Overview
Explore the critical aspects of cybersecurity and network vulnerabilities in this 38-minute conference talk from SecureWV 2015. Delve into topics such as data breaches, zero-day vulnerabilities, manual hijacking, and drive-by downloads. Examine the challenges faced by companies in detecting hacks and the importance of avoiding victim-blaming. Investigate user ID security, root access risks, and tools like TCP dump and Echo. Learn about red team strategies, PFsense implementation, and the concept of stateless machines. Gain insights into file integrity, OpenScab, and the complexities of network penetration detection, including the infamous Heartbleed vulnerability.
Syllabus
Intro
Who am I
Cost of data breach
Data Breaches
Windows XP
How do companies know theyve been hacked
Zeroday vulnerabilities
Manual hijacking
Driveby downloads
Ad networks
We are not invincible
Stop shaming companies
Assumptions
caveats
user IDs
substitution dash
why bother
Set User ID
Sticky
Setuid
Run as root
Run as system admin
TCP dump
EchoDe
Password
Shell Swap
Red Team Field Manual
PFsense
Fixing
File Integrity
OpenScab
Stateless machines
Security is the enemy
Do they believe their network has been penetrated
Heartbleed