ClueCon2009: The Security Saga of SysAdmin Steve

768 views
709 views

Published on

This is a story of VoIP security, a disgruntled employee and the trouble that can be caused in an unsecured environment. The presentation is done in a minimalist style popularized by Professor Lawrence Lessig. The 248 slides were presented in about 15 minutes at ClueCon 2009 in Chicago on August 5, 2009. A video recording will be made available and an update will be posted here.

Do note that I did give an older version of this talk at ETel 2007 as "The Black Bag Security Review".

Published in: Technology, Business
1 Comment
0 Likes
Statistics
Notes
  • Innovative presentation style, but to be understood I guess perhaps the video or audio of the presentation in front of audience could help :-)
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total views
768
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
12
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

ClueCon2009: The Security Saga of SysAdmin Steve

  1. 1. The Security Saga of SysAdmin Steve Dan York, CISSP ClueCon 2009 ClueCon 2009 – Dan York
  2. 2. Once upon a time... ClueCon 2009 – Dan York
  3. 3. big company ClueCon 2009 – Dan York
  4. 4. smaller company ClueCon 2009 – Dan York
  5. 5. SysAdmin Steve ClueCon 2009 – Dan York
  6. 6. promotion ClueCon 2009 – Dan York
  7. 7. IT ClueCon 2009 – Dan York
  8. 8. phones, too! ClueCon 2009 – Dan York
  9. 9. new VoIP system ClueCon 2009 – Dan York
  10. 10. net head ClueCon 2009 – Dan York
  11. 11. V ClueCon 2009 – Dan York
  12. 12. Voice ClueCon 2009 – Dan York
  13. 13. SIP ClueCon 2009 – Dan York
  14. 14. open standard ClueCon 2009 – Dan York
  15. 15. Security Isn’t Possible ClueCon 2009 – Dan York
  16. 16. education ClueCon 2009 – Dan York
  17. 17. PSTN SIP Service Provider Internet IP-PBX LAN ClueCon 2009 – Dan York
  18. 18. cheap ClueCon 2009 – Dan York
  19. 19. merged ClueCon 2009 – Dan York
  20. 20. quit ClueCon 2009 – Dan York
  21. 21. ? ClueCon 2009 – Dan York
  22. 22. new IT staff ClueCon 2009 – Dan York
  23. 23. Juvenile Joe ClueCon 2009 – Dan York
  24. 24. BOFH ClueCon 2009 – Dan York
  25. 25. read e-mail ClueCon 2009 – Dan York
  26. 26. monitor ClueCon 2009 – Dan York
  27. 27. comment ClueCon 2009 – Dan York
  28. 28. playground ClueCon 2009 – Dan York
  29. 29. exploit chaos ClueCon 2009 – Dan York
  30. 30. fun ClueCon 2009 – Dan York
  31. 31. ultimate truism ClueCon 2009 – Dan York
  32. 32. voice = packets ClueCon 2009 – Dan York
  33. 33. packets = bits ClueCon 2009 – Dan York
  34. 34. bits can be manipulated ClueCon 2009 – Dan York
  35. 35. “VoIP security tools” ClueCon 2009 – Dan York
  36. 36. tools, tools, tools ClueCon 2009 – Dan York
  37. 37. voipsa.org ClueCon 2009 – Dan York
  38. 38. hackingvoip.com ClueCon 2009 – Dan York
  39. 39. sectools.org ClueCon 2009 – Dan York
  40. 40. tools, tools, tools ClueCon 2009 – Dan York
  41. 41. good ClueCon 2009 – Dan York
  42. 42. evil ClueCon 2009 – Dan York
  43. 43. test/defend ClueCon 2009 – Dan York
  44. 44. attack ClueCon 2009 – Dan York
  45. 45. perspective ClueCon 2009 – Dan York
  46. 46. white hat ClueCon 2009 – Dan York
  47. 47. black hat ClueCon 2009 – Dan York
