Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Call of Community - ShowMeCon 2014

882 views

Published on

Slides from my talk at ShowMeCon STL 2014

Published in: Technology, Education
  • Be the first to comment

  • Be the first to like this

Call of Community - ShowMeCon 2014

  1. 1. About Ben The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014 Introductions ● 13+ years experience in Health Care Information Systems ● Vice President & Security Officer ● Developer (Builder) ● Security Consultant, Trainer
  2. 2. About Ben The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014 Introductions ● It's hard being an executive when you look like you are a teenager. ● For serious! ● Thanks to @jaysonstreet
  3. 3. Disclaimer Our thanks to all of the websites we ripped off to use images for this deck. Full attribution on last slide! The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  4. 4. Why Us? ● We are geeks ● We are gamers ● We love this community ● We both wanted to be like our gaming heroes! The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  5. 5. Why Us? The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  6. 6. Why Us? The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  7. 7. The Call of Community What is this call? The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  8. 8. The Call of Community Our hopes & dreams The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  9. 9. The Call of Community Strategic Defense Execution Standard The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  10. 10. What is PoshSec? • PoshSec is a framework to enable information security pros, system administrators, analysts and others to effectively help manage a systems or a networks security. • PoshSec consists of • PoshSec PowerShell Module • PoshSec Framework PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  11. 11. How PoshSec Got Started •Started by Matt Johnson and Will Steele •Originally saw a lack of Security Related PowerShell modules •Planned out the project as Will was battling cancer. PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  12. 12. Assembling the team •Need a team of ninja’s to help make PoshSec grow •Partnered with Wolfgang Goerlich, Nick Jacob and Rich Cassara and Michael Ortega •All seasoned infosec pros and brilliant minds. PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  13. 13. PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  14. 14. PoshSec Goals • The initial PoshSec release focused on the Top 20 controls. • While maintaining our expertise in the area Top20 controls, we are branching out to cover: • Server Hardening • Forensics • Many more areas PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  15. 15. Account Management • Created to satisfy Top Twenty Control #16 for the Account Monitoring and Control section. • Allows people to verify: • User accounts • Accounts that don’t expire • Admin accounts • Accounts that expire • Accounts pass expiration date PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  16. 16. PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  17. 17. Log Management • Allows for querying of a few log types • DNS • IIS • Allows you to set all of your Security Event logs to PoshSec recommended settings. PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  18. 18. PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  19. 19. Network Baselining •Several Baselining Scripts •Open Ports •Wireless Networks •Configure Windows Firewall PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  20. 20. PoshSec 1.0 •PoshSec is officially releasing 1.0 of the PowerShell module today. •Cleaner code base, a few new additions •First of many regular releases. •Currently twice a year •Download:http://github.com/poshsec/ PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  21. 21. PoshSec Framework My original plan.... ● Create an open source SIEM ● Bake everything inside ● Release it to the community ● Profit... wait... it's free ● Continue my day job! The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  22. 22. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  23. 23. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  24. 24. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  25. 25. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  26. 26. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  27. 27. PoshSec Framework It's not the sum of it's code! Select your player... The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  28. 28. PoshSec Framework Green Ninja ● System Administration ● Basic Networking Functions ● Scan / Audit Domains ● Use Information in Scripts ● Patch Management The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  29. 29. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  30. 30. PoshSec Framework Blue Ninja ● Defensive Team ● Live Port Monitoring ● Application Integrity ● Live File Monitoring ● Log Analysis The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  31. 31. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  32. 32. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014 CVE-2014-1776
  33. 33. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  34. 34. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014 OneGet – PowerShell 5.0 Chocolately http://chocolatey.org
  35. 35. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  36. 36. PoshSec Framework Red Ninja ● Offensive Team ● Powersploit Modules ● Enumeration Tool ● Leverage PSRemoting The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  37. 37. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  38. 38. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014 @obscuresec Own a box, now you need to download a 3rd party tool like python/rube. PowerShell is already there!!!
  39. 39. PoshSec Framework Black Ninja ● Penetration Testing ● Vulnerability Analysis ● Posh-Sec Modules ● Export Systems to Assets The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  40. 40. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  41. 41. PoshSec Framework White Ninja ● Forensics ● Incident Response ● The limit is only based on us The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  42. 42. PoshSec Framework Features: ● Exposed Interface Elements ● Github Integration ● Custom Error Reporting ● Create Tabs for Individual Objects ● Seamless Integration with Scripts The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  43. 43. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  44. 44. PoshSec Framework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014 Unlock-TheKrakken Live Demo!
