an overview of non-commercial software for network administrators doug nomura [email protected]...
Post on 21-Dec-2015
219 views
TRANSCRIPT
![Page 1: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/1.jpg)
An Overview of Non-Commercial Software for Network Administrators
Doug [email protected]
June 16 2009
UCCSC 2009 - Focus on Security
![Page 2: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/2.jpg)
Disclaimer
Don’t blame me if your workstation breaks or something bad happens to your network
![Page 3: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/3.jpg)
Scientist Gone Bad - this is me!
![Page 4: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/4.jpg)
ExpectationsGeneral overview - Only have 60 minutes!
Focus will be on tools to help detect problems with your network
Two Hat Perspective
If you can use the tool, think how it can be used against you!
![Page 5: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/5.jpg)
Approach
Tool will be described
What the tool does
How can you use it
Advantages/disadvantages
![Page 6: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/6.jpg)
Topics to be covered
Data Mining 1A
Web 2.0
Kismet
OpenVAS
Metasploit
![Page 7: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/7.jpg)
More Topics
NMap
Web Vulnerability Scanners
Pros and Cons of the free stuff
The Future
![Page 8: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/8.jpg)
Data Mining 1A
![Page 9: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/9.jpg)
Data Mining 1A
Every network leaks or broadcasts information
What is allowable or acceptable by your organization?
This section will give examples of types of information being broadcast - allowable and sensitive
![Page 10: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/10.jpg)
Classic Sources of Data Leaks
DNS & MX records
Technical forums
Job sites
![Page 11: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/11.jpg)
![Page 12: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/12.jpg)
Google’sAdvanced Operators
Reduce noise
Help to refine search
Operator:search term
Tutorial to advanced operators http://www.googletutor.com/google-manual/web-search/adding-advanced-operators/
![Page 13: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/13.jpg)
Operators
domain:ucdavis.edu
“Exact phrase”
Intitle: Look for phrase in page
![Page 14: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/14.jpg)
Types of information
Personal information
Technical information
![Page 15: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/15.jpg)
Let’s look for some personal information
![Page 16: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/16.jpg)
Does anyone from UCD know person?or My Gosh - Look
at the SSN!!!
![Page 17: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/17.jpg)
Sensitive information deleted from this slide
![Page 18: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/18.jpg)
Is anyone from UCSF?Or this probably
shouldnot be broadcast to
the world
![Page 19: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/19.jpg)
Sensitive information deleted from this slide
![Page 20: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/20.jpg)
Text
Example of a technical google hack revealing Nessus Scan Reports
![Page 21: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/21.jpg)
Summary of Google Hacking
Use Google to peruse your servers for sensitive information
Clean up your mess like old scan reports
Educate users about the danger of broadcasting information
![Page 22: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/22.jpg)
The Pros of Google Hacking
Find information you didn’t know was being broadcast
It’s cheap and works
![Page 23: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/23.jpg)
The Cons of Google Hacking
Someone may have found the information already
You may not find everything
Fear the Google cache!!!!!
![Page 24: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/24.jpg)
References for Google Hacking
See Johnny Long’s book - Google Hacking for Penetration Testers - ISBN-10 1597491764
Any questions - just send me an email
![Page 25: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/25.jpg)
Web 2.0Example: Twitter
Technical
Exploitation of code
Passive enumeration
Users careless of information being broadcast
![Page 26: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/26.jpg)
Solution
Identify types of data not be broadcast
Educate
Users need to be made aware there are people “watching.”
![Page 27: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/27.jpg)
“Free” Tools
Many released under GNU/GPL
Range from simple to complex
Many have great support and documentation
![Page 28: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/28.jpg)
KismetDetects presence of 802.11 APs
Sniffs traffic
IDS
kismewireless.net
![Page 29: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/29.jpg)
Kismet
Note error messages at bottom - ignore them
![Page 30: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/30.jpg)
Courtesy of kismetwireless.net
![Page 31: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/31.jpg)
Why use Kismet?
