SlideShare ist ein Scribd-Unternehmen logo

Don't Get Hacked on Hostile WiFi

Mackenzie Morgan
Mackenzie Morgan

Presentation given at Ohio Linuxfest 2008 on how to lock down a Linux laptop for use in hostile wifi situations (ex: hacker con).

Technologie
1 von 24
Downloaden Sie, um offline zu lesen
Don't Get Cracked on Hostile WiFi Mackenzie "maco" Morgan http://ubuntulinuxtipstricks.blogspot.com Ohio Linux Fest 11 Oct 2008
Scenario  Open WiFi  Security conference  Hackers everywhere
Disclaimer  You won't be low-hanging fruit  But won't stop OSI Layer 2 attacks
Before You Go  VPN  Firewall & services  Users & passwords  DNS  Hashes  Disable SHMConfig in xorg.conf  Phone a friend
VPN  Creates encrypted tunnel  Termination point  DD-WRT on your router at home  School network  Online services
Firewall Goals  Drop all inbound on all interfaces  Minimal outbound ports on wireless interface  VPN port  DNS  Whitelist outbound ports on tunnel interface
Firewall & Services  UFW alone is insufficient  Cannot do outbound  Need to edit /etc/ufw/before.rules and /etc/default/ufw  Outbound matters  No phoning home  Drop, not reject – takes longer to port scan  No external services  Are you going to SSH into the laptop you're holding?  IPv6 firewall is ip6tables, not iptables
Default drop in UFW /etc/default/ufw IPV6=no DEFAULT_INPUT_POLICY="DROP" DEFAULT_OUTPUT_POLICY="DROP" DEFAULT_FORWARD_POLICY="DROP" But that's not enough... /etc/ufw/before.rules has these lines by default: # connection tracking for outbound -A ufw-before-output -p tcp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT -A ufw-before-output -p udp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
Other Example Rules # DNS -A ufw-before-output -p udp --dport 53 -j ACCEPT # Ping -A ufw-before-output -p icmp --icmp-type echo-request -j ACCEPT # Allow VPN running on port 4500 through wireless interface -A ufw-before-output -p 50 -d x.x.x.x -o wlan0 -j ACCEPT -A ufw-before-output -p udp -d x.x.x.x --sport 4500 --dport 4500 -o wlan0 -j ACCEPT # Allow outbound SSH, HTTP/S, Jabber, and IRC on tunnel interface -A ufw-before-output -p tcp -m multiport --dports 22,80,443,5222,6667 -o tun0 -j ACCEPT Port numbers for protocols can be found in /etc/services
Users & Passwords  Temporary strong password for you  Disable unneeded users  passwd -l  Set /bin/false as shell in /etc/passwd
DNS  Hardcode your DNS servers  /etc/dhcp3/dhclient.conf prepend domain-name-servers 208.67.222.222; prepend domain-name-servers 208.67.220.220;  DNS Sec if you're really paranoid
Hashes  Not-from-repository binaries  Configuration files  Will come in handy later
SHMConfig  Used for configuring synaptics touchpads with synclient or Gsynaptics  Creates area of 777 memory  Turn it OFF!
One Last Thing... Test your setup   Netstat  Nmap (or Zenmap)
While There  Bluetooth  Wireshark  Logs  Physical Security
Bluetooth  Can't really firewall it off  Blacklist the module  /etc/modprobe.d/blacklist  Add line "blacklist hci_usb"  Don't forget your cell phone
Wireshark & Logs  Watch /var/log/kern.log  Look for connection attempts
Physical Security  Theft of hardware isn't the only threat  Don't leave your laptop unattended  Don't let any untrusted person touch it  Use the buddy system to protect the laptop  DVDs, CDs, and flash drives: Do Not Mount
Afterward  Verify binaries  Check environment variables  Check for new services  Change password again  Use Netstat to check for oddly-open ports
Verifying binaries  From repositories  rpm -Va  debsums -c  Compare hashes of non-repository binaries with ones from before
If You're Really Worried...  Reinstall!
New Security Features  Shadow 4.1  SHA-256 and SHA-512 for /etc/shadow  MD-5 and SHA-1 are no longer recommended by NIST  Touchpad configuration can be changed without SHMConfig
Questions?
See Also  DNS Sec:  http://ubuntuforums.org/showthread.php?t=492489  NSA SNAC Guide:  http://www.nsa.gov/snac/os/redhat/rhel5-guide- i731.pdf  man iptables  IANA ports list:  http://www.iana.org/assignments/port-numbers

