Overview
Explore tactical diversion-driven defense strategies in this 24-minute conference talk from Derbycon 2015. Delve into the concepts of diversion and deception warfare, examining historical examples like Operation Mincemeat. Learn about network defense techniques including honey pots, fake web applications, and VPNs. Discover the importance of human defense elements, such as free coupons and spearfishing awareness. Gain insights into rogue WiFi access points, bridging honeypots, and social engineering tactics. Examine practical examples using Metasploit, security tools like Shelter, and IT implementations. Master the art of tactical diversion to enhance your organization's cybersecurity posture.
Syllabus
Introduction
Overview
Diversion Deception Warfare
Operation Mincemeat
Quality Focus
Feedback
Network Defense
Honey Pots
Use Cases
Fake Web Applications
Fake VPN
Clientside code
Honeypot
Zip Bomb
Human Defense
Keys to Success
Free Coupons
Spearfishing
Rogue WiFi Access Points
Bridging
Honeypots
Kip
Capo Honeypot
Social Engineering
Metasploit Example
Security Tools
Shelter
Shelter Example
IT Example
Wrap Up