- Видео 28
- Просмотров 138 196
Jay Paul
Добавлен 2 янв 2012
Steganography Hiding In Plain Sight - Presented by: Gary Smith
"There is nothing more deceptive than an obvious fact."
Sherlock Holmes - The Boscombe Valley Mystery
Encryption gets all the headlines these days. What isn’t getting the headlines is encryption’s brother steganography. It’s been around as long as encryption and has played a vital role in secret communications since the time of the ancient Greek and Chinese empires.
This presentation will explore:
What is steganography?
Why you would want to use steganography over encryption.
The history of steganography
The Greeks
The Chinese
Steganography goes to war
Techniques used in modern steganography
Examples of steganography
Programs that use steganography
Detecting steganography
Sherlock Holmes - The Boscombe Valley Mystery
Encryption gets all the headlines these days. What isn’t getting the headlines is encryption’s brother steganography. It’s been around as long as encryption and has played a vital role in secret communications since the time of the ancient Greek and Chinese empires.
This presentation will explore:
What is steganography?
Why you would want to use steganography over encryption.
The history of steganography
The Greeks
The Chinese
Steganography goes to war
Techniques used in modern steganography
Examples of steganography
Programs that use steganography
Detecting steganography
Просмотров: 354
Видео
An Introduction to Incident Response - by Gary Smith, Pacific Northwest National Laboratory
Просмотров 2055 лет назад
It's not a matter of "if an incident occurs"; it's a matter of "when an incident occurs." Can you believe that between 73 and 77 percent of businesses have no plan for how they will do incident response? Almost eight in ten small business owners (79 percent) do not have a plan for incident response to limit the effects of a data security event. Is it any wonder that when an incident does occur,...
Polyverse Linux Security - Stop Zero-Day attacks exploiting memory vulnerabilities
Просмотров 2926 лет назад
Stop zero-day attacks with Moving-Target Defense. What is Polymorphic Linux? Polyverse Polymorphic Linux randomizes and hardens open source Linux distributions using Moving-Target Defense technologies. Polymorphic Linux creates a constantly changing attack surface extraordinarily difficult for attackers to penetrate. What does it do? Stops zero-day attacks like Spectre and Meltdown Solves patch...
Linux File System Forensics - Gary Smith from Pacific Northwest National Laboratory
Просмотров 4566 лет назад
Frequently, performing a forensic analysis of a Linux disk image is often part of an incident response to determine if a breach has occurred. Linux forensics is quite a different and fascinating world compared with Microsoft Windows forensics. In this presentation, we will analyze a disk image from a potentially compromised Linux system. We will attempt to determine the who, what, when, where, ...
Incident Response with Live Linux Forensics Gary Smith from Pacific Northwest National Laboratory
Просмотров 4406 лет назад
A major part of incident response is answering the question, "Do we have an incident?" To answer that question you can use live Linux forensics. In this presentation, we will look at the some of the steps in incident response, specifically, the preparation phase. Next we'll look at what forms of information we can gather from a live Linux system and its forensic value. Finally, we'll look at sc...
IPTables - Blacklisting IP's and Ports - Stop the Badguys
Просмотров 2,9 тыс.7 лет назад
Anyone that has run a server on the Internet for any length of time quickly learns that the Internet is full of spammers, bots, and other characters you would prefer didn't exist. One way to keep them at bay is to use blacklists with IPTables. In this talk we'll look at several sources of blacklists and how to efficiently incorporate blacklists into Linux IPTables to effectively mass block IP a...
Security and Privacy on the Web (Linuxfest Northwest 2016)
Просмотров 4848 лет назад
In the last few years, a number of new security features have become available to web developers (e.g. Content Security Policy, Strict Transport Security) and a few more are coming up (e.g. Referrer Policy, Subresource Integrity). As a browser vendor and a member of the W3C WebAppSec working group, Mozilla is busy extending the web platform to provide the tools and features that developers and ...
