SlideShare a Scribd company logo

Hack the whale

Marco Ferrigno
Marco Ferrigno

Grazie a Gabriele Previtera e Gaetano Perrone per la parte di Network Security

Technology
1 of 30
Download to read offline
Tips and Tricks to have fun with services like containers Hack the whale
A new IT paradigm let's talk about - why? New IT professionals must face and take an interest about full microservices lifecycle combined with continuous deployment and containers. - who? Architects: that want to know how to design their system around microservices; Operators: that want know how to apply configuration management practices in containers; Developers: that want take the process back into their hands! Manager: that gain a better understanding of project and of it delivery. - what? aka toolbox: containers and orchestration tools
Short happy story Historically, UNIX-style operating system have used the term jail to describe a modified runtime environment for a program that have protected resources. Only since 2005, thanks to Sun Solaris 10, container has become the preferred term for such a runtime environment. Something like this before was seen only with chroot ... but it was not enough! Since 2008, an interesting technology has appeared: LXC LXC is a method to running multiple isolated Linux system (containers, right!) on a control host using a single Linux kernel. One of the key features is the isolation of the namespaces that allows you to isolate groups of processes between them.
Short happy story Using containers has been a best practice for a long time. But manually building containers can be challenging and easy to do incorrectly. These errors and the sense of security must be avoided. Docker solves this problem! Any software run with Docker is run inside a container. Docker uses existing container engines to provide consistent containers build according to best practices.
Containers are not virtualization Without container technology (in particular a cool technology like Docker), businesses typically use virtualization to provide isolation. Virtual machines take a long time to create and require significant resource overhead because they run a whole copy of an operating system in addition to the software you want to use. Unlike VM, programs running inside Docker containers interface directly with the host’s Linux kernel. There isn’t additional layer between the program running inside the container and the computer’s operating system, no resources are wasted by running redundant software or simulating virtual hardware.
Welcome to Docker world Recapping - What is Docker? Docker is a whale … ops … docker is a CL program, a background daemon and a set of remote services that take a logical approach to solving common software problems and simplifying your experience installing, running, publishing and removing software. It accomplishes this using a UNIX technology called containers.
What problem does Docker solve? - Organized software park: Using software is complex! Before installation you have to consider what operating system you are using, the resources the software requires, what other software is already installed and what other software depends on. - Improving portability: The application is agnostic! It is executable on any operating system! - Protecting your infrastructure: Isolation is the key! Anything inside a container can only access things that are inside it as well.
Why is Docker important? - 1 Docker provides what is called an abstraction. Abstractions allow you to work with complicated things in simplified terms. - 2 Docker is significant push in the software community to adopt container technology. This push is so strong in companies like Amazon, Microsoft and Google. They contribute to its development and adopt it in their own cloud offering. - 3 It has made software installation, compartmentalization and removal very simple. Better yet, Docker does it in a cross-platform and open way. - 4 We are finally starting to see better adoption of some of the more advanced isolation features of operating system.
Keywords of Docker world: Dockerfile Docker can build images (later I will explain what an image is) automatically by reading the instructions from a Dockerfile. A Dockerfile is a text document that contains all the commands a user could call on the command line to assemble an image. It is composed of simple commands like: FROM #indicates the source of docker image RUN #execute any commands in a new layer on top of the current image and commit the results COPY #copies new files or directories from a src and adds them to the filesystem of the container at the destination path EXPOSE #informs Docker that the container listens on the specified network ports at runtime VOLUME #creates a mount point with the specified name ... Using docker build (remember -t and -f option) users can create an automated build that executes several command-line instructions in succession.
