Your SlideShare is downloading. ×
0
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Getting the end point security right! - k. k. mookhey

548

Published on

Getting the end-point Security Right! - K. K. Mookhey - OWASP India Conference 2012

Getting the end-point Security Right! - K. K. Mookhey - OWASP India Conference 2012

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
548
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in Client-Side Security K. K. Mookhey kkmookhey@niiconsulting.com OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 2. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in• Introduction• Real-world case study • The drop • Malware analysis • Delivery mechanisms• Lessons learnt OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 3. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 4. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in File name Loop Mobile Bill Statement Date 08.11.2011.pdf Services.doc The injection attempt The Most wanted terrorist by Delhi police.doc OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 5. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 6. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 7. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 8. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 9. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in Strings OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 10. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 11. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 12. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 13. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 14. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 15. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in What heritage are they protecting? Let’s find out OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 16. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in./win7./win7/exploit.html./win7/Exploit.jar./win7/Exploit.class./moneytime./moneytime/abc./moneytime/abc/dsfd.pdf./moneytime/report.php./moneytime/aaaa./moneytime/aaaa/decr.exe./moneytime/Aminer./moneytime/Aminer/Utility_installation_step_by_step.doc./moneytime/Aminer/aMiner2.0.iso./moneytime/Aminer/aMiner_Installation_Step_by_Step.doc./moneytime/Aminer/utilities.iso./moneytime/email list.txt./moneytime/WinXpcr.py./moneytime/main.png./moneytime/demor./moneytime/demor/application.doc./moneytime/Appin./moneytime/Appin/appin.doc./moneytime/Appin/appin1.pdf./moneytime/key./moneytime/key/conhost.exe./moneytime/key/smse.exe OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 17. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 18. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 19. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 20. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in WHAT IS AMINER.EXE? OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 21. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in ./chirag/drop/KAMAL0024BEBE0A80/KeyLog.txt ./chirag/drop/KAMAL0024BEBE0A80/ip.txt ./chirag/drop/INDIA00012E2598D3 ./chirag/drop/INDIA00012E2598D3/KeyLog.txt ./chirag/drop/INDIA00012E2598D3/ip.txt ./chirag/drop/BLUE-INTRA-VM000C29D666CE ./chirag/drop/BLUE-INTRA-VM000C29D666CE/123.php Who is ./chirag/drop/GAMCA300248CC9EE30 ./chirag/drop/GAMCA300248CC9EE30/KeyLog.txt Chirag? ./chirag/drop/GAMCA300248CC9EE30/ip.txt ./chirag/drop/ADMIN-PC005056C00008 ./chirag/drop/ADMIN-PC005056C00008/KeyLog.txt ./chirag/drop/ADMIN-PC005056C00008/ip.txt ./chirag/drop/SABI-D00241D9A5C01 ./chirag/drop/SABI-D00241D9A5C01/KeyLog.txt ./chirag/drop/SABI-D00241D9A5C01/ip.txt ./chirag/drop/DESIGN20CF309A9453 ./chirag/drop/DESIGN20CF309A9453/KeyLog.txt ./chirag/drop/DESIGN20CF309A9453/ip.txt ./chirag/drop/KAMALC0F8DA7AF26C ./chirag/drop/KAMALC0F8DA7AF26C/KeyLog.txt ./chirag/drop/KAMALC0F8DA7AF26C/ip.txt OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 22. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 23. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 24. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in Typical Delivery Mechanisms OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 25. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in Scenario 2 Un-authorized usage of USB Drives We inserted USB drives on 8 systems 2 systems had USB blocked Only 1 person objected to us inserting the USB drive OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 26. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in Phishing OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 27. OWASP InfoSec India Conference 2012August 24th – 25th, 2012 The OWASP FoundationHotel Crowne Plaza, Gurgaon http://www.owasp.orghttp://www.owasp.in• APTs are real and here to stay• It does not take a genius to evade AV• We need newer solutions – and quick!• Your end-point defences should be as strong or even stronger than the perimeter defences• In the meanwhile… • Patch all your end-point software • Watch your AV status like a hawk • Constantly propagate security news to your end-usersAnd• Be careful, which security vendors you hire! OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)

×