Video

Here’s What Happens When an 18 Year Old Buys a Mainframe

Video

My Bro The ELK: Obtaining Context From Security Events

Video

BSidesSLC 2015 — Security Onions and Honey Potz — Ethan Dodge

Video

HNW2015 – Hugo Gonzalez – Android Botnets: Past, Present and Future

Video

A Day in the Life of a Billion Packets (CPN401) | AWS re:Invent 2013

Aug 01 2015

Honeypots workshop at Defcon 23!

I am very happy to announce that a honeypots workshop will take place during Defcon 23 next week in Las Vegas.

The workshop is titled “Analyzing Internet Attacks with Honeypots“, lasts half a day (4 hours) and will be presented by me.

It takes place on Friday the 7th of August, from 9AM to 1PM.

Unfortunately, registration is closed since most of the spots were reserved pretty quickly. But if you are around and want to talk honeypots, send me a message and we’ll come up with something.

Here is the workshop’s description:

In the field of computer security, honeypots are systems aimed at deceiving malicious users or software that launch attacks against the servers and network infrastructure of various organizations. They can be deployed as protection mechanisms for an organization’s real systems, or as research units to study and analyze the methods employed by human hackers or malware. In this workshop we will outline the operation of two research honeypots, by manual deployment and testing in real time. A honeypot system will undertake the role of a web trap for attackers who target the SSH service in order to gain illegal server access. Another one will undertake the role of a malware collector, usually deployed by malware analysts and anti-virus companies to gather and securely store malicious binary samples. We will also talk about post-capturing activities and further analysis techniques. As an example, we will see how to index all the captured information in a search engine like Elasticsearch and then utilize ElastAlert, an easy to use framework to setup meaningful alerting. Lastly, visualization tools will be presented for the aforementioned systems, plus a honeypot bundle Linux distribution that contains pre-configured versions of the above tools and much more related utilities, which can make the deployment of honeypots in small or large networks an easy task.

dc23workshops

See you all in Vegas!

Jul 21 2015

Honeypots workshop at BSidesLV 2015!

I am very happy to announce that a honeypots workshop will take place during BSides Las Vegas for a 2nd year in a row! BSides is a fantastic community driven InfoSec convention and Las Vegas is the best place to be in August!

The workshop is titled “You Hack, We Capture: Attack Analysis with Honeypots“, lasts half a day (4 hours) and will be presented by me.

It takes place on Wednesday the 5th of August, from 8.30AM to 12.25PM.

Spots are numbered and limited! If you want to reserve a seat, you can do so via this page: https://www.bsideslv.org/registration/workshop-sign-ups/ (second to last)

Here is the workshop’s description:

Honeypots are systems aimed at deceiving malicious users or software that launch attacks against the infrastructure of various organizations. They can be deployed as protection mechanisms for an organization’s real systems, or as research units to analyze the methods employed by human hackers or malware. In this workshop we will study the operation of two research honeypots. A honeypot system will undertake the role of a web trap for attackers who target the SSH service. Another one will undertake the role of a malware collector, usually deployed by malware analysts to gather and store malicious binary samples. We will also talk about post-capturing activities and further analysis techniques. Furthermore, visualization tools and techniques will be presented, plus a honeypot bundle Linux distribution that contains pre-configured versions of the above tools and much more related utilities, which can make the deployment of honeypots an easy task.

BSidesLV

Hope to see you all in Vegas!

Page 1 of 3012345...102030...Last »