Keywords of Docker world: docker image A Docker Image is the template needed to build a running Docker Container (the running instance of that image). An Image is an ordered collection of root filesystem changes and the corresponding execution parameters for use within a container runtime. An image typically contains a union of layered filesystems stacked on top of each other. Attention: if we make a change to the image, when we commit we will update only that layer and not the whole image
Keywords of Docker world: docker container A container is a runtime instance of a docker image. A Docker container consists of ● A Docker image ● An execution environment ● A standard set of instructions The concept is borrowed from Shipping Containers, which define a standard to ship goods globally. Docker defines a standard to ship software.
Docker tools: Docker Compose Docker Compose is a tool for defining and running multi-container Docker applications in a single file It uses YAML files to configure the application's services and performs the creation and start-up process of all the containers with a single command. smart example: # Filename: docker-compose.yml wordpress: image: wordpress:4.2.2 links: - db:mysql ports: - 8080:80 db: image: mariadb environment: MYSQL_ROOT_PASSWORD: example
Docker tools: Docker Swarm Docker Swarm is the name of a standalone native clustering tool for Docker. Docker Swarm pools together several Docker hosts and exposes them as a single virtual Docker host. It serves the standard Docker API, so any tool that already works with Docker can now transparently scale up to multiple hosts. Docker node: A node is a physical or virtual machine running an instance of the Docker Engine in swarm mode Manager: perform swarm management and orchestration duties. By default manager nodes are also worker nodes. Worker: execute tasks.
Docker tools: Docker Swarm In Docker Swarm we introduce the concept of service. For each service coincide more containers that run the same application. It is a concept very similar to the clustering within which to guarantee fault-tolerance and high available.
End of first part Are you ready for hands on session?
Intro at Network Security Network Security understood as the security of applications distributed over the IP network and security of network infrastructures
Intro at Network Security Three pillars of network security: 1) Confidentiality 2) Integrity 3) Availability
Remember if you want to make your system safe, know that you must be the first enemy of your system
Step 0: Read “The Art of War” di “SUN TZU” “The victorious warriors first win and then go to war, while the defeated warriors first go to war and then try to win.” “As in war, the rule is to avoid what is strong and to hit what is weak”
The other Step ● Fingerprint ● Scanning ● Enumeration low profile high profile (more intrusive)
Some Tools 1) Fingerprint : a) Fantasy, all information is good b) Maltego (by Marco Nappi) 2) Scanning & Enumeration a) NMAP b) NETCAT
Brute Force It's the more simple attack technique that we can image. when we want login into a protected system and don't have credentials, we can try to login making a password combining ASCII characters
Try, try and try again “It isn’t the more efficient way to obtain a credentials to access at the system, but with a good dictionary (simple text file that contains the password to be tested) it’s work in most cases,especially for weak passwords. ”
Some Tools 1. To make dictionary: a. Know the target; b. Google; c. Fantasy. 2. Brute Force tools: a. Hydra (); b. John the ripper.
Simple Model Memory Reserved Stack Code Global Data Heap Each area contains different information and each process can only access certain portions of these areas Stack: Area that contain local variables and other information for function call. Heap: Area that contain variables that are dynamically allocated. Global Data: Area that contain global variables.
Buffer Overflow A condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, -overwriting other information. Attackers exploit such a condition to crash a system or to insert -specially crafted code that allows them to gain control of the system. [STALLINGS]
Buffer Overflow Usually a buffer overflow attack have as scope modify the content of variables near buffer, or load and execute a malicious code.
Buffer Overflow: Example What is wrong in this function's code? void readMessage(int socket,char * buffer){ FILE *fp=fdopen(socket,"r"); fscanf(fp,"%s",buffer); fclose(fp); }
Useful references 1. Course materials by Simon Pietro Romano docenti.unina.it; 2. Hacking Exposed 7: Network Security Secrets and Solutions; 3. Cryptography and Network Security: Principles and Practice ; 4. Google; 5. Exploit-DB; 6. Docker web-site. 7. Buffer Overflow gitlab project: http://gitlab.comics.unina.it/Previtera/BufferOverflow/tree/master 8. Jabba The Hack gitlab project: http://gitlab.comics.unina.it/NS-Projects/JabbaTheHack/tree/master/JabbaDocker

