Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Cloud computing security & forensics (manu)
1. CLOUD 9: UNCOVERING SECURITY & FORENSICS DISCOVERY IN CLOUD [CLUBHACK 2010 EDITION] byManu Zacharia MVP (Enterprise Security), C|EH, ISLA-2010 (ISC)², C|HFI, CCNA, MCP Certified ISO 27001:2005 Lead Auditor Director – Information Security US Based Consultancy Firm “Aut viam inveniam aut faciam ” Hannibal Barca
2.
3. For paying my bills – I work as Director – Information Security – US Based Consultancy.
12. The information contained in this presentation does not break any intellectual property, nor does it provide detailed information that may be in conflict with any laws (hopefully...) :)4
203. By interconnecting these resources to the internal resources of a consumers’ datacenter, usually via virtual private network (VPN) connectivity.72
204.
205. They also negotiate relationships between various cloud providers and consumers.73
283. How do you get permission to test your application running on Amazon EC2 when the results of your testing could show you data from another client completely?106
284.
285. "In networking, black holes refer to places in the network where incoming traffic is silently discarded (or "dropped"), without informing the source that the data did not reach its intended recipient." - From Wikipedia107
427. Used to spawn instances of the EDPR agent. Example:IMAGE ami-54f3103d 171
428.
429. to brute an password composed of uppercase letters, lowercase letters, and the numbers 0-9, with a length of between 1 to 8 characters against a PGP ZIP file.172
473. This can be easily achieved using the on-demand feature of cloud.196
474.
475. Amazon Web Services is already providing a good forensic feature where it can provide a MD5 hash of every file that is on the cloud system.197
476.
477.
478. Virtualization of various entities like the applications and host systems, which once used to be in-house is now scattered on the cloud.199
479.
480. Since we are acquiring data from a virtual environment, the forensic investigator should have a clear and precise understanding of how they work and what files are interesting and required to acquire.200