  48. 48. wireshark ClueCon 2009 – Dan York
  49. 49. ClueCon 2009 – Dan York
  50. 50. cain & abel ClueCon 2009 – Dan York
  51. 51. RTP ClueCon 2009 – Dan York
  52. 52. WAV ClueCon 2009 – Dan York
  53. 53. MP3s ClueCon 2009 – Dan York
  54. 54. iPod ClueCon 2009 – Dan York
  55. 55. 2-hour commute ClueCon 2009 – Dan York
  56. 56. corporate conversations ClueCon 2009 – Dan York
  57. 57. personal iPod ClueCon 2009 – Dan York
  58. 58. corporate conversations ClueCon 2009 – Dan York
  59. 59. personal iPod ClueCon 2009 – Dan York
  60. 60. (scared yet?) ClueCon 2009 – Dan York
  61. 61. conversations ClueCon 2009 – Dan York
  62. 62. PIN ClueCon 2009 – Dan York
  63. 63. voicemail PINs ClueCon 2009 – Dan York
  64. 64. banking PINs ClueCon 2009 – Dan York
  65. 65. DTMF decoder ClueCon 2009 – Dan York
  66. 66. (fun stuff, eh?) ClueCon 2009 – Dan York
  67. 67. Teleworker Ted ClueCon 2009 – Dan York
  68. 68. envy ClueCon 2009 – Dan York
  69. 69. grudge ClueCon 2009 – Dan York
  70. 70. hang up Ted ClueCon 2009 – Dan York
  71. 71. cell phone ClueCon 2009 – Dan York
  72. 72. devious ClueCon 2009 – Dan York
  73. 73. mix in new background ClueCon 2009 – Dan York
  74. 74. amusement park ClueCon 2009 – Dan York
  75. 75. screaming kids ClueCon 2009 – Dan York
  76. 76. dog ClueCon 2009 – Dan York
  77. 77. Ted’s dog ClueCon 2009 – Dan York
  78. 78. endless barking ClueCon 2009 – Dan York
  79. 79. no clue ClueCon 2009 – Dan York
  80. 80. Process Paul ClueCon 2009 – Dan York
  81. 81. new rules ClueCon 2009 – Dan York
  82. 82. worked late ClueCon 2009 – Dan York
  83. 83. wife ClueCon 2009 – Dan York
  84. 84. female ClueCon 2009 – Dan York
  85. 85. ??? ClueCon 2009 – Dan York
  86. 86. no clue ClueCon 2009 – Dan York
  87. 87. insecure firewall ClueCon 2009 – Dan York
  88. 88. family ClueCon 2009 – Dan York
  89. 89. SIP softphone ClueCon 2009 – Dan York
  90. 90. free long distance ClueCon 2009 – Dan York
  91. 91. (toll fraud) ClueCon 2009 – Dan York
  92. 92. Board conf calls ClueCon 2009 – Dan York
  93. 93. revenues in the tank ClueCon 2009 – Dan York
  94. 94. only hope ClueCon 2009 – Dan York
  95. 95. acquisition ClueCon 2009 – Dan York
  96. 96. IT outsourced ClueCon 2009 – Dan York
  97. 97. job ClueCon 2009 – Dan York
  98. 98. (Uh-oh) ClueCon 2009 – Dan York
  99. 99. war ClueCon 2009 – Dan York
  100. 100. SIP trunk ClueCon 2009 – Dan York
  101. 101. unencrypted ClueCon 2009 – Dan York
  102. 102. sniff CID ClueCon 2009 – Dan York
  103. 103. lawyers ClueCon 2009 – Dan York
  104. 104. CFO ClueCon 2009 – Dan York
  105. 105. SIP Redirect ClueCon 2009 – Dan York
  106. 106. random extension ClueCon 2009 – Dan York
  107. 107. shipping ClueCon 2009 – Dan York
  108. 108. HR ClueCon 2009 – Dan York
  109. 109. labs ClueCon 2009 – Dan York
  110. 110. kitchen ClueCon 2009 – Dan York
  111. 111. ? ClueCon 2009 – Dan York
  112. 112. acquire? ClueCon 2009 – Dan York
  113. 113. @#$@?%$! ClueCon 2009 – Dan York
  114. 114. SysAdmin Steve ClueCon 2009 – Dan York
  115. 115. fix it ClueCon 2009 – Dan York
  116. 116. DoS ClueCon 2009 – Dan York
  117. 117. BYE ClueCon 2009 – Dan York
  118. 118. hang up CEO ClueCon 2009 – Dan York
  119. 119. set reload ClueCon 2009 – Dan York