Empfohlen

Snort-IPS-Tutorial
Snort-IPS-TutorialSnort-IPS-Tutorial
Snort-IPS-TutorialVladimir Koychev
 
Snort
SnortSnort
Snortbala150985
 
Hardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesHardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesSalvatore Lentini
 
8 steps to protect your cisco router
8 steps to protect your cisco router8 steps to protect your cisco router
8 steps to protect your cisco routerIT Tech
 
Hacking cable modems the later years
Hacking cable modems the later yearsHacking cable modems the later years
Hacking cable modems the later yearsNullbyte Security Conference
 
From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13Jaime Sánchez
 
Snort
SnortSnort
SnortFadwa Gmiden
 
Metasploitable
MetasploitableMetasploitable
MetasploitableSri Manakula Vinayagar Engineering College
 

Empfohlen

Snort-IPS-Tutorial
Snort-IPS-TutorialSnort-IPS-Tutorial
Snort-IPS-TutorialVladimir Koychev
 
Snort
SnortSnort
Snortbala150985
 
Hardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesHardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesSalvatore Lentini
 
8 steps to protect your cisco router
8 steps to protect your cisco router8 steps to protect your cisco router
8 steps to protect your cisco routerIT Tech
 
Hacking cable modems the later years
Hacking cable modems the later yearsHacking cable modems the later years
Hacking cable modems the later yearsNullbyte Security Conference
 
From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13Jaime Sánchez
 
Snort
SnortSnort
SnortFadwa Gmiden
 
Metasploitable
MetasploitableMetasploitable
MetasploitableSri Manakula Vinayagar Engineering College
 
Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEamiable_indian
 
Unidade3 roteiro proxy
Unidade3 roteiro proxyUnidade3 roteiro proxy
Unidade3 roteiro proxyLeandro Almeida
 
C&C Botnet Factory
C&C Botnet FactoryC&C Botnet Factory
C&C Botnet FactoryNullbyte Security Conference
 
Security & ethical hacking p2
Security & ethical hacking p2Security & ethical hacking p2
Security & ethical hacking p2ratnalajaggu
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort webhostingguy
 
Network Security Nmap N Nessus
Network Security Nmap N NessusNetwork Security Nmap N Nessus
Network Security Nmap N NessusUtkarsh Verma
 
IDS & Passive Network Defense
IDS & Passive Network DefenseIDS & Passive Network Defense
IDS & Passive Network DefenseSalvatore Lentini
 
Hunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsHunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsAndrew Case
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with SnortNarudom Roongsiriwong, CISSP
 
Security & ethical hacking
Security & ethical hackingSecurity & ethical hacking
Security & ethical hackingAmanpreet Singh
 
All About Snort
All About SnortAll About Snort
All About Snort28pranjal
 
snortinstallguide
snortinstallguidesnortinstallguide
snortinstallguideLiễu Hồng
 
Snort
SnortSnort
SnortMichael Boman
 
Snort
SnortSnort
Snortnazzf
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
DefCon 2012 - Hardware Backdooring (Slides)
DefCon 2012 - Hardware Backdooring (Slides)DefCon 2012 - Hardware Backdooring (Slides)
DefCon 2012 - Hardware Backdooring (Slides)Michael Smith
 
Dynamic Port Scanning
Dynamic Port ScanningDynamic Port Scanning
Dynamic Port Scanningamiable_indian
 
Dji phantom 2 vision vision+ open wrt webgui install
Dji phantom 2 vision vision+ open wrt webgui installDji phantom 2 vision vision+ open wrt webgui install
Dji phantom 2 vision vision+ open wrt webgui installSeyoung Park
 
GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-Naoto MATSUMOTO
 
Linux internet server security and configuration tutorial
Linux internet server security and configuration tutorialLinux internet server security and configuration tutorial
Linux internet server security and configuration tutorialannik147
 
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesIETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesMark Smith
 
Simplest-Ownage-Human-Observed… - Routers
Simplest-Ownage-Human-Observed… - Routers Simplest-Ownage-Human-Observed… - Routers
Simplest-Ownage-Human-Observed… - RoutersLogicaltrust pl
 

Weitere ähnliche Inhalte

Was ist angesagt?

Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEamiable_indian
 
Security & ethical hacking p2
Security & ethical hacking p2Security & ethical hacking p2
Security & ethical hacking p2ratnalajaggu
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort webhostingguy
 
Network Security Nmap N Nessus
Network Security Nmap N NessusNetwork Security Nmap N Nessus
Network Security Nmap N NessusUtkarsh Verma
 
IDS & Passive Network Defense
IDS & Passive Network DefenseIDS & Passive Network Defense
IDS & Passive Network DefenseSalvatore Lentini
 
Hunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsHunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsAndrew Case
 
Security & ethical hacking
Security & ethical hackingSecurity & ethical hacking
Security & ethical hackingAmanpreet Singh
 
All About Snort
All About SnortAll About Snort
All About Snort28pranjal
 
Snort
SnortSnort
Snortnazzf
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
DefCon 2012 - Hardware Backdooring (Slides)
DefCon 2012 - Hardware Backdooring (Slides)DefCon 2012 - Hardware Backdooring (Slides)
DefCon 2012 - Hardware Backdooring (Slides)Michael Smith
 
Dji phantom 2 vision vision+ open wrt webgui install
Dji phantom 2 vision vision+ open wrt webgui installDji phantom 2 vision vision+ open wrt webgui install
Dji phantom 2 vision vision+ open wrt webgui installSeyoung Park
 
GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-Naoto MATSUMOTO
 

Was ist angesagt? (19)

Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoE
 
Unidade3 roteiro proxy
Unidade3 roteiro proxyUnidade3 roteiro proxy
Unidade3 roteiro proxy
 
C&C Botnet Factory
C&C Botnet FactoryC&C Botnet Factory
C&C Botnet Factory
 
Security & ethical hacking p2
Security & ethical hacking p2Security & ethical hacking p2
Security & ethical hacking p2
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort
 
Network Security Nmap N Nessus
Network Security Nmap N NessusNetwork Security Nmap N Nessus
Network Security Nmap N Nessus
 
IDS & Passive Network Defense
IDS & Passive Network DefenseIDS & Passive Network Defense
IDS & Passive Network Defense
 
Hunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsHunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory Forensics
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with Snort
 
Security & ethical hacking
Security & ethical hackingSecurity & ethical hacking
Security & ethical hacking
 
All About Snort
All About SnortAll About Snort
All About Snort
 
snortinstallguide
snortinstallguidesnortinstallguide
snortinstallguide
 
Snort
SnortSnort
Snort
 
Snort
SnortSnort
Snort
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 
DefCon 2012 - Hardware Backdooring (Slides)
DefCon 2012 - Hardware Backdooring (Slides)DefCon 2012 - Hardware Backdooring (Slides)
DefCon 2012 - Hardware Backdooring (Slides)
 
Dynamic Port Scanning
Dynamic Port ScanningDynamic Port Scanning
Dynamic Port Scanning
 
Dji phantom 2 vision vision+ open wrt webgui install
Dji phantom 2 vision vision+ open wrt webgui installDji phantom 2 vision vision+ open wrt webgui install
Dji phantom 2 vision vision+ open wrt webgui install
 
GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-
 

Ähnlich wie Don't Get Hacked on Hostile WiFi

Linux internet server security and configuration tutorial
Linux internet server security and configuration tutorialLinux internet server security and configuration tutorial
Linux internet server security and configuration tutorialannik147
 
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesIETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesMark Smith
 
Simplest-Ownage-Human-Observed… - Routers
Simplest-Ownage-Human-Observed… - Routers Simplest-Ownage-Human-Observed… - Routers
Simplest-Ownage-Human-Observed… - RoutersLogicaltrust pl
 
