ClueCon2009: The Security Saga of SysAdmin Steve
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

ClueCon2009: The Security Saga of SysAdmin Steve

on

  • 1,504 views

This is a story of VoIP security, a disgruntled employee and the trouble that can be caused in an unsecured environment. The presentation is done in a minimalist style popularized by Professor ...

This is a story of VoIP security, a disgruntled employee and the trouble that can be caused in an unsecured environment. The presentation is done in a minimalist style popularized by Professor Lawrence Lessig. The 248 slides were presented in about 15 minutes at ClueCon 2009 in Chicago on August 5, 2009. A video recording will be made available and an update will be posted here.

Do note that I did give an older version of this talk at ETel 2007 as "The Black Bag Security Review".

Statistics

Views

Total Views
1,504
Views on SlideShare
1,462
Embed Views
42

Actions

Likes
0
Downloads
11
Comments
1

2 Embeds 42

http://blogs.voxeo.com 41
http://webcache.googleusercontent.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • Innovative presentation style, but to be understood I guess perhaps the video or audio of the presentation in front of audience could help :-)
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

ClueCon2009: The Security Saga of SysAdmin Steve Presentation Transcript

  • 1. The Security Saga of SysAdmin Steve Dan York, CISSP ClueCon 2009 ClueCon 2009 – Dan York
  • 2. Once upon a time... ClueCon 2009 – Dan York
  • 3. big company ClueCon 2009 – Dan York
  • 4. smaller company ClueCon 2009 – Dan York
  • 5. SysAdmin Steve ClueCon 2009 – Dan York
  • 6. promotion ClueCon 2009 – Dan York
  • 7. IT ClueCon 2009 – Dan York
  • 8. phones, too! ClueCon 2009 – Dan York
  • 9. new VoIP system ClueCon 2009 – Dan York
  • 10. net head ClueCon 2009 – Dan York
  • 11. V ClueCon 2009 – Dan York
  • 12. Voice ClueCon 2009 – Dan York
  • 13. SIP ClueCon 2009 – Dan York
  • 14. open standard ClueCon 2009 – Dan York
  • 15. Security Isn’t Possible ClueCon 2009 – Dan York
  • 16. education ClueCon 2009 – Dan York
  • 17. PSTN SIP Service Provider Internet IP-PBX LAN ClueCon 2009 – Dan York
  • 18. cheap ClueCon 2009 – Dan York
  • 19. merged ClueCon 2009 – Dan York
  • 20. quit ClueCon 2009 – Dan York
  • 21. ? ClueCon 2009 – Dan York
  • 22. new IT staff ClueCon 2009 – Dan York
  • 23. Juvenile Joe ClueCon 2009 – Dan York
  • 24. BOFH ClueCon 2009 – Dan York
  • 25. read e-mail ClueCon 2009 – Dan York
  • 26. monitor ClueCon 2009 – Dan York
  • 27. comment ClueCon 2009 – Dan York
  • 28. playground ClueCon 2009 – Dan York
  • 29. exploit chaos ClueCon 2009 – Dan York
  • 30. fun ClueCon 2009 – Dan York
  • 31. ultimate truism ClueCon 2009 – Dan York
  • 32. voice = packets ClueCon 2009 – Dan York
  • 33. packets = bits ClueCon 2009 – Dan York
  • 34. bits can be manipulated ClueCon 2009 – Dan York
  • 35. “VoIP security tools” ClueCon 2009 – Dan York
  • 36. tools, tools, tools ClueCon 2009 – Dan York
  • 37. voipsa.org ClueCon 2009 – Dan York
  • 38. hackingvoip.com ClueCon 2009 – Dan York
  • 39. sectools.org ClueCon 2009 – Dan York