Log Analysis with the ELK stack (Elasticsearch, Logstash, Kibana)
Просмотров 21 тыс.9 лет назад
It’s your first day at the new job and your new manager swings by your desk to tell you about your first assignment. You’re going to be in charge of log management and log analysis. Your job is to consolidate the log output to a central location from sources all around the company, such as, web servers, mail servers, firewalls, database servers, etc. But as a starting point you’re going to be c...
Peeling Back the Layers of the Network with Security Onion
Просмотров 5 тыс.9 лет назад
Security Onion is a Linux distribution for intrusion detection, network security monitoring (NSM), and log management. It's based on Ubuntu and contains software packages such as Snort, Suricata, Bro, OSSEC, Sguil, Squert, Snorby, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minu...
FreeNas FreeBSD - Setting up your first NAS with FreeNAS
Просмотров 97910 лет назад
LinuxFest Northwest 2014 - Free NAS Free BSD dislplay
Why Bitcoin Wins: Decentralized Technology and the Coming Global Revolution
Просмотров 12810 лет назад
Come learn why bitcoin and its decentralized technology are going to rock the world. Forget what you've heard in the news, we'll tell you why bitcoin's great, how it works, and where it's going. Speaker(s): Skye Elijah Noah Judson Slides are at: linuxfestnorthwest.org/sites/default/files/slides/Why Bitcoin Wins.ppt
IPTables Tips and Tricks: More Than Just ACCEPT or DROP
Просмотров 30 тыс.10 лет назад
IPTables is a firewall, installed by default on most Linux distributions. With IPTables you can set up a host-based firewall to keep ACCEPT what you want and DROP what you don't. Would'nt you like to make your firewall more than just filter packets? How about fingerprinting the OS's of systems that touch your firewall? Maybe rate limiting incoming packets appeals to you? Are Denial-of-Service a...
Open Source Vs. Network Attackers
Просмотров 41410 лет назад
I look at my router and firewall logs and I see all the IP addresses from all over the trying to get into my systems. Is there anything I can do about it? There's a lot of things you can do. Some things are as simple as changing a daemon's defaults in its configuration file and restarting the daemon. You add dedicated watcher programs that analyze the daemon's log files and take actions based o...
Digital Forensics and Linux
Просмотров 9 тыс.11 лет назад
Digital Forensics and Linux - LinuxFest Northwest 2010 Presentation by Brian Pate: "Ever watch one of those CSI style shows where some guy is rummaging through a suspect's computer and pulling out Emails, Pictures, and Documents that all help close some case? Did you ever want to know more about how REAL digital forensics is done? In the presentation we'll go over basic forensic theories, pract...
Linux Server Hardening Tips and Techniques
Просмотров 13 тыс.11 лет назад
Linux Server Hardening Tips and Techniques - LinuxFest Northwest 2010 Presentation by Gary Smith, Information System Security Officer, Molecular Science Computing, Pacific Northwest National Laboratory, Richland, WA. "Server hardening is all about risk mitigation and minimalization. Securing your Linux server will protect your data, intellectual property, time, and reputation from those who com...
The Five Golden Principles of Security
Просмотров 1,4 тыс.11 лет назад
The Five Golden Principles of Security
Jupiter Broadcasting Setup at LinuxFest Northwest 2011
Просмотров 15811 лет назад
Jupiter Broadcasting Setup at LinuxFest Northwest 2011
Whatcom Association of Celestial Observers (W.A.C.O.)
Просмотров 6311 лет назад
Whatcom Association of Celestial Observers (W.A.C.O.)
Man In The Middle presentation at LinuxFest Northwest 2012
Просмотров 36411 лет назад
Man In The Middle presentation at LinuxFest Northwest 2012
Crash Course in Cloud Computing at LinuxFest Northwest 2012
Просмотров 20411 лет назад
Crash Course in Cloud Computing at LinuxFest Northwest 2012
Computer Security -Worst Practices at LinuxFest 2012
Просмотров 61311 лет назад
Computer Security -Worst Practices at LinuxFest 2012
George Dyson presentation at LinuxFest Northwest 2012
Просмотров 15111 лет назад
George Dyson presentation at LinuxFest Northwest 2012
Penetration Testing presentation at LinuxFest Northwest 2012
Просмотров 1,1 тыс.11 лет назад
Penetration Testing presentation at LinuxFest Northwest 2012
Many thanks for sharing. Really insightful even in 2023.
you know how to allow ssh for specific user ? how to wrire rule
quick question how would a person get blacklisted on purpose by an ip firewall like really fast
quick question how would a person get blacklisted on purpose by an ip firewall like really fast
Thank you for sharing
This video has quite a catchy title.