Filip palian mateuszkocielski. simplest ownage human observed… routers
Filip palian mateuszkocielski. simplest ownage human observed… routersFilip palian mateuszkocielski. simplest ownage human observed… routers
Filip palian mateuszkocielski. simplest ownage human observed… routersYury Chemerkin
 
bh-us-02-murphey-freebsd
bh-us-02-murphey-freebsdbh-us-02-murphey-freebsd
bh-us-02-murphey-freebsdwebuploader
 
Wireless Cyber Warfare
Wireless Cyber WarfareWireless Cyber Warfare
Wireless Cyber Warfareideaflashed
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commandsHanan Nmr
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...Zoltan Balazs
 
Hands on Virtualization with Ganeti
Hands on Virtualization with GanetiHands on Virtualization with Ganeti
Hands on Virtualization with GanetiOSCON Byrum
 
IPv6-Hardening.pdf
IPv6-Hardening.pdfIPv6-Hardening.pdf
IPv6-Hardening.pdfMustafazer21
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...idsecconf
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Needamiable_indian
 
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliDefcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliPriyanka Aash
 
Squid proxy server
Squid proxy serverSquid proxy server
Squid proxy serverGreen Jb
 
Linux security quick reference guide
Linux security quick reference guideLinux security quick reference guide
Linux security quick reference guideCraig Cannon
 
Server hardening
Server hardeningServer hardening
Server hardeningTeja Babu
 

Ähnlich wie Don't Get Hacked on Hostile WiFi (20)

Linux internet server security and configuration tutorial
Linux internet server security and configuration tutorialLinux internet server security and configuration tutorial
Linux internet server security and configuration tutorial
 
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesIETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
 
Simplest-Ownage-Human-Observed… - Routers
Simplest-Ownage-Human-Observed… - Routers Simplest-Ownage-Human-Observed… - Routers
Simplest-Ownage-Human-Observed… - Routers
 
Filip palian mateuszkocielski. simplest ownage human observed… routers
Filip palian mateuszkocielski. simplest ownage human observed… routersFilip palian mateuszkocielski. simplest ownage human observed… routers
Filip palian mateuszkocielski. simplest ownage human observed… routers
 
bh-us-02-murphey-freebsd
bh-us-02-murphey-freebsdbh-us-02-murphey-freebsd
bh-us-02-murphey-freebsd
 
Essential security for linux servers
Essential security for linux serversEssential security for linux servers
Essential security for linux servers
 
Wireless Cyber Warfare
Wireless Cyber WarfareWireless Cyber Warfare
Wireless Cyber Warfare
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commands
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
 
Hands on Virtualization with Ganeti
Hands on Virtualization with GanetiHands on Virtualization with Ganeti
Hands on Virtualization with Ganeti
 
Securing Asterisk: A practical approach
Securing Asterisk: A practical approachSecuring Asterisk: A practical approach
Securing Asterisk: A practical approach
 
IPv6-Hardening.pdf
IPv6-Hardening.pdfIPv6-Hardening.pdf
IPv6-Hardening.pdf
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Need
 
Linux Hardening - nullhyd
Linux Hardening - nullhydLinux Hardening - nullhyd
Linux Hardening - nullhyd
 
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliDefcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
 
Squid proxy server
Squid proxy serverSquid proxy server
Squid proxy server
 
Linux security quick reference guide
Linux security quick reference guideLinux security quick reference guide
Linux security quick reference guide
 
OpenVPN
OpenVPNOpenVPN
OpenVPN
 
Server hardening
Server hardeningServer hardening
Server hardening
 

Kürzlich hochgeladen

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 

Kürzlich hochgeladen (20)

