Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Crazy Like A Fox - #Infosec Ideas That Just Might Work

400 views

Published on

Slides from an Ignite Talk given at O'Reilly Security NYC, 2016-10-31. Talk details will be posted at https://www.netmeister.org/blog/crazy-like-a-fox.html

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Crazy Like A Fox - #Infosec Ideas That Just Might Work

  1. 1. Crazy like a Fox #Infosec  Ideas  that  Just  Might  Work™   @jschauma  
  2. 2. Think differently. Use  an  adverb  to  describe  our  mental   process  correct.   @jschauma  
  3. 3. Get pwned. Hard. @jschauma  
  4. 4. Get pwned. Hard. @jschauma   (Then  blame  APT.)  
  5. 5. Pay outside consultants to tell you what you already know. @jschauma  
  6. 6. Pay outside consultants to tell you what you already know. @jschauma   If  they  come  up  with  other  ideas,   one  of  you  is  likely  wrong.  Figure  out  who.    
  7. 7. mount  -­‐o  noexec,nosuid,nodev  /home   mount  -­‐o  noexec,nosuid,nodev  /tmp   …   @jschauma   mount –o ro /
  8. 8. Just because Microsoft does it, doesn’t necessarily mean it’s terrible. I  <3   Kerberos.   @jschauma  
  9. 9. Forget Network ACLs. @jschauma  
  10. 10. Forget Network ACLs. @jschauma   You’ve  been  pwned   already.  
  11. 11. root ssh for everybody! @jschauma  
  12. 12. root ssh for everybody! Most  frequently  executed  sudo(8)  commands?   Survey  says:  bash(1),  su(1)   @jschauma  
  13. 13. No login for you! Come back… never! Sorry,  not  a  fox.   @jschauma  
  14. 14. Reboot, refresh, repeat. @jschauma   What  could  possibly  happen?  
  15. 15. Security   is  everybody’s   responsibility.   @jschauma  
  16. 16. Embrace “cyber”. It’s  YUGE.   @jschauma  
  17. 17. @jschauma   Focus
  18. 18. @jschauma   Focus Srsly.     Stop.   Doing.   Unimportant.   Shit.  
  19. 19. Think differently. •  Get  pwned.  Hard.  (Then  blame  APT.)   •  Pay  consultants  to  tell  you  what  you  already  know.   •  Learn  from  Microso].  (Don’t  reimplement  Kerberos.)   •  mount  –o  ro  /;  mount  –o  nosuid,noexec,nodev  /home   •  Forget  ACLs.  (You’re  already  pwned.)   •  root  ssh  for  everybody!   •  No  logins  whatsoever.  (User  login  =>  reimage.)   •  Auto-­‐reboot  and  auto-­‐update  regularly.   •  Make  security  everybody’s  job.   •  Embrace  “cyber”.   @jschauma   Focus.
  20. 20. @jschauma   Think differently. Focus. •  Get  pwned.  Hard.  (Then  blame  APT.)   •  Pay  consultants  to  tell  you  what  you  already  know.   •  Learn  from  Microso].  (Don’t  reimplement  Kerberos.)   •  mount  –o  ro  /;  mount  –o  nosuid,noexec,nodev  /home   •  Forget  ACLs.  (You’re  already  pwned.)   •  root  ssh  for  everybody!   •  No  logins  whatsoever.  (User  login  =>  reimage.)   •  Auto-­‐reboot  and  auto-­‐update  regularly.   •  Make  security  everybody’s  job.   •  Embrace  “cyber”.  

×