  120. 120. erase SIP registration ClueCon 2009 – Dan York
  121. 121. no clue ClueCon 2009 – Dan York
  122. 122. packet flood ClueCon 2009 – Dan York
  123. 123. degrade ClueCon 2009 – Dan York
  124. 124. cell phones ClueCon 2009 – Dan York
  125. 125. acquire? ClueCon 2009 – Dan York
  126. 126. @#$@?%$! ClueCon 2009 – Dan York
  127. 127. SysAdmin Steve ClueCon 2009 – Dan York
  128. 128. fix it ClueCon 2009 – Dan York
  129. 129. 3 strikes ClueCon 2009 – Dan York
  130. 130. investigation ClueCon 2009 – Dan York
  131. 131. truth ClueCon 2009 – Dan York
  132. 132. discovered ClueCon 2009 – Dan York
  133. 133. heart attack ClueCon 2009 – Dan York
  134. 134. corporate conversations ClueCon 2009 – Dan York
  135. 135. SIP trunk ClueCon 2009 – Dan York
  136. 136. unencrypted ClueCon 2009 – Dan York
  137. 137. public Internet ClueCon 2009 – Dan York
  138. 138. clear ClueCon 2009 – Dan York
  139. 139. call records ClueCon 2009 – Dan York
  140. 140. public Internet ClueCon 2009 – Dan York
  141. 141. cleartext ClueCon 2009 – Dan York
  142. 142. (not good) ClueCon 2009 – Dan York
  143. 143. plan ClueCon 2009 – Dan York
  144. 144. Fire Joe! ClueCon 2009 – Dan York
  145. 145. defense in depth ClueCon 2009 – Dan York
  146. 146. layers ClueCon 2009 – Dan York
  147. 147. encryption ClueCon 2009 – Dan York
  148. 148. SRTP ClueCon 2009 – Dan York
  149. 149. TLS / DTLS ClueCon 2009 – Dan York
  150. 150. ZRTP ClueCon 2009 – Dan York
  151. 151. voice ClueCon 2009 – Dan York
  152. 152. call control ClueCon 2009 – Dan York
  153. 153. LAN ClueCon 2009 – Dan York
  154. 154. SIP trunk ClueCon 2009 – Dan York
  155. 155. clueless ClueCon 2009 – Dan York
  156. 156. new provider ClueCon 2009 – Dan York
  157. 157. call accounting ClueCon 2009 – Dan York
  158. 158. IP network ClueCon 2009 – Dan York
  159. 159. VLANs ClueCon 2009 – Dan York
  160. 160. IDS/IPS ClueCon 2009 – Dan York
  161. 161. monitoring ClueCon 2009 – Dan York
  162. 162. rate throttling ClueCon 2009 – Dan York
  163. 163. secure perimeter ClueCon 2009 – Dan York
  164. 164. firewall traversal ClueCon 2009 – Dan York
  165. 165. firmware ClueCon 2009 – Dan York
  166. 166. o/s patches ClueCon 2009 – Dan York
  167. 167. disable services ClueCon 2009 – Dan York
  168. 168. die, default passwords, die, die, die ClueCon 2009 – Dan York
  169. 169. layers ClueCon 2009 – Dan York
  170. 170. secure VoIP ClueCon 2009 – Dan York
  171. 171. caveat ClueCon 2009 – Dan York
  172. 172. internal ClueCon 2009 – Dan York
  173. 173. disgruntled ClueCon 2009 – Dan York
  174. 174. x%? ClueCon 2009 – Dan York
  175. 175. compromised servers ClueCon 2009 – Dan York
  176. 176. spyware ClueCon 2009 – Dan York
  177. 177. unsecured WiFi ClueCon 2009 – Dan York
  178. 178. (checked your parking lot lately?) ClueCon 2009 – Dan York
  179. 179. offline analysis ClueCon 2009 – Dan York
  180. 180. SIP trunk ClueCon 2009 – Dan York
  181. 181. $$$ ClueCon 2009 – Dan York
  182. 182. security ClueCon 2009 – Dan York
  183. 183. Botnet Bob ClueCon 2009 – Dan York
  184. 184. zombies ClueCon 2009 – Dan York
  185. 185. fun ClueCon 2009 – Dan York
  186. 186. profit ClueCon 2009 – Dan York
  187. 187. Criminal Chris ClueCon 2009 – Dan York