  45. 45. PoshSec Framework 1.0 http://github.com/poshsec/poshsecframework The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014 PoshSec Framework
  46. 46. PoshSec Developers ● @mwjcomputing ● @jwgoerlich ● @securitymoey ● @mortprime ● @rjcassara ● @sukotto_san ● @PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014 PoshSec Framework
  47. 47. The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014 PoshSec Framework
  48. 48. I Am The Cavalry The Cavalry is a global grassroots organization that is focused on issues where computer security intersects public safety and human life. The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  49. 49. I Am The Cavalry Our areas of focus are medical devices, automobiles, home electronics and public infrastructure. The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  50. 50. I Am The Cavalry ● Content Management ● Project Management ● Administrative Assistance ● Technical Systems Assistance ● Sponsorship Needs The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  51. 51. I Am The Cavalry http://www.iamthecavalry.org/ @iamthecavalry I haz stickerz! The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  52. 52. I Am The Cavalry The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  53. 53. I Am The Cavalry The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  54. 54. Strategic Defense Execution Standard Simple method for planning cyber defenses based on straightforward step-by-step instructions. The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  55. 55. Strategic Defense Execution Standard Help you identify where attacks are likely to come from, where they are likely to go to, how they are likely to get there, and what the impact on your organization will be. The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  56. 56. Strategic Defense Execution Standard The final goal is to implement a defense that will allow you to maintain an acceptable information security posture. The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  57. 57. ● Organization Risk Tolerance ● IT Basics ● Critical Asset Planning ● Threat Scoping ● Strategic Network Mapping ● Attack Vector Identification Focus Strategic Defense Execution Standard The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  58. 58. ● Attack Path Identification ● Defense Planning ● Defense Testing ● Attack Detection and Response Focus (continued) Strategic Defense Execution Standard The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  59. 59. Strategic Defense Execution Standard Current Contributors James Arlen (@Myrcurial) Iftach Ian Amit (@Iamit) Zate (@Zate) Gabe Bassett (@gdbassett) Ben Ten (@Ben0xA) The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  60. 60. Strategic Defense Execution Standard The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  61. 61. Strategic Defense Execution Standard http://wiki.doinginfosecright.com/index.php?title=SDES help@doinginfosecright.com The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  62. 62. The Call of Community Where do you fit in? The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  63. 63. The Call of Community I'm answering the call.... what do you need? ● Contribute Ideas ● Contribute Powershell Modules ● Share your scripts with the community ● Use the tools... give us feedback! The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  64. 64. The Call of Community I'm answering the call.... what do you need? ● Join a Project ● Support a project (skills/financially) ● Discourage Negativity The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  65. 65. The Call of Community This idea is only as strong as this community. It's time to stand together as a team! The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  66. 66. The Call of Community The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  67. 67. The Call of Community The more we work as a team the stronger this community will become. The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  68. 68. The Call of Community Conclusion The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  69. 69. Conclusion Contact Information ● @Ben0xA ● Ben0xA on Freenode (IRC) ● bsideschicago@ben0xa.com ● http://ben0xa.com ● http://github.com/Ben0xA ● http://github.com/PoshSec The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  70. 70. Conclusion Contact Information ● @mwjcomputing The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  71. 71. Conclusion Questions? The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  72. 72. Conclusion Thank you! I have stickers if you want one. The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014
  73. 73. Attribution http://www.virginmedia.com/images/Tennis_for_Two-tennis-431.jpg http://insertcredit.com/wp-content/uploads/2012/11/pong.jpeg http://upload.wikimedia.org/wikipedia/en/0/01/Screenshot_of_Zork_running_on_Frotz_through_iTerm_2_on_Mac_OSX. png http://www.abandonia.com/files/games/410/Chip%27s%20Challenge_3.png http://cdn.akamai.steamstatic.com/steam/apps/240160/ss_f2cf77e7d577b6b2b55f9c4e9c3711abcbdb3846.1920x1080. jpg?t=1387578150 http://static.giantbomb.com/uploads/original/0/4245/290740-map09_oh_noes_two_elementals.png http://1.bp.blogspot.com/--qksWYEfKrE/TrvyGxkyUuI/AAAAAAAAA7E/VfKZGhl5w8s/s1600/Breakout+ %25281978%2529+%2528Atari%2529+%2528PAL%2529_74.png http://freevitathemes.com/wp-content/uploads/2012/03/super-mario.png http://satoshimatrix.files.wordpress.com/2011/08/snake-rattle-n-roll-u-0000.png http://assets1.ignimgs.com/2001/10/19/zelda_nes_boomerang-334450.jpg http://www.socwall.com/images/wallpapers/13209-1680x1050.jpg http://i1.ytimg.com/vi/hSzDAB0Ua4g/hqdefault.jpg http://images4.alphacoders.com/191/191376.jpg http://thoughtsonfilms.files.wordpress.com/2008/08/img_6.jpg http://wiimedia.ign.com/wii/image/article/779/779902/star-fox-64-virtual-console-20070411045113846_640w.jpg http://us.blizzard.com/static/_images/games/wrath/wallpapers/wall1/wall1-1600x1200.jpg http://www.familyfriendlygaming.com/Images/2012/Pics/FINAL_FANTASY_DIMENSIONS/8679battle.png http://images4.alphacoders.com/191/191376.jpg http://86bb71d19d3bcb79effc-d9e6924a0395cb1b5b9f03b7640d26eb.r91.cf1.rackcdn.com/wp- content/uploads/2011/11/the-legend-of-zelda-skyward-sword-walkthrough-artwork.jpg The Call of Community: Modern Warfare Ben0xA – ShowMeCon 2014

×