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 

Don't Get Hacked on Hostile WiFi

  • 1. Don't Get Cracked on Hostile WiFi Mackenzie "maco" Morgan http://ubuntulinuxtipstricks.blogspot.com Ohio Linux Fest 11 Oct 2008
  • 2. Scenario  Open WiFi  Security conference  Hackers everywhere
  • 3. Disclaimer  You won't be low-hanging fruit  But won't stop OSI Layer 2 attacks
  • 4. Before You Go  VPN  Firewall & services  Users & passwords  DNS  Hashes  Disable SHMConfig in xorg.conf  Phone a friend
  • 5. VPN  Creates encrypted tunnel  Termination point  DD-WRT on your router at home  School network  Online services
  • 6. Firewall Goals  Drop all inbound on all interfaces  Minimal outbound ports on wireless interface  VPN port  DNS  Whitelist outbound ports on tunnel interface
  • 7. Firewall & Services  UFW alone is insufficient  Cannot do outbound  Need to edit /etc/ufw/before.rules and /etc/default/ufw  Outbound matters  No phoning home  Drop, not reject – takes longer to port scan  No external services  Are you going to SSH into the laptop you're holding?  IPv6 firewall is ip6tables, not iptables
  • 8. Default drop in UFW /etc/default/ufw IPV6=no DEFAULT_INPUT_POLICY="DROP" DEFAULT_OUTPUT_POLICY="DROP" DEFAULT_FORWARD_POLICY="DROP" But that's not enough... /etc/ufw/before.rules has these lines by default: # connection tracking for outbound -A ufw-before-output -p tcp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT -A ufw-before-output -p udp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
  • 9. Other Example Rules # DNS -A ufw-before-output -p udp --dport 53 -j ACCEPT # Ping -A ufw-before-output -p icmp --icmp-type echo-request -j ACCEPT # Allow VPN running on port 4500 through wireless interface -A ufw-before-output -p 50 -d x.x.x.x -o wlan0 -j ACCEPT -A ufw-before-output -p udp -d x.x.x.x --sport 4500 --dport 4500 -o wlan0 -j ACCEPT # Allow outbound SSH, HTTP/S, Jabber, and IRC on tunnel interface -A ufw-before-output -p tcp -m multiport --dports 22,80,443,5222,6667 -o tun0 -j ACCEPT Port numbers for protocols can be found in /etc/services
  • 10. Users & Passwords  Temporary strong password for you  Disable unneeded users  passwd -l  Set /bin/false as shell in /etc/passwd
  • 11. DNS  Hardcode your DNS servers  /etc/dhcp3/dhclient.conf prepend domain-name-servers 208.67.222.222; prepend domain-name-servers 208.67.220.220;  DNS Sec if you're really paranoid
  • 12. Hashes  Not-from-repository binaries  Configuration files  Will come in handy later
  • 13. SHMConfig  Used for configuring synaptics touchpads with synclient or Gsynaptics  Creates area of 777 memory  Turn it OFF!
  • 14. One Last Thing... Test your setup   Netstat  Nmap (or Zenmap)
  • 15. While There  Bluetooth  Wireshark  Logs  Physical Security
  • 16. Bluetooth  Can't really firewall it off  Blacklist the module  /etc/modprobe.d/blacklist  Add line "blacklist hci_usb"  Don't forget your cell phone
  • 17. Wireshark & Logs  Watch /var/log/kern.log  Look for connection attempts
  • 18. Physical Security  Theft of hardware isn't the only threat  Don't leave your laptop unattended  Don't let any untrusted person touch it  Use the buddy system to protect the laptop  DVDs, CDs, and flash drives: Do Not Mount
  • 19. Afterward  Verify binaries  Check environment variables  Check for new services  Change password again  Use Netstat to check for oddly-open ports
  • 20. Verifying binaries  From repositories  rpm -Va  debsums -c  Compare hashes of non-repository binaries with ones from before
  • 21. If You're Really Worried...  Reinstall!
  • 22. New Security Features  Shadow 4.1  SHA-256 and SHA-512 for /etc/shadow  MD-5 and SHA-1 are no longer recommended by NIST  Touchpad configuration can be changed without SHMConfig
  • 24. See Also  DNS Sec:  http://ubuntuforums.org/showthread.php?t=492489  NSA SNAC Guide:  http://www.nsa.gov/snac/os/redhat/rhel5-guide- i731.pdf  man iptables  IANA ports list:  http://www.iana.org/assignments/port-numbers