The Compromises of the Constitution Or Hey! Can’t we all just get along?!?
Hey you... get off my network
-
Upload
esmaeil-sarabadani -
Category
Technology
-
view
1.413 -
download
1
description
Transcript of Hey you... get off my network
Hey You… Get off my Network…How to stay firm against security threats and plan ahead for security…
Esmaeil SarabadaniSystems and Security Consultant
• The History and Story of DATA …• Cloud Computing and its Possible Security Threats• Security in the Cloud from the Client’s Perspective• Social Engineering• Security Misconfiguration
• Microsoft Attack Surface Analyzer• Microsoft Baseline Security Analyzer
• Security Vulnerabilities• 0-Day Exploits and How to Stop Them...
• Enhanced Mitigation Experience Toolkit
• Endpoint Security
What will be covered …
The Changing World !!!
Living in a Connected World…
DATA
Data in the Past
• More Static
• Difficult to Move
• Higher Risk of Loss
• More Physical Security
• Less Storage Space
Now Data is in …
CLOUD
• Reduced Cost• Increased Storage• Highly Automated
• Flexibility• More Mobility • More Power
What Type of Data is in the Cloud?
• Corporate Important Data• Users’ Personal Data• Credit Card Information • Government’s Confidential Information• People’s Personal Information like Phone Numbers, e-mail Addresses, User Accounts and Passwords and so more.• And so more…
How Secure
is the C
loud ?!!
Hacked !!!On April 19th 2011
• The network outage for one month.
• More than 100 million users’ credit card information was stolen.
• 3.18 Billion USD forecasted Sony loss.
• Losing so many of its users.
Let’s l
ook at it
in an
other way
…
the Social Networking websites
have Changed the way human being interacts…
600 million Users
200 million Users
100 million Users• Status Messages• Foursquare Check-ins • Phone Numbers• Photos and Videos
People are revealing so much information about themselves …
Result = Less Control - Less Privacy
Social Engineering an Old but Empowered Technique
• It is easier now with the growth in social network.
• Everything you do produces data
• Hackers use that data• Security focus is too much on
distant attacks• Nobody really knows what
needs to be secured
A Famous Hacker and Social Engineer
• Hacked into Pentagon, FBI, Novell, University of California, Motorola, Nokia, Sun Microsystems, Fujitsu Siemens
• 5 Years in Prison
• Computer Security Consultant Now
Step 1Reconnaissance
Step 2Initial intrusion
into the network
Step 3Establish a
backdoor into the network
Step 4Obtain user credentials
Step 5Install various
utilities
Step 6Privilege escalation /lateral movement /data exfiltration
Step 7Maintain
persistence
The Steps in Hacking
We can stop the hackers from the very beginning steps.
Security Management Threat and Vulnerability Management, Monitoring and Response
Edge Routers, Firewalls, Intrusion Detection, Vulnerability ScanningNetwork Perimeter
Dual-factor Authorization, Intrusion Detection, Vulnerability ScanningInternal Network
Access Control and Monitoring, Anti-Malware, Patch and Configuration ManagementHost
Secure Engineering (SDL), Access Control and Monitoring, Anti-MalwareApplication
Access Control and Monitoring, File/Data IntegrityData
User Account Management, Training and Awareness, Screening
Facility Physical Controls, Video Surveillance, Access Control
Adopting a Multi-Layered Defense Approach
Defense in Depth
Microsoft Attack Surface Analyzer
• Developed by the Security Engineering Group at Microsoft• Assesses the changes in Windows attack surface
Analysis Steps:
1. Perform a Baseline Scan on a healthy system.
2. Perform another Scan on the Under-Analysis System.
3. Compare the Results.4. Get the Report.
Microsoft Attack Surface AnalyzerDemo
Security Vulnerability Security Exploits
Penetration Testers
Software Security Engineers
• Discovering Vulnerabilities in Microsoft Products• Releasing Security Updates, Patches and Service Packs• Advanced Update Notifications• Microsoft Security Essentials• Malicious Software Removal Tool
What if Hackers are Faster ?!!
Security Vulnerability
Exploit
Security Patch
1 week
3 Days
Enhanced Mitigation Experience Toolkit(EMET v 2.1)
• Uses Security Mitigation Technologies
• Makes it Difficult to Exploit the 0-Day Bugs on Systems
• Can Cover Security Bugs on any Softwares on the System
Microsoft Advanced Updates Notificationhttp://technet.microsoft.com/en-us/security/default.aspx
Security Focushttp://www.securityfocus.com
Microsoft Baseline Security Analyzer(MBSA v2.2)
It checks clients and Servers for:
Microsoft Operating System and Products Security Vulnerabilities
Microsoft Baseline Security Analyzer 2.2Demo
General Rules of Security in the Network
• Least Privilege
• Reduce Risky Behavior
• Harden the Clients
More than 30 million Users
• Real-Time Protection• System Scanning and
Cleaning• Live System Behavior
Monitoring• Dynamic Signature
Service• Protection Against
False Positive• Network Inspection
System
It’s too late to stop the hackers when the hack is done.Blaster Worm
• August 2003• Infecting millions of
computers• Millions of Dollars
damages
Jeffrey Lee Parson
Sasser Worm• April 2004• Infecting millions of
computers• Blocking Delta Air Lines
Flights Satellite Communications
Sven Jaschan