Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Shahee living with-the_ghost-final


Published on

Configuration errors can cause similiar system failure like software bugs. misconfigurations can replicate crashes, hangs, silent failures of the system, the common characteristics found in every software bugs. But sysadmins usually ignores these misconfiguration issues if systems seems up and running smoothly. Usually unlike software bugs which gets much attention, the misconfiguration issues are usually neglected, which may lead to a data breach even system breach and unauthorised network access. And one day these misconguration becomes a living place of the ghosts in the network.

Published in: Internet
  • My personal experience with research paper writing services was highly positive. I sent a request to ⇒ ⇐ and found a writer within a few minutes. Because I had to move house and I literally didn’t have any time to sit on a computer for many hours every evening. Thankfully, the writer I chose followed my instructions to the letter. I know we can all write essays ourselves. For those in the same situation I was in, I recommend ⇒ ⇐.
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Shahee living with-the_ghost-final

  1. 1. Living With The Ghost A tale of Misconfigurations
  2. 2. -Head of Security Operations @ BEETLES -Father of XAVIAN -Security Researcher -Lame Joke poster at FB Status -CCISO, CEH, MCSA, MCP -Serious at Twitter: @shaheemirza
  3. 3. Whoever said, “There’s no such thing as bad publicity” never experienced a data breach.
  4. 4. What we do
  5. 5. What we know
  6. 6. What we see [from a small POC test]
  7. 7. But SysAdmins only see RED
  8. 8. Gh0sT in the Ignored
  9. 9. Security Misconfiguration Security misconfiguration can happen at any level of an application stack, including the network services, platform, web server, application server, database, frameworks, custom code, and pre-installed virtual machines, containers, or storage.
  10. 10. How it happens ● Information disclosures ● Directory listing ● Stack traces or debug mode enabled ● Outdated or unpatched software/hardware ● Default credential ● Unnecessary features ● Unprotected resources ● Overly permissive policies ● CNAME record and unclaimed cloud resources
  11. 11. Unpatched routers Bangladesh have nearly 400+ vulnerable CISCO devices to CVE-2018-0171
  12. 12. Unpatched routers Bangladesh have nearly 800+ vulnerable MIKROTIK devices to CVE-2018-14847 are already infected by COINHIVE miner.
  13. 13. Unprotected resources Bangladesh have 1000++ unprotected devices directly connected to internet.
  14. 14. Default credential Bangladesh is the HOME of default credential enabled Systems.
  15. 15. ISP’s are using common password workinher
  16. 16. This is a global problem
  17. 17. What we found [Case X]
  18. 18. The Mind Gap Biz VS Devs VS OPS
  19. 19. THANKS