Presentation is loading. Please wait.

Presentation is loading. Please wait.

A ttack B ox D esign 7/11/01 D0G of WAR. Blake ~Internet Consultant~ Security Audits & WAN / LAN Infrastructure Designs San Jose (408)

Published byJane Collins Modified over 8 years ago

Similar presentations

Presentation on theme: "A ttack B ox D esign 7/11/01 D0G of WAR. Blake ~Internet Consultant~ Security Audits & WAN / LAN Infrastructure Designs San Jose (408)"— Presentation transcript:

1 A ttack B ox D esign 7/11/01 D0G of WAR

2 Blake ~Internet Consultant~ Security Audits & WAN / LAN Infrastructure Designs Netspan@hotmail.com San Jose (408) 907-5003 / San Francisco (415) 561-9374

3 1. Introduction 2. Attack Box Design: -CUJ0 OS Selection Hardware Selection OS Layout Baseline Software Load Lock & Load: Extended Toolz Selection - Layout of the Lab -Zombies -Those Evil Web Servers -Fighting Back, ‘Rooting the Attacker’ -P0IS0N -Conceptual: The Death Star Design 3. Overview of Security Audits 4. Closing

4 Building an Attack Box From the Ground Up…. ‘CUJ0’

5 OS Selection For Tools WINDOWS (98 / NT / Win2k) LINUX BSD SOLARIS Single OS vs Multiboot

6 Hardware Selection Via Piece-Meal (which Manufacturers, Sizing, etc ???) Motherboard, Processor(s) RAM Hard Drives Floppy NIC Cards CD Rom / CD Burner External Modem Printer Total Cost =

7 Hardware Selection: (cont’d) Laptops Used Hardware (Where to look for Cheap Stuff)

8 Multiboot Options MBR Windows Boot.ini Lilo boot FreeBSD multiboot BootMagic System Commander MSTBoot Bootit NG VMWare

9 OS Load Order Which one first ??? The Problems with Installations

10 Partitions Primary Extended Logical Virtual Formatting Layout on the Hard Drives Sizing & Resizing

11 Baseline Software Loads Different Configurations Partition Imaging of Different Loads Drive Imaging Storage

12 TOOLZ Selection Integration Testing Evaluation Parsing the Code Making you own Scripts & Toolz

13 Layout of the Lab for Testing Toolz Master File Server Attack, Victim, & Monitoring Boxes

14 Network Equipment & Configurations Fractional / T1 DSL Cable Modem Dial-up Routers / Switches / Hubs Firewalls Sniffers / Network IDS

15 Other Types of Attack Boxes (cont’d) Automated vs ‘Hands-on’ Vulnerability Scanners

16 Other Types of Attack Boxes (cont’d) Zombies

17 Other Types of Attack Boxes (cont’d) Those Evil Web Servers

18 FIGHTING BACK ‘ R ooting the A ttacker’

19 Other Types of Attack Boxes (cont’d) ‘P0IS0N’ The Honeypot with an Attitude (A Box That Bites Back)

20 Other Types of Attack Boxes (cont’d) ‘The Death Star Design’

21 PERFORMING SECURITY AUDITS Discussion

22 END

Download ppt "A ttack B ox D esign 7/11/01 D0G of WAR. Blake ~Internet Consultant~ Security Audits & WAN / LAN Infrastructure Designs San Jose (408)"

Similar presentations

Hardware Lesson 3 Inside your computer.

Hardware Lesson 3 Inside your computer.
Basic Concepts of a Computer Network

Basic Concepts of a Computer Network
Computer Basics I Course Outline 1: What is a computer? 2: What is an operating system? Using a Desktop Computer 3: What are the basic parts of a desktop.

Computer Basics I Course Outline 1: What is a computer? 2: What is an operating system? Using a Desktop Computer 3: What are the basic parts of a desktop.
2440: 141 Web Site Administration Server Installation Instructor: Enoch E. Damson.

2440: 141 Web Site Administration Server Installation Instructor: Enoch E. Damson.
Leveraging WinPE and Linux Preboot for Effective Provisioning Jonathan Richey | Director of Development | Altiris, Inc.

Leveraging WinPE and Linux Preboot for Effective Provisioning Jonathan Richey | Director of Development | Altiris, Inc.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
ETT 429 Spring 2007 Hardware/Software Basics. Agenda Technology Standards Review Technology Standards Review Results of Technology Self Assessment Results.

ETT 429 Spring 2007 Hardware/Software Basics. Agenda Technology Standards Review Technology Standards Review Results of Technology Self Assessment Results.
Linux Installation Chapter II. Linux Distributions Pre-packaged, installable Linux Anyone can compile a distribution, have to inculde GPL Available for.

Linux Installation Chapter II. Linux Distributions Pre-packaged, installable Linux Anyone can compile a distribution, have to inculde GPL Available for.
Lesson 15 – INSTALL AND SET UP NETWARE 5.1. Understanding NetWare 5.1 Preparing for installation Installing NetWare 5.1 Configuring NetWare 5.1 client.

Lesson 15 – INSTALL AND SET UP NETWARE 5.1. Understanding NetWare 5.1 Preparing for installation Installing NetWare 5.1 Configuring NetWare 5.1 client.
Mgt 240 Lecture Exam Review February 1, 2005. Homework Three Due Friday 2/4 at 5pm Due Friday 2/4 at 5pm Any questions? Any questions? Posted on course.

Mgt 240 Lecture Exam Review February 1, Homework Three Due Friday 2/4 at 5pm Due Friday 2/4 at 5pm Any questions? Any questions? Posted on course.
1 Web Server Administration Chapter 3 Installing the Server.

1 Web Server Administration Chapter 3 Installing the Server.
Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.

Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.
Hardware and Multimedia Chapter 4. 4 Personal Computers (PCs) PCs are computers that can be: Used by individuals at home, work, or school Desktop models.

Hardware and Multimedia Chapter 4. 4 Personal Computers (PCs) PCs are computers that can be: Used by individuals at home, work, or school Desktop models.
Installing software on personal computer

Installing software on personal computer
CHAPTER Introduction to LANs. MODULE Purpose and Use of a Network.

CHAPTER Introduction to LANs. MODULE Purpose and Use of a Network.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.08 Router Introduction.

CISCO NETWORKING ACADEMY Chabot College ELEC Router Introduction.
Developed by Klaus Knopper Linux Consultant. What is Knoppix?  Unix-like operating system  Run directly from CD or DVD  Bootable from USB flash drive.

Developed by Klaus Knopper Linux Consultant. What is Knoppix?  Unix-like operating system  Run directly from CD or DVD  Bootable from USB flash drive.
Section 2.1 Identify hardware Describe processing components Compare and contrast input and output devices Compare and contrast storage devices Section.

Section 2.1 Identify hardware Describe processing components Compare and contrast input and output devices Compare and contrast storage devices Section.
Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.

Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.
1 Web Server Administration Chapter 3 Installing the Server.

1 Web Server Administration Chapter 3 Installing the Server.

Similar presentations

Ads by Google