Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Dark Insight: the Basic of Security - Alexander Obozinskiy

59 views

Published on

Ruby Meditation #17
September 9, 2017
Hub 4.0, Kyiv

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Dark Insight: the Basic of Security - Alexander Obozinskiy

  1. 1. Dark Insight the basics of security by Alexander Obozinsky
  2. 2. We are talking about Things like • BIND TSIG CVE-2017-3143 • Intel AMT CVE-2017-5689 • Doorkeeper CVE-2016-6582 • Google groups for business default settings • Source engine • Ovidiy Stealer • Kerberos CVE-2017-11368 • sudo CVE-2017-1000367 • Skype CVE-2017-6517 • RubyGems CVE-2017-0901
  3. 3. Informational Security Confidentiality Integrity Availability
  4. 4. Cyber Security Is about threats for • Hardware • Software • Network • Data
  5. 5. Hardware Threats • Physical • Not only about servers • Not only about computers • Hidden hardware in your computers • Closed-source firmware • Virtualization • Escaping from guest OS • Clouds
  6. 6. Software Threats • OS security • Vulnerabilities in libraries • Vulnerabilities in server software • 3rd party software can have unexpected side effects • Open source software can be compromised • Insecurity in security software
  7. 7. Network Threats • Passive • Monitoring • Eavesdropping • Active • Tampering • DoS • Buffer Overflow • DNS poisoning • XSS/CSRF/SSRF/SQLi • Networking devices • IoT devices
  8. 8. Data Threats • Can be violated by 3rd persons • Data integrity can be broken by hardware/software failures • Fake data can be used as primary source of truth • Small leak can compromise whole system
  9. 9. Social Engineering Hack by using human psychology vulnerabilities • Giving people what they want • Provoking by content • Road Apple Attack • Phishing • Using information from social networks • Reverse SE
  10. 10. Insiders • You can buy insider info • Insider can be hired by you • Someone can compromise your normal employee • Life circumstances can turn your employees against you • Firing process
  11. 11. Securing Your Systems
  12. 12. Hardware • Personal • Enterprise Workstations • Servers
  13. 13. Operating Systems • Linux distributions • OpenBSD • Windows • Virtual Environments • Containers • Cloud VPS
  14. 14. Software • Design safe systems • Agile vs Security • Security checks • Monitoring • Code inspection and review • Automated security scanning • OWASP Software Assurance Maturity Model
  15. 15. Network • Corporate network • Wifi routers • Guest networks • Mobile Phones • DNS Sec • DMZ • Firewalls • WAF • Intrusion Prevention • Honeypots • Intrusion Detection • Simple Models • Port Knocking • Remote access to your servers through VPN
  16. 16. Data • Integrity • Persistence • Access Restriction • Confidentiality
  17. 17. Cryptography • Ciphers • Asymmetric • RSA/DSA/DH • Symmetric • Block • DES/3DES • Blowfish/AES • Cipher Block Chaining (CBC) • Stream • RC4/ARCFOUR • Salsa20/ChaCha20 • Hash functions • MD5 • SHA
  18. 18. Web Applications Security • SSL/TLS • HTTPS / HTTP2 • letsencrypt.org • Web Application Firewalls • Local • Cloud • AWS/Cloudflare/Akamai • Black box testing • Fuzz testing • White box testing
  19. 19. Software
  20. 20. Tenable Nessus/Pentestit OpenVAS security scanners • 82k/50k plugins • CVE and OpenSCAP databases linked • Nessus (dockerhub pull 100k+) • OpenVAS (dockerhub pull 1m+) • http://www.openvas.org/ • https://www.tenable.com/products/nessus-vulnerability- scanner
  21. 21. w3af OSS web applications audit framework • Contains • Crawl plugins • Audit plugins • Attack plugins • http://w3af.org/
  22. 22. OWASP Zed Attack Proxy Project • Opensource • Dynamically developing • Easy to use • No paid version • https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
  23. 23. nikto • Checks for outdated components • Scan multiple ports on a server, or multiple servers via input file • Identifies installed software via headers, favicons and files • Subdomain guessing • Can log to Metasploit • https://cirt.net/Nikto2
  24. 24. • Scanner for RoR applications • https://brakemanscanner.org/
  25. 25. Radamsa • Open source fuzz testing framework • https://github.com/aoh/radamsa
  26. 26. OSS WAF • NAXSI https://github.com/nbs-system/naxsi • ModSecurity https://modsecurity.org/ • TestCookie https://github.com/kyprizel/testcookie-nginx- module
  27. 27. • Ruby framework • Golden Standard in Industry • https://www.offensive-security.com/metasploit-unleashed/
  28. 28. It’s time
  29. 29. Where to learn? • https://www.hacksplaining.com/ • http://www.cvedetails.com/ • https://www.owasp.org/ • http://www.opennet.ru/ • https://thehackernews.com/ • http://krebsonsecurity.com/ • https://github.com/onlurking/awesome-infosec
  30. 30. qu35710n5? https://gitlab.com/l33t/ahoregator rm@nmc.ninja

×