|
DefCamp 2015 - Hacking and Securing Network Monitoring Systems |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
DefCamp 2015 - Hacking and Securing Network Monitoring Systems Par SecurityTube.NetLe [2016-01-25] à 12:14:52
Présentation : Andrei is a Computer Science graduate of the Politehnica University of Bucharest where he did his thesis work in Biometrics and Image Processing. While starting out his IT-career in the Computer Games industry, he has worked in the Telecom field and also was a senior developer at a specialized firm programming various GSM UMTS GPS sub-systems. He is the author of the MiFare Classic Universal toolKit MFCUK , the first publicly available FOSS card-only key cracking tool for the MiFare Classic RFID card family and is known as the printer guy for his Hacking MFPs and Hacking PostScript series of hacks talks at various international conferences. Lately, he was spotted security-harassing airplanes with ADS-B hacks though no planes were harmed during the experiments and remotely hacking fireworks demolition pyrotechnic systems though no fireworks show were spoiled and no buildings were demolished . He is passionate about security in a holistic fashion. Currently Andrei is a PhD candidate with EURECOM in the field of Software security in embedded systems . At present, Andrei is mostly busy developing cutting edge security research for embedded systems as part of his Firmware.RE project. https www.linkedin.com in costinandrei http twitter.com costinandrei Monitoring of the high-performance computing systems and their components, such as clusters, grids and federations of clusters, is performed using monitoring systems for servers and networks, or Network Monitoring Systems NMS . These monitoring tools assist system administrators in assessing and improving the health of their infrastructure. On the one hand, a successful attack on the infrastructure monitoring tools grants the attacker elevated power over the monitoring tasks, and eventually over some management functionality of the interface or hosts running those interfaces. Additionally, detailed and accurate fingerprinting and reconnaissance of a target infrastructure is possible when such interfaces are publicly exposed. A successful reconnaissance allows an attacker to craft a highly efficient second-stage attack, for example targeted, mimicry and blended attacks. In this workshop we aim at teaching practical skills for hacking and securing Network Monitoring Systems NMS . We will provide a VM machine and exercises that will enable an end-to-end walk through example on Ganglia monitoring system. The exercises include a range of activities such as setup, reconnaissance, static and dynamic analysis, vulnerability analysis, proof of concept exploit development, and countermeasures securing steps. The attendees will learn step-by-step how to quickly create a PoC exploit for a CVE that is described as having unspecified vectors . For More Information Please Visit - http def.camp
Les mots clés de la revue de presse pour cet article : network Les videos sur SecuObs pour les mots clés : network Les mots clés pour les articles publiés sur SecuObs : network Les éléments de la revue Twitter pour les mots clé : network
Les derniers articles du site "SecurityTube.Net" :
- TROOPERSCON - Crypto code the 9 circles of testing - TROOPERSCON - Towards a LangSec Aware SDLC - TROOPERSCON - Deep dive into SAP archive file formats - TROOPERSCON - Thanks SAP for the vulnerabilities. Exploiting the unexploitable - TROOPERSCON - An easy way into your multi-million dollar SAP systems An unknown default SAP account - TROOPERSCON - One Tool To Rule Them All - TROOPERSCON - Mind The Gap - Exploit Free Whitelisting Evasion Tactics - TROOPERSCON - The Chimaera Processor - TROOPERSCON - Lets Play Hide and Seek in the Cloud - TROOPERSCON - Planes, Trains and Automobiles The Internet of Deadly Things
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.190.17.190 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.190.17.190 to any 80"
- Nous contacter par mail
Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|