  • 40. tools, tools, tools ClueCon 2009 – Dan York
  • 41. good ClueCon 2009 – Dan York
  • 42. evil ClueCon 2009 – Dan York
  • 43. test/defend ClueCon 2009 – Dan York
  • 44. attack ClueCon 2009 – Dan York
  • 45. perspective ClueCon 2009 – Dan York
  • 46. white hat ClueCon 2009 – Dan York
  • 47. black hat ClueCon 2009 – Dan York
  • 48. wireshark ClueCon 2009 – Dan York
  • 49. ClueCon 2009 – Dan York
  • 50. cain & abel ClueCon 2009 – Dan York
  • 51. RTP ClueCon 2009 – Dan York
  • 52. WAV ClueCon 2009 – Dan York
  • 53. MP3s ClueCon 2009 – Dan York
  • 54. iPod ClueCon 2009 – Dan York
  • 55. 2-hour commute ClueCon 2009 – Dan York
  • 56. corporate conversations ClueCon 2009 – Dan York
  • 57. personal iPod ClueCon 2009 – Dan York
  • 58. corporate conversations ClueCon 2009 – Dan York
  • 59. personal iPod ClueCon 2009 – Dan York
  • 60. (scared yet?) ClueCon 2009 – Dan York
  • 61. conversations ClueCon 2009 – Dan York
  • 62. PIN ClueCon 2009 – Dan York
  • 63. voicemail PINs ClueCon 2009 – Dan York
  • 64. banking PINs ClueCon 2009 – Dan York
  • 65. DTMF decoder ClueCon 2009 – Dan York
  • 66. (fun stuff, eh?) ClueCon 2009 – Dan York
  • 67. Teleworker Ted ClueCon 2009 – Dan York
  • 68. envy ClueCon 2009 – Dan York
  • 69. grudge ClueCon 2009 – Dan York
  • 70. hang up Ted ClueCon 2009 – Dan York
  • 71. cell phone ClueCon 2009 – Dan York
  • 72. devious ClueCon 2009 – Dan York
  • 73. mix in new background ClueCon 2009 – Dan York
  • 74. amusement park ClueCon 2009 – Dan York
  • 75. screaming kids ClueCon 2009 – Dan York
  • 76. dog ClueCon 2009 – Dan York
  • 77. Ted’s dog ClueCon 2009 – Dan York
  • 78. endless barking ClueCon 2009 – Dan York
  • 79. no clue ClueCon 2009 – Dan York
  • 80. Process Paul ClueCon 2009 – Dan York
  • 81. new rules ClueCon 2009 – Dan York
  • 82. worked late ClueCon 2009 – Dan York
  • 83. wife ClueCon 2009 – Dan York
  • 84. female ClueCon 2009 – Dan York
  • 85. ??? ClueCon 2009 – Dan York
  • 86. no clue ClueCon 2009 – Dan York
  • 87. insecure firewall ClueCon 2009 – Dan York
  • 88. family ClueCon 2009 – Dan York
  • 89. SIP softphone ClueCon 2009 – Dan York
  • 90. free long distance ClueCon 2009 – Dan York
  • 91. (toll fraud) ClueCon 2009 – Dan York
  • 92. Board conf calls ClueCon 2009 – Dan York
  • 93. revenues in the tank ClueCon 2009 – Dan York
  • 94. only hope ClueCon 2009 – Dan York
  • 95. acquisition ClueCon 2009 – Dan York
  • 96. IT outsourced ClueCon 2009 – Dan York
  • 97. job ClueCon 2009 – Dan York
  • 98. (Uh-oh) ClueCon 2009 – Dan York
  • 99. war ClueCon 2009 – Dan York
  • 100. SIP trunk ClueCon 2009 – Dan York
  • 101. unencrypted ClueCon 2009 – Dan York
  • 102. sniff CID ClueCon 2009 – Dan York
  • 103. lawyers ClueCon 2009 – Dan York
  • 104. CFO ClueCon 2009 – Dan York
  • 105. SIP Redirect ClueCon 2009 – Dan York
  • 106. random extension ClueCon 2009 – Dan York
  • 107. shipping ClueCon 2009 – Dan York
  • 108. HR ClueCon 2009 – Dan York
  • 109. labs ClueCon 2009 – Dan York
  • 110. kitchen ClueCon 2009 – Dan York
  • 111. ? ClueCon 2009 – Dan York
  • 112. acquire? ClueCon 2009 – Dan York
  • 113. @#$@?%$! ClueCon 2009 – Dan York
