hey you... get off my network
DESCRIPTION
TRANSCRIPT
![Page 1: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/1.jpg)
Hey You… Get off my Network…How to stay firm against security threats and plan ahead for security…
Esmaeil SarabadaniSystems and Security Consultant
![Page 2: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/2.jpg)
• The History and Story of DATA …• Cloud Computing and its Possible Security Threats• Security in the Cloud from the Client’s Perspective• Social Engineering• Security Misconfiguration
• Microsoft Attack Surface Analyzer• Microsoft Baseline Security Analyzer
• Security Vulnerabilities• 0-Day Exploits and How to Stop Them...
• Enhanced Mitigation Experience Toolkit
• Endpoint Security
What will be covered …
![Page 3: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/3.jpg)
The Changing World !!!
![Page 4: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/4.jpg)
Living in a Connected World…
DATA
![Page 5: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/5.jpg)
Data in the Past
• More Static
• Difficult to Move
• Higher Risk of Loss
• More Physical Security
• Less Storage Space
![Page 6: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/6.jpg)
![Page 7: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/7.jpg)
Now Data is in …
CLOUD
• Reduced Cost• Increased Storage• Highly Automated
• Flexibility• More Mobility • More Power
![Page 8: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/8.jpg)
What Type of Data is in the Cloud?
• Corporate Important Data• Users’ Personal Data• Credit Card Information • Government’s Confidential Information• People’s Personal Information like Phone Numbers, e-mail Addresses, User Accounts and Passwords and so more.• And so more…
How Secure
is the C
loud ?!!
![Page 9: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/9.jpg)
Hacked !!!On April 19th 2011
• The network outage for one month.
• More than 100 million users’ credit card information was stolen.
• 3.18 Billion USD forecasted Sony loss.
• Losing so many of its users.
Let’s l
ook at it
in an
other way
…
![Page 10: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/10.jpg)
the Social Networking websites
have Changed the way human being interacts…
600 million Users
200 million Users
100 million Users• Status Messages• Foursquare Check-ins • Phone Numbers• Photos and Videos
People are revealing so much information about themselves …
Result = Less Control - Less Privacy
![Page 11: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/11.jpg)
Social Engineering an Old but Empowered Technique
• It is easier now with the growth in social network.
• Everything you do produces data
• Hackers use that data• Security focus is too much on
distant attacks• Nobody really knows what
needs to be secured
![Page 12: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/12.jpg)
A Famous Hacker and Social Engineer
• Hacked into Pentagon, FBI, Novell, University of California, Motorola, Nokia, Sun Microsystems, Fujitsu Siemens
• 5 Years in Prison
• Computer Security Consultant Now
![Page 13: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/13.jpg)
Step 1Reconnaissance
Step 2Initial intrusion
into the network
Step 3Establish a
backdoor into the network
Step 4Obtain user credentials
Step 5Install various
utilities
Step 6Privilege escalation /lateral movement /data exfiltration
Step 7Maintain
persistence
The Steps in Hacking
We can stop the hackers from the very beginning steps.
![Page 14: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/14.jpg)
Security Management Threat and Vulnerability Management, Monitoring and Response
Edge Routers, Firewalls, Intrusion Detection, Vulnerability ScanningNetwork Perimeter
Dual-factor Authorization, Intrusion Detection, Vulnerability ScanningInternal Network
Access Control and Monitoring, Anti-Malware, Patch and Configuration ManagementHost
Secure Engineering (SDL), Access Control and Monitoring, Anti-MalwareApplication
Access Control and Monitoring, File/Data IntegrityData
User Account Management, Training and Awareness, Screening
Facility Physical Controls, Video Surveillance, Access Control
Adopting a Multi-Layered Defense Approach
Defense in Depth
![Page 15: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/15.jpg)
Microsoft Attack Surface Analyzer
• Developed by the Security Engineering Group at Microsoft• Assesses the changes in Windows attack surface
Analysis Steps:
1. Perform a Baseline Scan on a healthy system.
2. Perform another Scan on the Under-Analysis System.
3. Compare the Results.4. Get the Report.
![Page 16: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/16.jpg)
Microsoft Attack Surface AnalyzerDemo
![Page 17: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/17.jpg)
Security Vulnerability Security Exploits
Penetration Testers
Software Security Engineers
![Page 18: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/18.jpg)
• Discovering Vulnerabilities in Microsoft Products• Releasing Security Updates, Patches and Service Packs• Advanced Update Notifications• Microsoft Security Essentials• Malicious Software Removal Tool
![Page 19: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/19.jpg)
What if Hackers are Faster ?!!
Security Vulnerability
Exploit
Security Patch
1 week
3 Days
![Page 20: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/20.jpg)
Enhanced Mitigation Experience Toolkit(EMET v 2.1)
• Uses Security Mitigation Technologies
• Makes it Difficult to Exploit the 0-Day Bugs on Systems
• Can Cover Security Bugs on any Softwares on the System
![Page 21: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/21.jpg)
Microsoft Advanced Updates Notificationhttp://technet.microsoft.com/en-us/security/default.aspx
![Page 22: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/22.jpg)
Security Focushttp://www.securityfocus.com
![Page 24: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/24.jpg)
Microsoft Baseline Security Analyzer(MBSA v2.2)
It checks clients and Servers for:
Microsoft Operating System and Products Security Vulnerabilities
![Page 25: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/25.jpg)
Microsoft Baseline Security Analyzer 2.2Demo
![Page 26: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/26.jpg)
General Rules of Security in the Network
• Least Privilege
• Reduce Risky Behavior
• Harden the Clients
![Page 27: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/27.jpg)
More than 30 million Users
• Real-Time Protection• System Scanning and
Cleaning• Live System Behavior
Monitoring• Dynamic Signature
Service• Protection Against
False Positive• Network Inspection
System
![Page 28: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/28.jpg)
It’s too late to stop the hackers when the hack is done.Blaster Worm
• August 2003• Infecting millions of
computers• Millions of Dollars
damages
Jeffrey Lee Parson
Sasser Worm• April 2004• Infecting millions of
computers• Blocking Delta Air Lines
Flights Satellite Communications
Sven Jaschan
![Page 29: Hey you... get off my network](https://reader036.vdocuments.site/reader036/viewer/2022081413/546c35d3af79596c298b4ec4/html5/thumbnails/29.jpg)