Dshield VPS Sensors request Intro by Erik Bais on behalf of ISC SANS

Slides:

Advertisements

Similar presentations

E-inventory Establishing of an electronic inventory of Industrial Property Offices products for the purpose of disseminating their Industrial Property.

Advertisements

IPv6 Deployment CANTO Nate Davis, Chief Operating Officer 13 August 2014.

CTS IT Security Enhancement Projects December 10, 2014.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.

Rob Smets A user centred approach IPv6 deployment monitoring.

1 Muhammed Rudman

IPv4 Depletion IPv6 Adoption 3 February /8s Remaining.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, 1.

Rackspace Hybrid Cloud and Brocade vRouter OpenStack Summit Hong Kong.

Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets Chapter 4.

Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.

Building a Campus Dshield Randy Marchany IT Security Lab VA Tech Blacksburg, VA 24060

The Technology Presentation prepared by Warren Frost.

Barracuda Spam & Virus Firewall. Introduction to the Barracuda Spam & Virus Firewall Complete server protection –Spam Blocking (95+ percent) Extremely.

Copyright 2005 AMX/Hoffman Video/Emmaco Prentiss – Confidential and Proprietary AMX Globally Managed Communication Systems (GMCS)

IPNexus Briefing Instant Messaging and Collaboration.

World Bank, Africa Region, Africa Household Survey Databank - The World Bank - Africa.

Barracuda Load Balancer Server Availability and Scalability.

Agentless Security for Windows Server 2012, Windows Server 2012 R2, System Center VMM, Hyper-V and Windows 8 ISV Partner Alliance Value.

2 Technology and Knowledge Why is technological knowledge important? Jobs, finance, personal, family, movies, car, education (other than computer science),

Copyright Justin C. Klein HECTOR Security Intelligence Platform Developed for: University of Pennsylvania School of Arts & Science.

How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”

IPv6 Activities and Future Strategies in Chunghwa Telecom Fu-Kuei Chung Data Communications Business Group Chunghwa Telecom 2003/02.

Web Authoring Rico Yu. Ch.11 Web Posting and Web Hosting Web Host Types of Web Host Web Posting.

APNIC Update Paul Wilson Director General. APNIC RIR for Asia Pacific –IP address allocation and management –Open policy development Support for Internet.

11 KDDI Trial Hub & Spoke Shu Yamamoto Carl Williams Hidetoshi Yokota KDDI R&D Labs.

HoneyD (Part 2) Small Business NIDS This presentation demonstrates the ability for Small Businesses to emulate virtual operating systems and conduct.

Symantec Managed Security Services The Power To Protect Duncan Evans Director, Cyber Security Services 1.

Cloud Computing.

Honeypot and Intrusion Detection System

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

University of Murcia 8 June 2011 IPv6 in Europe Jacques Babot European Commission - DG INFSO Directorate, Emerging Technologies and Infrastructures.

Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets.

KFSensor Vs Honeyd Honeypot System Sunil Gurung

IPv6 for ISP Industry Sify Technologies Ltd Somasundaram Padmanabhan Network Engineering IPv6 Awareness Workshop.

ESnet Site Coordinators Committee (ESCC): IPv6 Activities & Directions Phil DeMar (ESCC Chair) HEPix IPv6 Workshop (CERN) June 22, 2011.

Presented by Spiros Antonatos Distributed Computing Systems Lab Institute of Computer Science FORTH.

Microsoft Azure SoftUni Team Technical Trainers Software University

1 Adding Secure and Collaboration to Your Business with SCOoffice Server 4.1.

Mar 3, 2006APNIC 21 Meeting -- Perth, AU1 IANA Status Report David Conrad, ICANN IANA General Manager.

Mapping Internet Sensors with Probe Response Attacks Authors: John Bethencourt, Jason Franklin, Mary Vernon Published At: Usenix Security Symposium, 2005.

1 Network-level Security at UVa Jim Jokl Common Solutions Group January 2006.

1 Lecture # 21 Evolution of Internet. 2 Circuit switching network This allows the communication circuits to be shared among users. E.g. Telephone exchange.

Security with Honeyd By Ryan Olsen. What is Honeyd? ➲ Open source program design to create honeypot networks. ➲ What is a honeypot? ● Closely monitored.