Recommended

Docker
DockerDocker
DockerNeeraj Wadhwa
 
Docker training
Docker trainingDocker training
Docker trainingKiran Kumar
 
paper
paperpaper
paperAnkit Mishra
 
Overview of Docker
Overview of DockerOverview of Docker
Overview of DockerGauranG Bajpai
 
Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?Jérôme Petazzoni
 
Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015Jérôme Petazzoni
 
Understanding the container landscape and it associated projects
Understanding the container landscape and it associated projectsUnderstanding the container landscape and it associated projects
Understanding the container landscape and it associated projectsAnthony Chow
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationImesh Gunaratne
 

Recommended

Docker
DockerDocker
DockerNeeraj Wadhwa
 
Docker training
Docker trainingDocker training
Docker trainingKiran Kumar
 
paper
paperpaper
paperAnkit Mishra
 
Overview of Docker
Overview of DockerOverview of Docker
Overview of DockerGauranG Bajpai
 
Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?Jérôme Petazzoni
 
Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015Jérôme Petazzoni
 
Understanding the container landscape and it associated projects
Understanding the container landscape and it associated projectsUnderstanding the container landscape and it associated projects
Understanding the container landscape and it associated projectsAnthony Chow
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationImesh Gunaratne
 
24 23 jun17 2may17 16231 ijeecs latest_version (1) edit septian
24 23 jun17 2may17 16231 ijeecs latest_version (1) edit septian24 23 jun17 2may17 16231 ijeecs latest_version (1) edit septian
24 23 jun17 2may17 16231 ijeecs latest_version (1) edit septianIAESIJEECS
 
An operational view into docker registry with scalability, access control and...
An operational view into docker registry with scalability, access control and...An operational view into docker registry with scalability, access control and...
An operational view into docker registry with scalability, access control and...Conference Papers
 
Containerization Report
Containerization ReportContainerization Report
Containerization ReportJatin Chauhan
 
Hands on introduction to docker security for docker newbies
Hands on introduction to docker security for docker newbiesHands on introduction to docker security for docker newbies
Hands on introduction to docker security for docker newbiesYigal Elefant
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Codemotion
 
HPC Cloud Burst Using Docker
HPC Cloud Burst Using DockerHPC Cloud Burst Using Docker
HPC Cloud Burst Using DockerIRJET Journal
 
Introduction to Docker and deployment and Azure
Introduction to Docker and deployment and AzureIntroduction to Docker and deployment and Azure
Introduction to Docker and deployment and AzureJérôme Petazzoni
 
Axigen on docker
Axigen on dockerAxigen on docker
Axigen on dockerBUSINESS SOFTWARES & SOLUTIONS
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 RecapLee Calcote
 
Docker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityDocker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityJérôme Petazzoni
 
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on AzureDevoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on AzurePatrick Chanezon
 
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker SecurityTokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker SecurityPhil Estes
 
Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302Boden Russell
 
Kernel linux lab manual feb (1)
Kernel linux lab manual feb (1)Kernel linux lab manual feb (1)
Kernel linux lab manual feb (1)johny shaik
 
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Jérôme Petazzoni
 
Docker
DockerDocker
DockerAbhishek Tomar
 
The Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deploymentThe Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deploymentJérôme Petazzoni
 
The building blocks of docker.
The building blocks of docker.The building blocks of docker.
The building blocks of docker.Chafik Belhaoues
 
Docker: Aspects of Container Isolation
Docker: Aspects of Container IsolationDocker: Aspects of Container Isolation
Docker: Aspects of Container Isolationallingeek
 
[@NaukriEngineering] Docker 101
[@NaukriEngineering] Docker 101[@NaukriEngineering] Docker 101
[@NaukriEngineering] Docker 101Naukri.com
 
Containerization and Docker
Containerization and DockerContainerization and Docker
Containerization and DockerMegha Bansal
 
Dockers and containers basics
Dockers and containers basicsDockers and containers basics
Dockers and containers basicsSourabh Saxena
 

More Related Content

What's hot

24 23 jun17 2may17 16231 ijeecs latest_version (1) edit septian
24 23 jun17 2may17 16231 ijeecs latest_version (1) edit septian24 23 jun17 2may17 16231 ijeecs latest_version (1) edit septian
24 23 jun17 2may17 16231 ijeecs latest_version (1) edit septianIAESIJEECS
 
An operational view into docker registry with scalability, access control and...
An operational view into docker registry with scalability, access control and...An operational view into docker registry with scalability, access control and...
An operational view into docker registry with scalability, access control and...Conference Papers
 
Containerization Report
Containerization ReportContainerization Report
Containerization ReportJatin Chauhan
 
