If a network falls in the Internet does it make a sound? (The top 5 threats you don’t hear enough about.) Jayson E. Street...
Let go of my EGO <ul><li>Lets start out with a little about yours truly. </li></ul><ul><li>[email_address] </li></ul>
Know yourself know your enemy <ul><li>Sun Wu (Tzu) “Ping-fa”(The Art of War) </li></ul><ul><li>“ Thus it is said that one ...
Contents <ul><li>INTRO </li></ul><ul><li>The IRC </li></ul><ul><li>Reverse Engineering </li></ul><ul><li>Botnets </li></ul...
IRC + CC = SOS
Do things seem a little Fuzzy? <ul><li>Browser bug a day – HD Moore </li></ul><ul><li>Microsoft patch Tuesday = IDA Pro We...
Not domo arigato Mr. Roboto <ul><ul><li>70 million computers subverted worldwide   (Source Trend Micro) </li></ul></ul><ul...
Hiring the harm <ul><li>A simple question to INFOSEC personnel. </li></ul><ul><li>Have you used security privileges to loo...
Got Google?
Okay now what can we do? <ul><li>Without understanding where the opponent's weaknesses are you cannot borrow their strengt...
Now let’s learn from others <ul><li>Discussion and Questions???? </li></ul><ul><li>Or several minutes of uncomfortable sil...
Once again those links <ul><li>http://www.infragard.net/chapters/oklahoma/  </li></ul><ul><li>http://OSVDB.org </li></ul><...
Upcoming SlideShare
Loading in …5
×

If A Network Falls In The Internet does it make a sound?

520 views
479 views

Published on

A talk on 5 INFOSEC threats you don't hear enough about.

Published in: Technology, Design
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
520
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

If A Network Falls In The Internet does it make a sound?

  1. 1. If a network falls in the Internet does it make a sound? (The top 5 threats you don’t hear enough about.) Jayson E. Street, CISSP, GSEC, GCFA IEM, IAM, CCSE, CCSA, Security+, etc…
  2. 2. Let go of my EGO <ul><li>Lets start out with a little about yours truly. </li></ul><ul><li>[email_address] </li></ul>
  3. 3. Know yourself know your enemy <ul><li>Sun Wu (Tzu) “Ping-fa”(The Art of War) </li></ul><ul><li>“ Thus it is said that one who knows the enemy and knows himself will not be endangered in a hundred engagements. One who does not know the enemy but knows himself will sometimes be victorious, sometimes meet with defeat. One who knows neither the enemy nor himself will invariably be defeated in every engagement!” </li></ul>
  4. 4. Contents <ul><li>INTRO </li></ul><ul><li>The IRC </li></ul><ul><li>Reverse Engineering </li></ul><ul><li>Botnets </li></ul><ul><li>Insider Threats </li></ul><ul><li>Just google it </li></ul><ul><li>Now what? </li></ul><ul><li>Discussion </li></ul>
  5. 5. IRC + CC = SOS
  6. 6. Do things seem a little Fuzzy? <ul><li>Browser bug a day – HD Moore </li></ul><ul><li>Microsoft patch Tuesday = IDA Pro Wednesday </li></ul><ul><li>SQL Slammer a look back at the good ole days. </li></ul><ul><ul><li>Made known at DEFCON July of 2002 Patched by MS with MS02-039 Hit on 1/25/03. </li></ul></ul><ul><li>MS06-040 Changed the infection rate from 250,000 machines a month to 250,000 machines a DAY! In the first few days of release. (Source Trend Micro) </li></ul><ul><li>Fuzzyri0t.pl Made in Oklahoma </li></ul>
  7. 7. Not domo arigato Mr. Roboto <ul><ul><li>70 million computers subverted worldwide (Source Trend Micro) </li></ul></ul><ul><li>Government Agencies whose computers may have been compromised. </li></ul><ul><ul><li>Alabama Research and Education Network </li></ul></ul><ul><ul><li>Argonne National Laboratory </li></ul></ul><ul><ul><li>Arkansas Dept. of Information Systems </li></ul></ul><ul><ul><li>Connecticut Dept. of Information Technology </li></ul></ul><ul><ul><li>Iowa Communications Network </li></ul></ul><ul><ul><li>Pittsburgh Supercomputing Center </li></ul></ul><ul><ul><li>U.S. Dept. of Defense </li></ul></ul><ul><ul><li>U.S. Navy </li></ul></ul><ul><ul><li>(Source Information Week Magazine 10/9/06) </li></ul></ul>
  8. 8. Hiring the harm <ul><li>A simple question to INFOSEC personnel. </li></ul><ul><li>Have you used security privileges to look at information you’re not authorized to access? </li></ul><ul><li>Out of 648 responses on http://darkreading.com </li></ul><ul><li>10% Yes on a regular basis </li></ul><ul><li>27% Yes a few times in their career. </li></ul><ul><li>63% No </li></ul><ul><li>The 2005 FBI Computer Crime Survey Use of antivirus, antispyware, firewalls and antispam software is almost universal among those who responded. But the software apparently did little to stop malicious insiders. </li></ul>
  9. 9. Got Google?
  10. 10. Okay now what can we do? <ul><li>Without understanding where the opponent's weaknesses are you cannot borrow their strength to use against them. (Cheng Man Ching) </li></ul><ul><li>http://www.infragard.net/chapters/oklahoma/ </li></ul><ul><li>http://OSVDB.org </li></ul><ul><li>http://www.issa-ok.org/ </li></ul><ul><li>http://isc.sans.org </li></ul><ul><li>This presentation is located @ </li></ul><ul><ul><li>http://f0rb1dd3n.com/s1s/ WP / </li></ul></ul>
  11. 11. Now let’s learn from others <ul><li>Discussion and Questions???? </li></ul><ul><li>Or several minutes of uncomfortable silence it is your choice. </li></ul>
  12. 12. Once again those links <ul><li>http://www.infragard.net/chapters/oklahoma/ </li></ul><ul><li>http://OSVDB.org </li></ul><ul><li>http://www.issa-ok.org/ </li></ul><ul><li>http://isc.sans.org </li></ul><ul><li>This presentation is located @ </li></ul><ul><ul><li>http://f0rb1dd3n.com/s1s/ WP / </li></ul></ul>

×