  • 114. SysAdmin Steve ClueCon 2009 – Dan York
  • 115. fix it ClueCon 2009 – Dan York
  • 116. DoS ClueCon 2009 – Dan York
  • 117. BYE ClueCon 2009 – Dan York
  • 118. hang up CEO ClueCon 2009 – Dan York
  • 119. set reload ClueCon 2009 – Dan York
  • 120. erase SIP registration ClueCon 2009 – Dan York
  • 121. no clue ClueCon 2009 – Dan York
  • 122. packet flood ClueCon 2009 – Dan York
  • 123. degrade ClueCon 2009 – Dan York
  • 124. cell phones ClueCon 2009 – Dan York
  • 125. acquire? ClueCon 2009 – Dan York
  • 126. @#$@?%$! ClueCon 2009 – Dan York
  • 127. SysAdmin Steve ClueCon 2009 – Dan York
  • 128. fix it ClueCon 2009 – Dan York
  • 129. 3 strikes ClueCon 2009 – Dan York
  • 130. investigation ClueCon 2009 – Dan York
  • 131. truth ClueCon 2009 – Dan York
  • 132. discovered ClueCon 2009 – Dan York
  • 133. heart attack ClueCon 2009 – Dan York
  • 134. corporate conversations ClueCon 2009 – Dan York
  • 135. SIP trunk ClueCon 2009 – Dan York
  • 136. unencrypted ClueCon 2009 – Dan York
  • 137. public Internet ClueCon 2009 – Dan York
  • 138. clear ClueCon 2009 – Dan York
  • 139. call records ClueCon 2009 – Dan York
  • 140. public Internet ClueCon 2009 – Dan York
  • 141. cleartext ClueCon 2009 – Dan York
  • 142. (not good) ClueCon 2009 – Dan York
  • 143. plan ClueCon 2009 – Dan York
  • 144. Fire Joe! ClueCon 2009 – Dan York
  • 145. defense in depth ClueCon 2009 – Dan York
  • 146. layers ClueCon 2009 – Dan York
  • 147. encryption ClueCon 2009 – Dan York
  • 148. SRTP ClueCon 2009 – Dan York
  • 149. TLS / DTLS ClueCon 2009 – Dan York
  • 150. ZRTP ClueCon 2009 – Dan York
  • 151. voice ClueCon 2009 – Dan York
  • 152. call control ClueCon 2009 – Dan York
  • 153. LAN ClueCon 2009 – Dan York
  • 154. SIP trunk ClueCon 2009 – Dan York
  • 155. clueless ClueCon 2009 – Dan York
  • 156. new provider ClueCon 2009 – Dan York
  • 157. call accounting ClueCon 2009 – Dan York
  • 158. IP network ClueCon 2009 – Dan York
  • 159. VLANs ClueCon 2009 – Dan York
  • 160. IDS/IPS ClueCon 2009 – Dan York
  • 161. monitoring ClueCon 2009 – Dan York
  • 162. rate throttling ClueCon 2009 – Dan York
  • 163. secure perimeter ClueCon 2009 – Dan York
  • 164. firewall traversal ClueCon 2009 – Dan York
  • 165. firmware ClueCon 2009 – Dan York
  • 166. o/s patches ClueCon 2009 – Dan York
  • 167. disable services ClueCon 2009 – Dan York
  • 168. die, default passwords, die, die, die ClueCon 2009 – Dan York
  • 169. layers ClueCon 2009 – Dan York
  • 170. secure VoIP ClueCon 2009 – Dan York
  • 171. caveat ClueCon 2009 – Dan York
  • 172. internal ClueCon 2009 – Dan York
  • 173. disgruntled ClueCon 2009 – Dan York
  • 174. x%? ClueCon 2009 – Dan York
  • 175. compromised servers ClueCon 2009 – Dan York
  • 176. spyware ClueCon 2009 – Dan York
  • 177. unsecured WiFi ClueCon 2009 – Dan York
  • 178. (checked your parking lot lately?) ClueCon 2009 – Dan York
  • 179. offline analysis ClueCon 2009 – Dan York
  • 180. SIP trunk ClueCon 2009 – Dan York
  • 181. $$$ ClueCon 2009 – Dan York
  • 182. security ClueCon 2009 – Dan York
  • 183. Botnet Bob ClueCon 2009 – Dan York
  • 184. zombies ClueCon 2009 – Dan York