Hands on introduction to docker security for docker newbies
Hands on introduction to docker security for docker newbiesHands on introduction to docker security for docker newbies
Hands on introduction to docker security for docker newbiesYigal Elefant
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Codemotion
 
HPC Cloud Burst Using Docker
HPC Cloud Burst Using DockerHPC Cloud Burst Using Docker
HPC Cloud Burst Using DockerIRJET Journal
 
Introduction to Docker and deployment and Azure
Introduction to Docker and deployment and AzureIntroduction to Docker and deployment and Azure
Introduction to Docker and deployment and AzureJérôme Petazzoni
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 RecapLee Calcote
 
Docker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityDocker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityJérôme Petazzoni
 
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on AzureDevoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on AzurePatrick Chanezon
 
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker SecurityTokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker SecurityPhil Estes
 
Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302Boden Russell
 
Kernel linux lab manual feb (1)
Kernel linux lab manual feb (1)Kernel linux lab manual feb (1)
Kernel linux lab manual feb (1)johny shaik
 
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Jérôme Petazzoni
 
The Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deploymentThe Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deploymentJérôme Petazzoni
 
The building blocks of docker.
The building blocks of docker.The building blocks of docker.
The building blocks of docker.Chafik Belhaoues
 
Docker: Aspects of Container Isolation
Docker: Aspects of Container IsolationDocker: Aspects of Container Isolation
Docker: Aspects of Container Isolationallingeek
 
[@NaukriEngineering] Docker 101
[@NaukriEngineering] Docker 101[@NaukriEngineering] Docker 101
[@NaukriEngineering] Docker 101Naukri.com
 

What's hot (20)

24 23 jun17 2may17 16231 ijeecs latest_version (1) edit septian
24 23 jun17 2may17 16231 ijeecs latest_version (1) edit septian24 23 jun17 2may17 16231 ijeecs latest_version (1) edit septian
24 23 jun17 2may17 16231 ijeecs latest_version (1) edit septian
 
An operational view into docker registry with scalability, access control and...
An operational view into docker registry with scalability, access control and...An operational view into docker registry with scalability, access control and...
An operational view into docker registry with scalability, access control and...
 
Containerization Report
Containerization ReportContainerization Report
Containerization Report
 
Hands on introduction to docker security for docker newbies
Hands on introduction to docker security for docker newbiesHands on introduction to docker security for docker newbies
Hands on introduction to docker security for docker newbies
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
 
HPC Cloud Burst Using Docker
HPC Cloud Burst Using DockerHPC Cloud Burst Using Docker
HPC Cloud Burst Using Docker
 
Introduction to Docker and deployment and Azure
Introduction to Docker and deployment and AzureIntroduction to Docker and deployment and Azure
Introduction to Docker and deployment and Azure
 
Axigen on docker
Axigen on dockerAxigen on docker
Axigen on docker
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 Recap
 
Docker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityDocker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and security
 
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on AzureDevoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
 
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker SecurityTokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker Security
 
Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302
 
Kernel linux lab manual feb (1)
Kernel linux lab manual feb (1)Kernel linux lab manual feb (1)
Kernel linux lab manual feb (1)
 
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
 
Docker
DockerDocker
Docker
 
The Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deploymentThe Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deployment
 
The building blocks of docker.
The building blocks of docker.The building blocks of docker.
The building blocks of docker.
 
Docker: Aspects of Container Isolation
Docker: Aspects of Container IsolationDocker: Aspects of Container Isolation
Docker: Aspects of Container Isolation
 
[@NaukriEngineering] Docker 101
[@NaukriEngineering] Docker 101[@NaukriEngineering] Docker 101
[@NaukriEngineering] Docker 101
 

Similar to Hack the whale

Containerization and Docker
Containerization and DockerContainerization and Docker
Containerization and DockerMegha Bansal
 
Dockers and containers basics
Dockers and containers basicsDockers and containers basics
Dockers and containers basicsSourabh Saxena
 
Docker interview Questions-2.pdf
Docker interview Questions-2.pdfDocker interview Questions-2.pdf
Docker interview Questions-2.pdfYogeshwaran R
 
