Overview
Explore active defense strategies in cybersecurity through a conference talk that demonstrates how to turn the tables on threat actors. Learn about innovative techniques like the "Roundtrip Roundkick," "Stomachvivor," and "Reflector Madness" to protect legitimate users while creating obstacles for attackers. Discover how to leverage robots.txt files, sitemap XML files, and directory indexes to enhance security. Examine the impacts of these strategies on attackers' CPU usage and explore alternative active defense options. Gain insights into helping threat actors inadvertently compromise their own systems through clever defensive tactics.
Syllabus
Active Defense Helping Threat Actors Hack Themselves!
Why Active Defense?
Presentation Focus
Inspirations
Conventions Used
Protecting Legitimate Users
"robots.txt" files
Sitemap XML files
Directory Indexes
Authorized Users Only
The Roundtrip Roundkick
Subdomain Examples
Stomachvivor / Gross Out
Reflector Madness
Inside the source code
Going Nowhere Fast!
Pi to the Face
The Setup...
Inside "bookmarks.html"
CPU Impacts to Attackers
The Wrong Answer
Bobby Dropkick
Alternative Active Defense Options
Questions