APAN Multicast Testbed Plan Aug. 26, 2003 Kyungran Kang, ICU 16th APAN meetings / ANC.

Chapter 9: Implementing the Cisco Adaptive Security Appliance

Wavetrix Changing the Paradigm: Remote Access Using Outbound Connections Remote Monitoring, Control & Automation Orlando, FL October 6, 2005.

IPv6 Inactivity in Australia IPv6 Task Force Meeting APAN 21, Tokyo.

WEB Site Initiatives Standard Squadron Site (SSS) Events Database System (EDS) Standard District Site (SDS)

Welcome.  Henrietta TurnerManager, License Administration Colorado Parks & Wildlife (CPW) IPAWS Project Sponsor  Ken ThomSenior IT Project Manager Governor’s.

IPv6 Adoption Status and Scheduling for Sustainable Development 24 July 2012 Nate Davis Chief Operating Officer, ARIN.

Policy Implementation Report Leslie Nobile. Purpose Update the community on recently implemented policies Provide relevant operational details.

Selecting the Right CRM System at AVEBE Refik Kocak CRM Partners (on behalf of AVEBE) CUSTOMER.

A Seminar On. What is Cloud Computing? Distributed computing on internet Or delivery of computing service over the internet. Eg: Yahoo!, GMail, Hotmail-

Honeypot as a Service Bedřich Košata • • 26 May 2016.

DISA Cyclops Program.

Egypt’s Internet Safety Project

Intro to Ethical Hacking

Intro to Ethical Hacking

Dissemination Working Group

OWASP Charlotte What, Why, Where and How

Status of IPv6 Addresses and Address Management

Mapping Internet Sensors With Probe Response Attacks

Getting Started with Microsoft Azure at CSU

USPS ITCom WEB Site Initiatives

Deployment of KDDI IPv6 Service

Presentation transcript:

Dshield VPS Sensors request Intro by Erik Bais on behalf of ISC SANS

SANS / ISC Org Chart DShield.org SANS (sans.org) : For profit, provides training GIAC (giac.org) : Certifications STI (sans.edu) : Graduate School Internet Storm Center is part of sans.edu DShield (dshield.org): distinct entity, not-for- profit.

Brief History End 1999: SANS starts “incidents.org” with the mission to coordinate security issues around Y2K. Incidents.org survived after Y2K, was found useful as a cooperative security resource End 2000: DShield.org started by Johannes Ullrich as a hobby/experiment 2001: Johannes hired by SANS to lead Incidents.org 2002/3: Incidents.org -> isc.sans.org Around 2010: isc.sans.org becomes part of STI (isc.sans.edu)

Internet Storm Center ( Operated by volunteers (“Handlers”) Currently about 30 handlers Handlers are security practitioners with a diverse background (different industries and countries) Main focus is to quickly disseminate information about current threats

DShield.org Initially designed to collect firewall logs from home users Since expanded to other logs (“404 project”, Web application honeypot, ssh scans) Started to deploy low interaction honeypots as sensors.

DShield Data Sharing “Creative Commons Non Commercial Share Alike License” Summary: We share all data, as long as you don’t resell it. Just give us credit Used in numerous papers / publications. Accessible via web site and APIs

The idea we wanted to pitch today... Setup VPS’s in various networks. Ask the ISP’s to route their allocations (v4 AND v6) to the VPS sensor. Manage the sensors centrally using Puppet and centralize the logging.

What will you get out of it... ISP will retain full access and obtain customized reports summarizing activity from its system(s) The data will be used to give quicker insight in new scans globally. Access to the ISC SANS Handlers to discuss security related issues in your network.

Honeypot VPS Based on latest Ubuntu Low interaction honeypot using kippo and other similar tools (honeyd..) Collecting firewall logs from all closed port IPv4/6 dual stack preferred Require ssh access for remote maintenance

How can you help Provide one of the 20 planned VPS’s (image can be provided) Point your allocations to the VPS, so all un-used IP space is monitored. us at

URLs SANS Internet Storm Center: More in-depth preso about ISC SANS & Dshield pdf pdf ISC API:

Questions ? Who has the first question... Or the first VPS....

Contact us Thank you for your time & attention