hey you... stay away from my network - techinsights 2011 sea
TRANSCRIPT
Hey you… Stay away from my network…
Esmaeil SarabadaniSystems and Security ConsultantRedynamics Asia Sdn. Bhd.
What will be covered…
• Cloud computing, Social Networking and the Information Leak
• Social Engineering• Port Scanning and Nmap• Vulnerability scanning with MBSA &
Nessus• Microsoft Security Response Center• Enhanced Mitigation Experience Toolkit• Security Best Practices
The world is changing …
Cloud Computing…
Revealing Information…
Social Networks vs. Social EngineeringThere is no patch for human stupidity!
What kind of risk ?!!
• Employees reveal so much information about the company.
• Hackers create fake Facebook profiles pretending to be your colleagues.
• Convincing the employees to click on malicious URLs that they post on Facebook.
• People leave their:• Phone numbers• Photos• Status messages containing very important
information
What kind of risk ?!!
How much would you get to sell out your colleague?
Would you accept 1000 USD to give out a simple document from inside the company?
• How about 10,000 USD ???• How about 100,000 USD ???
Do you trust everyone at work?
How do you realize if someone is the bad guy?
Educate your users and employees...
Let them know about the threats...
Do not block Facebook to them at work…
Evaluate their awareness every now and then…
Step 1Reconnaissance
Step 2Initial intrusion
into the network
Step 3Establish a
backdoor into the network
Step 4Obtain user credentials
Step 5Install various
utilities
Step 6Privilege escalation /lateral movement /data exfiltration
Step 7Maintain
persistence
The Steps in Hacking
Port ScanningScanning the target computer to detect the open ports.
• Detect Open Ports• Detect the services behind those
ports• Find security vulnerabilities of those
services• Attack the vulnerabilities
What hackers do…
DEMONmap
Vulnerability Scanning
Scanning the target computer:
• For possible security bugs and vulnerabilities
• For open and filtered ports• To detect the target OS• To get a solution to fix the
bug• To get a link for the exploits
DEMONessus & MBSA
• Discovering Vulnerabilities in Microsoft Products
• Releasing Security Updates, Patches and Service Packs
• Advanced Update Notifications
• Microsoft Security Essentials
• Malicious Software Removal Tool
What if Hackers are Faster ?!!
Security Vulnerability
Exploit
Security Patch
1 week
3 Days
Enhanced Mitigation Experience Toolkit(EMET v 2.1)
• Uses Security Mitigation Technologies
• Makes it Difficult to Exploit the 0-Day Bugs on Systems
• Can Cover Security Bugs on any Softwares on the System
DEMOEnhanced Mitigation Experience Toolkit
Security Best Practices
Security and complexity are often inversely proportional.Begin your security design from the clients.
Be thorough.Your security is only as strong as your weakest link.
Q&AQuestions & Answers
Resources
Email: [email protected]
Blog: http://esihere.wordpress.com/
Useful websites: http://technet.microsoft.com/ http://www.insecuremag.com/http://technet.microsoft.com/en-us/edge/ff524488
Twitter: http://www.twitter.com/esmaeils
Win Cool Prizes!!!Required slide
Complete the Tech Insights contests and stand a chance to win many cool prizes…
Look in your conference bags NOW!!
We value your feedback!Required slide
Please remember to complete the overall conference evaluation form (in your bag) and return it to the Registration Counter on the last day in return for a Limited Edition Gift