Docker_Interview_Questions__Answers.pdf
Docker_Interview_Questions__Answers.pdfDocker_Interview_Questions__Answers.pdf
Docker_Interview_Questions__Answers.pdfRifqiMultazamOfficia
 
containers and virtualization tools ( Docker )
containers and virtualization tools ( Docker )containers and virtualization tools ( Docker )
containers and virtualization tools ( Docker )Imo Inyang
 
Docker for Professionals: The Practical Guide
Docker for Professionals: The Practical GuideDocker for Professionals: The Practical Guide
Docker for Professionals: The Practical GuidePaddy Lock
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with DockerAndrey Hristov
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with DockerAndrey Hristov
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapPatrick Chanezon
 
Docker security: Rolling out Trust in your container
Docker security: Rolling out Trust in your containerDocker security: Rolling out Trust in your container
Docker security: Rolling out Trust in your containerRonak Kogta
 
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ....docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ...ICON UK EVENTS Limited
 
Docker Interview Questions
Docker Interview QuestionsDocker Interview Questions
Docker Interview QuestionsSatyam Jaiswal
 
docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...Matteo Bisi
 

Similar to Hack the whale (20)

Containerization and Docker
Containerization and DockerContainerization and Docker
Containerization and Docker
 
Dockers and containers basics
Dockers and containers basicsDockers and containers basics
Dockers and containers basics
 
What is Docker?
What is Docker?What is Docker?
What is Docker?
 
Containerization using docker and its applications
Containerization using docker and its applicationsContainerization using docker and its applications
Containerization using docker and its applications
 
Containerization using docker and its applications
Containerization using docker and its applicationsContainerization using docker and its applications
Containerization using docker and its applications
 
Docker interview Questions-2.pdf
Docker interview Questions-2.pdfDocker interview Questions-2.pdf
Docker interview Questions-2.pdf
 
Docker_Interview_Questions__Answers.pdf
Docker_Interview_Questions__Answers.pdfDocker_Interview_Questions__Answers.pdf
Docker_Interview_Questions__Answers.pdf
 
containers and virtualization tools ( Docker )
containers and virtualization tools ( Docker )containers and virtualization tools ( Docker )
containers and virtualization tools ( Docker )
 
Docker basics
Docker basicsDocker basics
Docker basics
 
Docker for Professionals: The Practical Guide
Docker for Professionals: The Practical GuideDocker for Professionals: The Practical Guide
Docker for Professionals: The Practical Guide
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with Docker
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with Docker
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
 
Docker intro
Docker introDocker intro
Docker intro
 
Docker Ecosystem on Azure
Docker Ecosystem on AzureDocker Ecosystem on Azure
Docker Ecosystem on Azure
 
Docker security: Rolling out Trust in your container
Docker security: Rolling out Trust in your containerDocker security: Rolling out Trust in your container
Docker security: Rolling out Trust in your container
 
Docker In Brief
Docker In BriefDocker In Brief
Docker In Brief
 
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ....docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
 
Docker Interview Questions
Docker Interview QuestionsDocker Interview Questions
Docker Interview Questions
 
docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...
 

More from Marco Ferrigno

The DevOps paradigm - the evolution of IT professionals and opensource toolkit
The DevOps paradigm - the evolution of IT professionals and opensource toolkitThe DevOps paradigm - the evolution of IT professionals and opensource toolkit
The DevOps paradigm - the evolution of IT professionals and opensource toolkitMarco Ferrigno
 
GNU/Linux for embedded system
GNU/Linux for embedded systemGNU/Linux for embedded system
GNU/Linux for embedded systemMarco Ferrigno
 
Linux Security Hardening - panoramica sui principi generali per la riduzione...
Linux Security Hardening - panoramica sui principi generali per la riduzione...Linux Security Hardening - panoramica sui principi generali per la riduzione...
Linux Security Hardening - panoramica sui principi generali per la riduzione...Marco Ferrigno
 
Programma il futuro: una scelta open source
Programma il futuro: una scelta open sourceProgramma il futuro: una scelta open source
Programma il futuro: una scelta open sourceMarco Ferrigno
 
La complessità del malware: analisi strutturale ed ambienti di sviluppo
La complessità del malware: analisi strutturale ed ambienti di sviluppoLa complessità del malware: analisi strutturale ed ambienti di sviluppo
La complessità del malware: analisi strutturale ed ambienti di sviluppoMarco Ferrigno
 