  • 185. fun ClueCon 2009 – Dan York
  • 186. profit ClueCon 2009 – Dan York
  • 187. Criminal Chris ClueCon 2009 – Dan York
  • 188. espionage ClueCon 2009 – Dan York
  • 189. identity theft ClueCon 2009 – Dan York
  • 190. human replay attack ClueCon 2009 – Dan York
  • 191. Spammer Sue ClueCon 2009 – Dan York
  • 192. SPIT ClueCon 2009 – Dan York
  • 193. 1,000s of calls ClueCon 2009 – Dan York
  • 194. “significant event” ClueCon 2009 – Dan York
  • 195. Congressman ClueCon 2009 – Dan York
  • 196. mistress ClueCon 2009 – Dan York
  • 197. public official ClueCon 2009 – Dan York
  • 198. porn line ClueCon 2009 – Dan York
  • 199. identity theft ClueCon 2009 – Dan York
  • 200. 13-yr-old ClueCon 2009 – Dan York
  • 201. Wall St. Journal ClueCon 2009 – Dan York
  • 202. “VOIP IS INSECURE” ClueCon 2009 – Dan York
  • 203. “(stupid) VOIP IS INSECURE” ClueCon 2009 – Dan York
  • 204. “VOIP IS INSECURE” ClueCon 2009 – Dan York
  • 205. moral ClueCon 2009 – Dan York
  • 206. VoIP *can* be secure ClueCon 2009 – Dan York
  • 207. VoIP can be MORE secure than PSTN ClueCon 2009 – Dan York
  • 208. (red button, anyone?) ClueCon 2009 – Dan York
  • 209. work ClueCon 2009 – Dan York
  • 210. plan ClueCon 2009 – Dan York
  • 211. questions ClueCon 2009 – Dan York
  • 212. education ClueCon 2009 – Dan York
  • 213. voipsa.org ClueCon 2009 – Dan York
  • 214. VOIPSA Threat Taxonomy ClueCon 2009 – Dan York
  • 215. VOIPSA Best Practices ClueCon 2009 – Dan York
  • 216. VOIPSEC mailing list ClueCon 2009 – Dan York
  • 217. blueboxpodcast.com ClueCon 2009 – Dan York
  • 218. ClueCon 2009 – Dan York
  • 219. (If you aren’t reading them, be aware the attackers *are*) ClueCon 2009 – Dan York
  • 220. defense in depth ClueCon 2009 – Dan York
  • 221. layers and layers ClueCon 2009 – Dan York
  • 222. voice ClueCon 2009 – Dan York
  • 223. call control ClueCon 2009 – Dan York
  • 224. SIP trunks ClueCon 2009 – Dan York
  • 225. management interfaces / APIs ClueCon 2009 – Dan York
  • 226. PSTN interfaces ClueCon 2009 – Dan York
  • 227. PSTN ClueCon 2009 – Dan York
  • 228. VoIP = IP + PSTN ClueCon 2009 – Dan York
  • 229. it’s the network, stupid ClueCon 2009 – Dan York
  • 230. cloud ClueCon 2009 – Dan York
  • 231. IP network ClueCon 2009 – Dan York
  • 232. voice = packets ClueCon 2009 – Dan York
  • 233. packets = bits ClueCon 2009 – Dan York
  • 234. bits can be manipulated ClueCon 2009 – Dan York
  • 235. VoIP *can* be secure ClueCon 2009 – Dan York
  • 236. work ClueCon 2009 – Dan York
  • 237. plan ClueCon 2009 – Dan York
  • 238. SysAdmin Steve? ClueCon 2009 – Dan York
  • 239. happily ever after? ClueCon 2009 – Dan York
  • 240. acquisition? ClueCon 2009 – Dan York
  • 241. job? ClueCon 2009 – Dan York
  • 242. CIO? ClueCon 2009 – Dan York
  • 243. another story ClueCon 2009 – Dan York
  • 244. To be continued... ClueCon 2009 – Dan York
  • 245. The End (or is it the beginning?) ClueCon 2009 – Dan York
  • 246. Please practice safe VoIP! ClueCon 2009 – Dan York
  • 247. Q&A www.voipsa.org www.voipsa.org/blog www.blueboxpodcast.com blogs.voxeo.com ClueCon 2009 – Dan York
  • 248. Thank you (Please practice safe VoIP!) ClueCon 2009 – Dan York