Presentation is loading. Please wait.

Presentation is loading. Please wait.

Geeks Need Basements. Who am I? Started in computer industry in 1982 Specializing in security for the past 15 years ASS (Application Security Specialist)

Published byPaulina Barrett Modified over 7 years ago

Similar presentations

Presentation on theme: "Geeks Need Basements. Who am I? Started in computer industry in 1982 Specializing in security for the past 15 years ASS (Application Security Specialist)"— Presentation transcript:

1 Geeks Need Basements

2 Who am I? Started in computer industry in 1982 Specializing in security for the past 15 years ASS (Application Security Specialist) As a child, I preferred robots to dolls Geek Elder

3 In the beginning Curiosity and the introduction of more affordable microcomputers combined to create a phenomenon “Geeks in basements” launched the computer industry as we know it today

4 In the beginning Basements nurture tech skills Geeks are happy!

5 The Problem Industry focus has shifted from research to governance; from pro-active to re-active Very little “Hands-on” work available

6 The Problem Practical skills are difficult to acquire Geeks are sad

7 The Solution Build your own portable “Basement”! It can go where you go and you can build and hone your technical skills anywhere

8 Building Your Basement Hardware: Beefy Laptop – 8 or more Gigs of RAM – Powerful Processor: Quad Core recommended – At least a 1 Terabyte Hard Drive Laptops with these specs can be obtained through Amazon for less than $500! If your budget allows, gaming laptops are ideal, and you can use them for play too…

9 Building Your Basement Once you have obtained the necessary hardware, the next step is to acquire the platform We’re going to use Oracle VirtualBox, a free cross- platform virtualization application Virtualization extends the capabilities of your computer so that it can run multiple operating systems as Virtual Machines simultaneously https://www.virtualbox.org/

10 Building Your Basement Virtualbox installs on Intel or AMD-based computers running Windows, Mac, Linux or Solaris operating systems. For example, you can run Windows and Linux on your Mac, run Windows Server 2008 on your Linux server, run Linux on your Windows PC, etc. You can install and run as many virtual machines as you like -- the only practical limits are disk space and memory!

11 VirtualBox 5 Running Ubuntu 14.04 on a Windows 7 Machine

12 Running Multiple Virtual Machines (VMs)

13 Getting Free Linux VMs There are lots of free Linux VMs available for VirtualBox at virtualboxes.org This project provides virtual machines for several free or open-source operating systems for testing, security and entertainment purposes.

14 Getting Free Windows VMs Microsoft provides free Virtual Machines for testing its Internet Explorer and Edge browsers These are fully functioning copies of the Operating Systems! Current choices:

15 Getting Free Windows VMs These VMs will expire after 90 days, so Microsoft advises that you take a snapshot of the VM so that you can restore it

16 Getting Free Windows VMs Microsoft offers 180 day evaluation copies of server software in either VHD or ISO format http://www.microsoft.com/en-us/evalcenter/ VirtualBox can create a VM using either format

17 What’s in Your Basement? Now that you have a virtual platform and some VMs, the fun can begin There are several pre-built special purpose Linux distros that you can add to your basement And of course, they’re all free!

18 Pentesting If you want to study penetration testing, you can’t beat Kali Linux from Offensive Security https://www.offensive-security.com/kali-linux-vmware-arm-image- download https://www.offensive-security.com/kali-linux-vmware-arm-image- download / Preinstalled with over 600 penetration-testing programs, including nmap port scanner, Wireshark packet analyzer, John the Ripper password cracker, Aircrack-ng wireless LAN pentesting suite, Burp suite and OWASP ZAP web application security scanners

19 Pentest Targets There are a number of deliberately vulnerable distros that can be used for learning These include Metasploitable, Game Over, BeeBox and Drunk Admin Web Hacking Challenge Links: OWASP Vulnerable Web Apps Directory Project OWASP Vulnerable Web Apps Directory Project

20 Malware Analysis Lenny Zeltzer’s REMnux Distro for Malware Analysis https://zeltser.com/remnux-v6-release-for-malware-analysis/ Cuckoo Sandbox - Open Source software for automating analysis of suspicious files. http://www.cuckoosandbox.org/download.html Malware Sample Sources for Researchers https://zeltser.com/malware-sample-sources/

21 Computer Forensics SANS Investigative Forensic Toolkit (SIFT) Workstation - a group of free open-source incident response and forensic tools https://digital-forensics.sans.org/community/downloads Samurai PALADIN is Linux distribution based on Ubuntu for performing forensics tasks https://www.sumuri.com/product-category/paladin/

22 Have Fun

Download ppt "Geeks Need Basements. Who am I? Started in computer industry in 1982 Specializing in security for the past 15 years ASS (Application Security Specialist)"

Similar presentations

Installation of Ubuntu on a Virtual machine. VirtualBox allows you to run an entire operating system inside another operating system. Please be aware.