  188. 188. espionage ClueCon 2009 – Dan York
  189. 189. identity theft ClueCon 2009 – Dan York
  190. 190. human replay attack ClueCon 2009 – Dan York
  191. 191. Spammer Sue ClueCon 2009 – Dan York
  192. 192. SPIT ClueCon 2009 – Dan York
  193. 193. 1,000s of calls ClueCon 2009 – Dan York
  194. 194. “significant event” ClueCon 2009 – Dan York
  195. 195. Congressman ClueCon 2009 – Dan York
  196. 196. mistress ClueCon 2009 – Dan York
  197. 197. public official ClueCon 2009 – Dan York
  198. 198. porn line ClueCon 2009 – Dan York
  199. 199. identity theft ClueCon 2009 – Dan York
  200. 200. 13-yr-old ClueCon 2009 – Dan York
  201. 201. Wall St. Journal ClueCon 2009 – Dan York
  202. 202. “VOIP IS INSECURE” ClueCon 2009 – Dan York
  203. 203. “(stupid) VOIP IS INSECURE” ClueCon 2009 – Dan York
  204. 204. “VOIP IS INSECURE” ClueCon 2009 – Dan York
  205. 205. moral ClueCon 2009 – Dan York
  206. 206. VoIP *can* be secure ClueCon 2009 – Dan York
  207. 207. VoIP can be MORE secure than PSTN ClueCon 2009 – Dan York
  208. 208. (red button, anyone?) ClueCon 2009 – Dan York
  209. 209. work ClueCon 2009 – Dan York
  210. 210. plan ClueCon 2009 – Dan York
  211. 211. questions ClueCon 2009 – Dan York
  212. 212. education ClueCon 2009 – Dan York
  213. 213. voipsa.org ClueCon 2009 – Dan York
  214. 214. VOIPSA Threat Taxonomy ClueCon 2009 – Dan York
  215. 215. VOIPSA Best Practices ClueCon 2009 – Dan York
  216. 216. VOIPSEC mailing list ClueCon 2009 – Dan York
  217. 217. blueboxpodcast.com ClueCon 2009 – Dan York
  218. 218. ClueCon 2009 – Dan York
  219. 219. (If you aren’t reading them, be aware the attackers *are*) ClueCon 2009 – Dan York
  220. 220. defense in depth ClueCon 2009 – Dan York
  221. 221. layers and layers ClueCon 2009 – Dan York
  222. 222. voice ClueCon 2009 – Dan York
  223. 223. call control ClueCon 2009 – Dan York
  224. 224. SIP trunks ClueCon 2009 – Dan York
  225. 225. management interfaces / APIs ClueCon 2009 – Dan York
  226. 226. PSTN interfaces ClueCon 2009 – Dan York
  227. 227. PSTN ClueCon 2009 – Dan York
  228. 228. VoIP = IP + PSTN ClueCon 2009 – Dan York
  229. 229. it’s the network, stupid ClueCon 2009 – Dan York
  230. 230. cloud ClueCon 2009 – Dan York
  231. 231. IP network ClueCon 2009 – Dan York
  232. 232. voice = packets ClueCon 2009 – Dan York
  233. 233. packets = bits ClueCon 2009 – Dan York
  234. 234. bits can be manipulated ClueCon 2009 – Dan York
  235. 235. VoIP *can* be secure ClueCon 2009 – Dan York
  236. 236. work ClueCon 2009 – Dan York
  237. 237. plan ClueCon 2009 – Dan York
  238. 238. SysAdmin Steve? ClueCon 2009 – Dan York
  239. 239. happily ever after? ClueCon 2009 – Dan York
  240. 240. acquisition? ClueCon 2009 – Dan York
  241. 241. job? ClueCon 2009 – Dan York
  242. 242. CIO? ClueCon 2009 – Dan York
  243. 243. another story ClueCon 2009 – Dan York
  244. 244. To be continued... ClueCon 2009 – Dan York
  245. 245. The End (or is it the beginning?) ClueCon 2009 – Dan York
  246. 246. Please practice safe VoIP! ClueCon 2009 – Dan York
  247. 247. Q&A www.voipsa.org www.voipsa.org/blog www.blueboxpodcast.com blogs.voxeo.com ClueCon 2009 – Dan York
  248. 248. Thank you (Please practice safe VoIP!) ClueCon 2009 – Dan York

×