D 0 G of WAR Attack Box Design

Зарегистрируйтесь, чтобы просмотреть полный документ!

D 0 G of WAR Attack Box Design 7/11/01

Blake ~Internet Consultant~ Security Audits & WAN / LAN Infrastructure Designs Netspan@hotmail. com San Jose (408) 907 -5003 / San Francisco (415) 561 -9374

1. Introduction 2. Attack Box Design: -CUJ 0 OS Selection Hardware Selection OS Layout Baseline Software Load Lock & Load: Extended Toolz Selection - Layout of the Lab -Zombies -Those Evil Web Servers -Fighting Back, ‘Rooting the Attacker’ -P 0 IS 0 N -Conceptual: The Death Star Design 3. Overview of Security Audits 4. Closing

Building an Attack Box From the Ground Up…. ‘CUJ 0’

OS Selection For Tools WINDOWS (98 / NT / Win 2 k) LINUX BSD SOLARIS Single OS vs Multiboot

Hardware Selection Via Piece-Meal (which Manufacturers, Sizing, etc ? ? ? ) Motherboard, Processor(s) RAM Hard Drives Floppy NIC Cards CD Rom / CD Burner External Modem Printer Total Cost =

Hardware Selection: (cont’d) Laptops Used Hardware (Where to look for Cheap Stuff)

Multiboot Options MBR Windows Boot. ini Lilo boot Free. BSD multiboot Boot. Magic System Commander MSTBootit NG VMWare

OS Load Order Which one first ? ? ? The Problems with Installations

Partitions Primary Extended Logical Virtual Formatting Layout on the Hard Drives Sizing & Resizing

Baseline Software Loads Different Configurations Partition Imaging of Different Loads Drive Imaging Storage

TOOLZ Selection Integration Testing Evaluation Parsing the Code Making you own Scripts & Toolz

Layout of the Lab for Testing Toolz Master File Server Attack, Victim, & Monitoring Boxes

Network Equipment & Configurations Fractional / T 1 DSL Cable Modem Dial-up Routers / Switches / Hubs Firewalls Sniffers / Network IDS

Other Types of Attack Boxes (cont’d) Automated vs ‘Hands-on’ Vulnerability Scanners

Other Types of Attack Boxes (cont’d) Zombies

Other Types of Attack Boxes (cont’d) Those Evil Web Servers

FIGHTING BACK ‘Rooting the Attacker’

Other Types of Attack Boxes (cont’d) ‘P 0 IS 0 N’ The Honeypot with an Attitude (A Box That Bites Back)

Other Types of Attack Boxes (cont’d) ‘The Death Star Design’

PERFORMING SECURITY AUDITS Discussion

END

Скачать презентацию D 0 G of WAR Attack Box Design

089e308551482c36c2ca138beb2be7bd.ppt

Количество слайдов: 22