Data hiding - metodologie e strumenti open source
Data hiding - metodologie e strumenti open sourceData hiding - metodologie e strumenti open source
Data hiding - metodologie e strumenti open sourceMarco Ferrigno
 
Security and hacking engineering - metodologie di attacco e difesa con strume...
Security and hacking engineering - metodologie di attacco e difesa con strume...Security and hacking engineering - metodologie di attacco e difesa con strume...
Security and hacking engineering - metodologie di attacco e difesa con strume...Marco Ferrigno
 
PIT2012: Workshop@UniNA - Compilazione del Kernel Linux
PIT2012: Workshop@UniNA - Compilazione del Kernel LinuxPIT2012: Workshop@UniNA - Compilazione del Kernel Linux
PIT2012: Workshop@UniNA - Compilazione del Kernel LinuxMarco Ferrigno
 
Digital Forensics: metodologie analisi multipiattaforma
Digital Forensics: metodologie analisi multipiattaformaDigital Forensics: metodologie analisi multipiattaforma
Digital Forensics: metodologie analisi multipiattaformaMarco Ferrigno
 
Understanding Linux: 20 anni di kernel tra storia e tecnica
Understanding Linux: 20 anni di kernel tra storia e tecnicaUnderstanding Linux: 20 anni di kernel tra storia e tecnica
Understanding Linux: 20 anni di kernel tra storia e tecnicaMarco Ferrigno
 
Cyber Forensics - Acquisizione e analisi dei dati
Cyber Forensics - Acquisizione e analisi dei datiCyber Forensics - Acquisizione e analisi dei dati
Cyber Forensics - Acquisizione e analisi dei datiMarco Ferrigno
 

More from Marco Ferrigno (11)

The DevOps paradigm - the evolution of IT professionals and opensource toolkit
The DevOps paradigm - the evolution of IT professionals and opensource toolkitThe DevOps paradigm - the evolution of IT professionals and opensource toolkit
The DevOps paradigm - the evolution of IT professionals and opensource toolkit
 
GNU/Linux for embedded system
GNU/Linux for embedded systemGNU/Linux for embedded system
GNU/Linux for embedded system
 
Linux Security Hardening - panoramica sui principi generali per la riduzione...
Linux Security Hardening - panoramica sui principi generali per la riduzione...Linux Security Hardening - panoramica sui principi generali per la riduzione...
Linux Security Hardening - panoramica sui principi generali per la riduzione...
 
Programma il futuro: una scelta open source
Programma il futuro: una scelta open sourceProgramma il futuro: una scelta open source
Programma il futuro: una scelta open source
 
La complessità del malware: analisi strutturale ed ambienti di sviluppo
La complessità del malware: analisi strutturale ed ambienti di sviluppoLa complessità del malware: analisi strutturale ed ambienti di sviluppo
La complessità del malware: analisi strutturale ed ambienti di sviluppo
 
Data hiding - metodologie e strumenti open source
Data hiding - metodologie e strumenti open sourceData hiding - metodologie e strumenti open source
Data hiding - metodologie e strumenti open source
 
Security and hacking engineering - metodologie di attacco e difesa con strume...
Security and hacking engineering - metodologie di attacco e difesa con strume...Security and hacking engineering - metodologie di attacco e difesa con strume...
Security and hacking engineering - metodologie di attacco e difesa con strume...
 
PIT2012: Workshop@UniNA - Compilazione del Kernel Linux
PIT2012: Workshop@UniNA - Compilazione del Kernel LinuxPIT2012: Workshop@UniNA - Compilazione del Kernel Linux
PIT2012: Workshop@UniNA - Compilazione del Kernel Linux
 
Digital Forensics: metodologie analisi multipiattaforma
Digital Forensics: metodologie analisi multipiattaformaDigital Forensics: metodologie analisi multipiattaforma
Digital Forensics: metodologie analisi multipiattaforma
 
Understanding Linux: 20 anni di kernel tra storia e tecnica
Understanding Linux: 20 anni di kernel tra storia e tecnicaUnderstanding Linux: 20 anni di kernel tra storia e tecnica
Understanding Linux: 20 anni di kernel tra storia e tecnica
 
