have bugs ‣ we should assume every popular application exist has at least one 0-day exploit in wild ‣ professionals keep their own 0-day!
    • fin. jim@geovedi.com