1 / 22

A ttack B ox D esign 7/11/01

D0G of WAR. A ttack B ox D esign 7/11/01. Blake ~Internet Consultant~ Security Audits & WAN / LAN Infrastructure Designs Netspan@hotmail.com San Jose (408) 907-5003 / San Francisco (415) 561-9374. 1. Introduction 2. Attack Box Design: -CUJ0 OS Selection

dandre
Download Presentation

A ttack B ox D esign 7/11/01

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. D0G of WAR Attack Box Design 7/11/01

  2. Blake ~Internet Consultant~ Security Audits & WAN / LAN Infrastructure Designs Netspan@hotmail.com San Jose (408) 907-5003 / San Francisco (415) 561-9374

  3. 1. Introduction 2. Attack Box Design: -CUJ0 OS Selection Hardware Selection OS Layout Baseline Software Load Lock & Load: Extended Toolz Selection - Layout of the Lab -Zombies -Those Evil Web Servers -Fighting Back, ‘Rooting the Attacker’ -P0IS0N -Conceptual: The Death Star Design 3. Overview of Security Audits 4. Closing

  4. Building an Attack Box From the Ground Up…. ‘CUJ0’

  5. OS Selection For Tools WINDOWS (98 / NT / Win2k) LINUX BSD SOLARIS Single OS vs Multiboot

  6. Hardware Selection Via Piece-Meal (which Manufacturers, Sizing, etc ???) Motherboard, Processor(s) RAM Hard Drives Floppy NIC Cards CD Rom / CD Burner External Modem Printer Total Cost =

  7. Hardware Selection: (cont’d) • Laptops • Used Hardware • (Where to look for Cheap Stuff)

  8. Multiboot Options MBR Windows Boot.ini Lilo boot FreeBSD multiboot BootMagic System Commander MSTBoot Bootit NG VMWare

  9. OS Load Order Which one first ??? The Problems with Installations

  10. Partitions Primary Extended Logical Virtual Formatting Layout on the Hard Drives Sizing & Resizing

  11. Baseline Software Loads Different Configurations Partition Imaging of Different Loads Drive Imaging Storage

  12. TOOLZ Selection Integration Testing Evaluation Parsing the Code Making you own Scripts & Toolz

  13. Layout of the Lab for Testing Toolz Master File Server Attack, Victim, & Monitoring Boxes

  14. Network Equipment & Configurations Fractional / T1 DSL Cable Modem Dial-up Routers / Switches / Hubs Firewalls Sniffers / Network IDS

  15. Other Types of Attack Boxes (cont’d) Automated vs ‘Hands-on’ Vulnerability Scanners

  16. Other Types of Attack Boxes (cont’d) Zombies

  17. Other Types of Attack Boxes (cont’d) Those Evil Web Servers

  18. FIGHTING BACK ‘Rooting the Attacker’

  19. Other Types of Attack Boxes (cont’d) ‘P0IS0N’ The Honeypot with an Attitude (A Box That Bites Back)

  20. Other Types of Attack Boxes (cont’d) ‘The Death Star Design’

  21. PERFORMING SECURITY AUDITS Discussion

  22. END

More Related