Cyber Forensics - Acquisizione e analisi dei dati
Cyber Forensics - Acquisizione e analisi dei datiCyber Forensics - Acquisizione e analisi dei dati
Cyber Forensics - Acquisizione e analisi dei dati
 

Recently uploaded

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 

Recently uploaded (20)

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 

Hack the whale

  • 1. Tips and Tricks to have fun with services like containers Hack the whale
  • 2. A new IT paradigm let's talk about - why? New IT professionals must face and take an interest about full microservices lifecycle combined with continuous deployment and containers. - who? Architects: that want to know how to design their system around microservices; Operators: that want know how to apply configuration management practices in containers; Developers: that want take the process back into their hands! Manager: that gain a better understanding of project and of it delivery. - what? aka toolbox: containers and orchestration tools
  • 3. Short happy story Historically, UNIX-style operating system have used the term jail to describe a modified runtime environment for a program that have protected resources. Only since 2005, thanks to Sun Solaris 10, container has become the preferred term for such a runtime environment. Something like this before was seen only with chroot ... but it was not enough! Since 2008, an interesting technology has appeared: LXC LXC is a method to running multiple isolated Linux system (containers, right!) on a control host using a single Linux kernel. One of the key features is the isolation of the namespaces that allows you to isolate groups of processes between them.
  • 4. Short happy story Using containers has been a best practice for a long time. But manually building containers can be challenging and easy to do incorrectly. These errors and the sense of security must be avoided. Docker solves this problem! Any software run with Docker is run inside a container. Docker uses existing container engines to provide consistent containers build according to best practices.
  • 5. Containers are not virtualization Without container technology (in particular a cool technology like Docker), businesses typically use virtualization to provide isolation. Virtual machines take a long time to create and require significant resource overhead because they run a whole copy of an operating system in addition to the software you want to use. Unlike VM, programs running inside Docker containers interface directly with the host’s Linux kernel. There isn’t additional layer between the program running inside the container and the computer’s operating system, no resources are wasted by running redundant software or simulating virtual hardware.
  • 6. Welcome to Docker world Recapping - What is Docker? Docker is a whale … ops … docker is a CL program, a background daemon and a set of remote services that take a logical approach to solving common software problems and simplifying your experience installing, running, publishing and removing software. It accomplishes this using a UNIX technology called containers.
  • 7. What problem does Docker solve? - Organized software park: Using software is complex! Before installation you have to consider what operating system you are using, the resources the software requires, what other software is already installed and what other software depends on. - Improving portability: The application is agnostic! It is executable on any operating system! - Protecting your infrastructure: Isolation is the key! Anything inside a container can only access things that are inside it as well.
  • 8. Why is Docker important? - 1 Docker provides what is called an abstraction. Abstractions allow you to work with complicated things in simplified terms. - 2 Docker is significant push in the software community to adopt container technology. This push is so strong in companies like Amazon, Microsoft and Google. They contribute to its development and adopt it in their own cloud offering. - 3 It has made software installation, compartmentalization and removal very simple. Better yet, Docker does it in a cross-platform and open way. - 4 We are finally starting to see better adoption of some of the more advanced isolation features of operating system.
  • 9. Keywords of Docker world: Dockerfile Docker can build images (later I will explain what an image is) automatically by reading the instructions from a Dockerfile. A Dockerfile is a text document that contains all the commands a user could call on the command line to assemble an image. It is composed of simple commands like: FROM #indicates the source of docker image RUN #execute any commands in a new layer on top of the current image and commit the results COPY #copies new files or directories from a src and adds them to the filesystem of the container at the destination path EXPOSE #informs Docker that the container listens on the specified network ports at runtime VOLUME #creates a mount point with the specified name ... Using docker build (remember -t and -f option) users can create an automated build that executes several command-line instructions in succession.
