Life of Ivica Ostojić - · PDF file©2007 Cisco Systems, Inc. All rights reserved. 1 Life...
Transcript of Life of Ivica Ostojić - · PDF file©2007 Cisco Systems, Inc. All rights reserved. 1 Life...
©2007 Cisco Systems, Inc. All rights reserved.
1
Life of Ivica Ostojić
security consultant engineer CEE region
“Gone In 60
Gone In 60
Seconds
Seconds””
Goran Peteh
Dubrovnik, 20. ožujak 2008.
©2007 Cisco Systems, Inc. All rights reserved.
2
Warning –Disclaim
er-Upozorenje
Neither Cisco or the presentor encourages theuse
of any m
ethods and/ortools m
entioned within
thispresentation without the expresses aproval
and signed agreem
ent with the owner of the IT
infrastructure
in question.
The unathorised usage of the aforementioned
tools and/ormethods could lead to legal
prosecution and severe penalties.
©2007 Cisco Systems, Inc. All rights reserved.
3
First –words of wizdom
©2007 Cisco Systems, Inc. All rights reserved.
4
If you know the enemy and know
yourself, you need
not fear the result of a hundred battles.
If you know yourself but not the
enemy, for every victory gained you will
also suffer a defeat. If you know
neither the enemy nor yourself, you will
succumb in every battle.
©2007 Cisco Systems, Inc. All rights reserved.
5
New way of doing business?
©2007 Cisco Systems, Inc. All rights reserved.
6
COUPLE FACTS FROM THE
REAL LIFE
©2007 Cisco Systems, Inc. All rights reserved.
7
Black Hats
Video Clip
©2007 Cisco Systems, Inc. All rights reserved.
8
DARK MARKET –MYTH OR
FACT?
©2007 Cisco Systems, Inc. All rights reserved.
9
Dark Market –The Bazaar
©2007 Cisco Systems, Inc. All rights reserved.
10
©2007 Cisco Systems, Inc. All rights reserved.
11
AND IF YOU THINK THAT IS
BAD CHECK THIS OUT...
©2007 Cisco Systems, Inc. All rights reserved.
12
©2007 Cisco Systems, Inc. All rights reserved.
13
And now something different....
Firmware 2.0
©2007 Cisco Systems, Inc. All rights reserved.
14
©2007 Cisco Systems, Inc. All rights reserved.
15
©2007 Cisco Systems, Inc. All rights reserved.
16
©2007 Cisco Systems, Inc. All rights reserved.
17
CONCLUSION
©2007 Cisco Systems, Inc. All rights reserved.
18
Secrets & Lies –Bruce Schneier
�Ask the doctor how to poison someone
untraceable, and he can tell you (Dr. Harold
Shipman).
�Ask someone who works in aircraft maintenance
how to drop a 747 out of the sky without getting
caught, and he’ll know.
�Ask any internet security professional how to take
down the Internet, permanently. I’ve heard about
half a dozen different ways,...
©2007 Cisco Systems, Inc. All rights reserved.
19
WHAT ABOUT SOLUTION?
©2007 Cisco Systems, Inc. All rights reserved.
20
SDN Solutions
•ASA Family Expansion –
New entry
and high perform
ance appliances
•Cisco IOS Security Features –
Application Inspection
•NAC Appliance –More scalable
•CSA –Sim
plified m
anagement
•New high perform
ance IPS solutions
•MARS, Iron Port, Guard, etc...
New Solutions for Building Self-Defending Networks
©2007 Cisco Systems, Inc. All rights reserved.
21
©2007 Cisco Systems, Inc. All rights reserved.
22
ServicesOffering
�Cisco Security Unified Communications Services
�Security Posture Assessment
�Security Design
�Security Implementation
�Security Technology Planning
�Cisco Security Architecture Review
�Cisco Incident Readiness and Response Services
�Security incident control systems implementation service
�Cisco Security IntelliShieldAlert Manager Service
�NAC, MARS, CSA implementation services
©2007 Cisco Systems, Inc. All rights reserved.
23
Industry IT Frameworks
and Security Best Practices–SDN3
CobiT
ITIL
ISO/IEC
27002
SOX
Section 404
SANS
ISF
Standard
©2007 Cisco Systems, Inc. All rights reserved.
24
Education
�elementary school
�high school
�faculty
�government
�....
©2007 Cisco Systems, Inc. All rights reserved.
25
AND IF NOT!
©2007 Cisco Systems, Inc. All rights reserved.
26
CONCLUSION –GINSBERG THEOREM
�You can’t win!
�You can’t break even!
�You can’t even quit the
game!
©2007 Cisco Systems, Inc. All rights reserved.
27
Eherm
ans Corollary to Ginsberg’s
Theorem
�Things will get worse before they
get better!
�Who said things would get
better?? ☺ ☺☺☺
©2007 Cisco Systems, Inc. All rights reserved.
28
Conclusion...
©2007 Cisco Systems, Inc. All rights reserved.
29