1 / 33

Future Cyber Warriors

Future Cyber Warriors. Why Network Forensics? . Encrypted Hard Disks Re-imaged Boxes USB Response Difficulty Increase in Number of Intrusions IP End Point Analysis Log Analysis Geolocation Proxies. How do they get in?. Spear Phish Links (Twitter) Vulnerabilities Applications OS

lilia
Download Presentation

Future Cyber Warriors

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Future Cyber Warriors

  2. Why Network Forensics? • Encrypted Hard Disks • Re-imaged Boxes • USB Response Difficulty • Increase in Number of Intrusions • IP End Point Analysis • Log Analysis • Geolocation • Proxies

  3. How do they get in? • Spear Phish • Links (Twitter) • Vulnerabilities • Applications • OS • Weak Passwords

  4. And Let’s Not Forget • The Insider Threat

  5. The Old Ping Scan

  6. Can’t We be Quieter ? • Use tcpdump with no IP • Listen Passively

  7. Zenmapcan be Indecisive • Accurate as the weather… • And noisy, so you will be noticed in Logs

  8. Getting a Better OS Guess

  9. Searching for 08 exploits

  10. Setting Options within Metasploit

  11. Exploiting the Victim • Firewall and UAC Enabled…

  12. Important Facts when you Hacks • Who are You? • How are you in? • Got PID? • Why no GUI?

  13. Step Right Up – Get Your Malware • How do you get malware on the victim? • Meterpreter upload • FTP Answer File • Write a BAT FILE • Use DEBUG to Compile • TFTP (not likely) • wget or curl (if Linux)

  14. You got caught doing bad things • At least rename your stuff

  15. I hate it when I get Dumped

  16. You don’t want to get Caned Either

  17. Help the Admin Manage Users

  18. Looking at the Traffic

  19. Snort Sees Bad People

  20. Summary • Hackers get in • Network Forensics may explain: • Who • How • What • When • At a minimum, endpoint analysis • Actions can help mitigate future attacks

  21. Thank You! Questions and Comments

More Related