  • 10. Keywords of Docker world: docker image A Docker Image is the template needed to build a running Docker Container (the running instance of that image). An Image is an ordered collection of root filesystem changes and the corresponding execution parameters for use within a container runtime. An image typically contains a union of layered filesystems stacked on top of each other. Attention: if we make a change to the image, when we commit we will update only that layer and not the whole image
  • 11. Keywords of Docker world: docker container A container is a runtime instance of a docker image. A Docker container consists of ● A Docker image ● An execution environment ● A standard set of instructions The concept is borrowed from Shipping Containers, which define a standard to ship goods globally. Docker defines a standard to ship software.
  • 12.
  • 13. Docker tools: Docker Compose Docker Compose is a tool for defining and running multi-container Docker applications in a single file It uses YAML files to configure the application's services and performs the creation and start-up process of all the containers with a single command. smart example: # Filename: docker-compose.yml wordpress: image: wordpress:4.2.2 links: - db:mysql ports: - 8080:80 db: image: mariadb environment: MYSQL_ROOT_PASSWORD: example
  • 14. Docker tools: Docker Swarm Docker Swarm is the name of a standalone native clustering tool for Docker. Docker Swarm pools together several Docker hosts and exposes them as a single virtual Docker host. It serves the standard Docker API, so any tool that already works with Docker can now transparently scale up to multiple hosts. Docker node: A node is a physical or virtual machine running an instance of the Docker Engine in swarm mode Manager: perform swarm management and orchestration duties. By default manager nodes are also worker nodes. Worker: execute tasks.
  • 15. Docker tools: Docker Swarm In Docker Swarm we introduce the concept of service. For each service coincide more containers that run the same application. It is a concept very similar to the clustering within which to guarantee fault-tolerance and high available.
  • 16. End of first part Are you ready for hands on session?
  • 17. Intro at Network Security Network Security understood as the security of applications distributed over the IP network and security of network infrastructures
  • 18. Intro at Network Security Three pillars of network security: 1) Confidentiality 2) Integrity 3) Availability
  • 19. Remember if you want to make your system safe, know that you must be the first enemy of your system
  • 20. Step 0: Read “The Art of War” di “SUN TZU” “The victorious warriors first win and then go to war, while the defeated warriors first go to war and then try to win.” “As in war, the rule is to avoid what is strong and to hit what is weak”
  • 21. The other Step ● Fingerprint ● Scanning ● Enumeration low profile high profile (more intrusive)
  • 22. Some Tools 1) Fingerprint : a) Fantasy, all information is good b) Maltego (by Marco Nappi) 2) Scanning & Enumeration a) NMAP b) NETCAT
  • 23. Brute Force It's the more simple attack technique that we can image. when we want login into a protected system and don't have credentials, we can try to login making a password combining ASCII characters
  • 24. Try, try and try again “It isn’t the more efficient way to obtain a credentials to access at the system, but with a good dictionary (simple text file that contains the password to be tested) it’s work in most cases,especially for weak passwords. ”
  • 25. Some Tools 1. To make dictionary: a. Know the target; b. Google; c. Fantasy. 2. Brute Force tools: a. Hydra (); b. John the ripper.
  • 26. Simple Model Memory Reserved Stack Code Global Data Heap Each area contains different information and each process can only access certain portions of these areas Stack: Area that contain local variables and other information for function call. Heap: Area that contain variables that are dynamically allocated. Global Data: Area that contain global variables.
  • 27. Buffer Overflow A condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, -overwriting other information. Attackers exploit such a condition to crash a system or to insert -specially crafted code that allows them to gain control of the system. [STALLINGS]
  • 28. Buffer Overflow Usually a buffer overflow attack have as scope modify the content of variables near buffer, or load and execute a malicious code.
  • 29. Buffer Overflow: Example What is wrong in this function's code? void readMessage(int socket,char * buffer){ FILE *fp=fdopen(socket,"r"); fscanf(fp,"%s",buffer); fclose(fp); }
  • 30. Useful references 1. Course materials by Simon Pietro Romano docenti.unina.it; 2. Hacking Exposed 7: Network Security Secrets and Solutions; 3. Cryptography and Network Security: Principles and Practice ; 4. Google; 5. Exploit-DB; 6. Docker web-site. 7. Buffer Overflow gitlab project: http://gitlab.comics.unina.it/Previtera/BufferOverflow/tree/master 8. Jabba The Hack gitlab project: http://gitlab.comics.unina.it/NS-Projects/JabbaTheHack/tree/master/JabbaDocker