Gary Smith I need to talk to you please, reply to this message. It is good news, I promise.. just wanting to talk about a partnership (including you making money).
Sir could you please tell me the name of book for iptables ?
excellent presentation on iptables
On supporte !
Could you please tell me which book/material i can refer for further more understanding on iptables ?
iptables(8)
Great job
Line-ux Audit Demon Slave!!!!
Nice video
@jay Paul, how do you get your hands on all these awesome videos? specifically the ones from the gentleman Gary Smith?
Thanks for posting! I'm building an ELK and this has been one of the most useful over-views I've seen.
Thanks for this overview sir. I work with Splunk now and I agree, both tools seem very, very similar. I will test ELK out and compare myself . Appreciated-
GOD, a room full of wannabe geeks. They always think they have the answer. Every time someone raises their hand and asks a question, as he's answering their question, 3 other hands go up with "solutions" to the problem. Just let the guy do his talk. I HATE people like that. Unfortunately, lots of IT people share the "I know it all" disease. I've been in IT for 25 years and lots of IT people (who aren't really that good) act like they are better than doctors. It's sickening. I would have made them hold their "questions" until the end. All these assholes want to do is look "smart" and try and see if they can stump the guy giving the talk. I've seen it happen so many times. It's one thing to try and supplement the discussion, but it's just an asshole move to sit there and bring up stupid points.
How do I computer?
Great presentation. I learned a lot. The only thing is that Brian seems to have issues in hearing women out when they speak or have something to contribute. He seems ok with hearing the guys out but every time the woman spoke he sounded annoyed or interrupted her. This is the kind of behavior that keeps us from getting the most out of group of people (women) who are absolutely, positively suited for attention to detail and rooting out what is hidden.
Wow! Thanks for this presentation :-)
LINEUX!
a who dat a blow blow dem nose. have some manners, or go drink little mint tea.. smh..
Nice job. Try using 'iptables-apply' when making changes. It's designed to prevent you from locking yourself out of your system.
Lol murlocs?
*Sorry but this gentleman does not belong teaching this class*.
why?
To that awful person constantly blowing his/her nose. What I do when my nose is stuffed up is to stick some petroleum jelly in my nostrils and this will stop the flow of muucus from coming out. As for IPTables, I run a Linux-based laptop (Fedora). I've used Linux directly since 2005. I have a GUI interface for firewalld. However I read today that if you inadvertently BLOCK the X server, you can end up with a non-bootable system. What us Linux users NEED is a simple to use tool like Windows' ZoneAlarm from the early 2000s.
I couldn't run most of the iptables' command showed in the video :[
[10:08] The list of alternatives to Splunk: Graylog2 Nxlog Octopussy Logscape ELSA LOGanalyzer Logwatcher logHound logReport Logsurfer PHP-Syslog-NG
very gud presentation with easy to understand examples :) thx for sharing.
We are also seeing quite frequently SSH attacks from China (around 10 times a day)
***** Major one, yes but i didn't look up for the past months so it might have increased
cool username and hostname =))
good intro but hes a bit out of date on somethings.
tell us what for example ?
great tutorial prof!!!
many mistakes mate :]
Hello Sir, Where can i find good training(or materials) on the iptables to explore more ? Request you to help me on this, Thank you so much :-)
you will never be ahead of the game
Where's all the rest of these linux talks for the NW event?
LinuxFest. Using a Mac. Okay.
Links to those rules and cheatsheet guide would be cool, dude!
Answers to questions: - You can get a list of possible contexts with: seinfo --type - A list of modules: semanage module -l - List your current policy: semanage fcontext -l - Sometimes you need to use audit2allow several times. Recent case: NginX accesing thin's socket at /run/thin/*.sock needed 2 audit2allow; one after another.