Installation of Ubuntu on a Virtual machine. VirtualBox allows you to run an entire operating system inside another operating system. Please be aware.
VMWare to Hyper-V FOR SERVER 2012. What we looked at before migration  Performance – Hyper-V performs at near native speeds.  OS Compatibility – Hyper-V.

VMWare to Hyper-V FOR SERVER What we looked at before migration  Performance – Hyper-V performs at near native speeds.  OS Compatibility – Hyper-V.
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 11 Windows Server 2008 Virtualization.

MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 11 Windows Server 2008 Virtualization.
Introduction to Computer Essentials. Information Systems 1. People 2. Procedures 3. Software 4. Hardware 5. Data.

Introduction to Computer Essentials. Information Systems 1. People 2. Procedures 3. Software 4. Hardware 5. Data.
Run a Virtual Machine. Virtualization Have you ever imitated someone else? That's because your mind is thinking/ imagining as that person Same to a Computer:

Run a Virtual Machine. Virtualization Have you ever imitated someone else? That's because your mind is thinking/ imagining as that person Same to a Computer:
© 2013 The McGraw-Hill Companies, Inc. All rights reserved Mike Meyers’ CompTIA A+ ® Guide to 802: Managing and Troubleshooting PCs Fourth Edition (Exam.

© 2013 The McGraw-Hill Companies, Inc. All rights reserved Mike Meyers’ CompTIA A+ ® Guide to 802: Managing and Troubleshooting PCs Fourth Edition (Exam.
Offering your Windows Server Class Online. Tony Basilico Community College of Rhode Island

Offering your Windows Server Class Online. Tony Basilico Community College of Rhode Island
1 Virtualization and Virtual Machines Sarah Diesburg 1/10/2013 COP 5641.

1 Virtualization and Virtual Machines Sarah Diesburg 1/10/2013 COP 5641.
To run the program: To run the program: You need the OS: You need the OS:

To run the program: To run the program: You need the OS: You need the OS:
Red Hat Installation. Installing Red Hat Linux is the process of copying operating system files from a CD, DVD, or USB flash drive to hard disk(s) on.

Red Hat Installation. Installing Red Hat Linux is the process of copying operating system files from a CD, DVD, or USB flash drive to hard disk(s) on.
Space Science and Engineering Center University of Wisconsin-Madison Virtual Machines: A method for distributing DB processing software Liam Gumley.

Space Science and Engineering Center University of Wisconsin-Madison Virtual Machines: A method for distributing DB processing software Liam Gumley.
Using Virtualization in the Classroom. Using Virtualization in the Classroom Session Objectives Define virtualization Compare major virtualization programs.

Using Virtualization in the Classroom. Using Virtualization in the Classroom Session Objectives Define virtualization Compare major virtualization programs.
Free, online, technical courses Take a free online course. Microsoft Virtual Academy.

Free, online, technical courses Take a free online course. Microsoft Virtual Academy.
Week 6 Operating Systems.

Week 6 Operating Systems.
Computer for Health Sciences

Computer for Health Sciences
Computer Concepts 2013 Chapter 4 Operating Systems and File Management.

Computer Concepts 2013 Chapter 4 Operating Systems and File Management.
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.

About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
A+ Guide to Hardware: Managing, Maintaining, and Troubleshooting, Sixth Edition Chapter 9, Part 11 Satisfying Customer Needs.

A+ Guide to Hardware: Managing, Maintaining, and Troubleshooting, Sixth Edition Chapter 9, Part 11 Satisfying Customer Needs.
Herb Brown Appalachian State University. State of Networking Instruction  Many programs are adding networking instruction  Networking instruction is.

Herb Brown Appalachian State University. State of Networking Instruction  Many programs are adding networking instruction  Networking instruction is.
Chromium OS is an open-source project that aims to build an operating system that provides a fast, simple, and more secure computing experience for people.

Chromium OS is an open-source project that aims to build an operating system that provides a fast, simple, and more secure computing experience for people.

Similar presentations

Ads by Google