Pen testing of APs
Seek out rogue APs
Survey and map 802.11 installation
Distributed IDS
![Page 32: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/32.jpg)
Kismet Advantages
Initial cost is free
Very powerful
Customizable
plugins
![Page 33: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/33.jpg)
Cons of Kismet
Interface
May require significant configuration
Incompatibilities
Long term cost could be high due to time spent configuring and tweaking apps
![Page 34: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/34.jpg)
OpenVAS
Vulnerability Assessment
Based upon Nessus 2.2
Released under GNU/GPL
openvas.org
![Page 35: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/35.jpg)
Image Courtesy of openvas.org
![Page 36: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/36.jpg)
Image Courtesy of openvas.org
![Page 37: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/37.jpg)
Image Courtesy of openvas.org
![Page 38: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/38.jpg)
OpenVAS
Runs well on Linux
Financially - free VA tool
Growing support for project
![Page 39: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/39.jpg)
Disadvantages
Problems with some NVTs
Some difficulty non-linux platform
![Page 40: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/40.jpg)
Security Framework identifies vulnerabilities and exploits them
Intended for penetration testing and research
Customizable
metasploit.org
Metasploit
![Page 41: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/41.jpg)
Metasploit
Text
Command line interface of Metasploit
![Page 42: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/42.jpg)
Metasploit
Example vulnerability to be used on Windows 2000 machine
![Page 43: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/43.jpg)
Metasploit
Selection of exploit
![Page 44: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/44.jpg)
Metasploit
Access has been achieved on remote machine
![Page 45: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/45.jpg)
Metasploit Advantages
Growing community of users
Growing documentation
Runs well on most flavors of *nix
Excellent tool to identify and exploit vulnerability
![Page 46: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/46.jpg)
Metasploit Disadvantages
Do not expect all exploits nor may be up to date with latest exploits
Lack of logging or reports
Machine running Metasploit can be compromised
This is a very dangerous tool and may violate policy at your institution. Use on test network
![Page 47: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/47.jpg)
NMap - Network Mapper
Sends raw IP packets to specific host, or a range of hosts
Determines OS, version, open ports, identifies potential vulnerability
nmap.org
![Page 48: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/48.jpg)
NMap
Network administrators and other IT folk responsible for network based assets
Pen testers and other security folk
![Page 49: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/49.jpg)
NMapLoki:/Users/Doug root# nmap -sV 192.168.1.1-25
Starting Nmap 4.85BETA9 ( http://nmap.org ) at 2009-06-14 23:56 PDTInteresting ports on 192.168.1.1:Not shown: 998 closed portsPORT STATE SERVICE VERSION23/tcp open telnet Cisco telnetd (IOS 6.X)443/tcp open ssl/http Cisco PIX Device ManagerMAC Address: 00:08:21:3A:29:B2 (Cisco Systems)Service Info: OS: IOS; Device: firewall
Interesting ports on 192.168.1.2:Not shown: 997 closed portsPORT STATE SERVICE VERSION21/tcp open ftp tnftpd 2006121722/tcp open ssh OpenSSH 5.1 (protocol 1.99)548/tcp open afp Apple AFP (name: Feline; protocol 3.2; Mac OS X 10.4/10.5)MAC Address: 00:0D:93:32:D0:26 (Apple Computer)Service Info: Host: Feline.local
Interesting ports on 192.168.1.4:Not shown: 999 closed portsPORT STATE SERVICE VERSION5009/tcp open airport-admin Apple AirPort adminMAC Address: 00:03:93:1F:01:65 (Apple Computer)
Interesting ports on 192.168.1.6:
Part of a Nmap scan report
![Page 50: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/50.jpg)
Strengths of NMap
Large base of support from user and developer community
Mature product
Fast and versatile scanner
Extremely stable. Install and go!
![Page 51: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/51.jpg)
Weaknesses of NMap
Some scans seem to be intrusive
Some scans have crashed hosts being scanned
![Page 52: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/52.jpg)
Web Vulnerability Scanners
GNU/GPL World
Singular in purpose
Paros
Stagnant
Nikto
![Page 53: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/53.jpg)
Web Vulnerability Scanners
Singular purpose tools usually check for a single type of vulnerability (i.e. XSS, SQL injection). You would have to have a lot of different GNU/GPL tools to encompass all possible vulnerabilities
![Page 54: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/54.jpg)
Web Vulnerability Scanners
Some projects become stagnant or die due to core developers ability to devote time to project
![Page 55: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/55.jpg)
Advantages of the “free” apps
Initial cost is low
Some projects have a community of support
Documentation
A potentially powerful tool rivaling commercial tools
![Page 56: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/56.jpg)
Advantages of “free” apps
Use older hardware
Great for that older machine collecting dust
![Page 57: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/57.jpg)
Disadvantages
Project stability
UI issues
Application stability
Speed of development
Upgrades may be challenging
Geek Factor
![Page 58: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/58.jpg)
Geek Factor
GeekFactor
0
100
100“cost”
![Page 59: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/59.jpg)
What to do?
Define your needs
Determine stability and viability of project
Be willing to invest time
Be diligent
![Page 60: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/60.jpg)
The future
Greater and easier exploitation of Web 2.0
You must educate your users about the dangers
Handhelds will be both targets and attackers
![Page 61: An Overview of Non-Commercial Software for Network Administrators Doug Nomura doug.nomura@gmail.com June 16 2009 UCCSC 2009 - Focus on Security](https://reader038.vdocument.in/reader038/viewer/2022103022/56649d565503460f94a339a3/html5/thumbnails/61.jpg)
The End