|
|
|
Appsec DC 2012 - Denial of Surface with Eireann Leverett |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Appsec DC 2012 - Denial of Surface with Eireann Leverett Par SecurityTube.NetLe [2014-02-21] à 05:25:50
Présentation : Slides - https www.owasp.org images 4 48 ASDC12-Denial_of_Surface.pdf Are industrial systems airgapped Some are, some aren't. Unfortunately, enough of them aren't...to suggest bigger questions. Shodan has provided us with over 10,000 proofs of ICS connectivty, and visualization is the key to this story. More importantly, this data was provided to ICS-CERT to help mitigate such exposure. That data was in turn shared globally with other CERTS and CSIRTS, and the lessons are still being learned. It's time to re-examine the fantasy of the airgap, and think of ways to do vulnerability and exposure management in vendor and owner agnostic ways. More importantly, how do you do vulnerability management at a national or international scale This is not a story of 'I found a couple scary things in SHODAN'. This is a theory of the underlying cause for being able to find THOUSANDS of ICS devices and logins on the open internet. Complete with open source eye-candy Eireann Leverett is NOT a PhD student at Cambridge, despite recent propaganda to the contrary. He did grow up in DC though, and is looking forward to coming back in style. He started academic life studying Philosophy and Psychology, and then moved on to Artificial Intelligence and Software Engineering. His most recent project comes from his MPhil in Advanced Computer Science which apparently he survived. He's been an OWASP, circus, and hackerspace activist for a few years, and likes security projects in the real world. His fans include his mom, her dog, the deuteragonist Jiminy Cricket, and a couple Amish mimes living in Norway. He currently scrapes out a living inventing ridiculous bios in the third person, because he hasn't really done anything yet. For More Information please visit - https www.owasp.org index.php OWASP_AppSec_DC_2012_Schedule
Les mots clés de la revue de presse pour cet article : denial
Les videos sur SecuObs pour les mots clés : denial
Les éléments de la revue Twitter pour les mots clé : denial
Les derniers articles du site "SecurityTube.Net" :
- TROOPERSCON - Crypto code the 9 circles of testing
- TROOPERSCON - Towards a LangSec Aware SDLC
- TROOPERSCON - Deep dive into SAP archive file formats
- TROOPERSCON - Thanks SAP for the vulnerabilities. Exploiting the unexploitable
- TROOPERSCON - An easy way into your multi-million dollar SAP systems An unknown default SAP account
- TROOPERSCON - One Tool To Rule Them All
- TROOPERSCON - Mind The Gap - Exploit Free Whitelisting Evasion Tactics
- TROOPERSCON - The Chimaera Processor
- TROOPERSCON - Lets Play Hide and Seek in the Cloud
- TROOPERSCON - Planes, Trains and Automobiles The Internet of Deadly Things
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.190.17.190 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.190.17.190 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
