SlideShare una empresa de Scribd logo

Don't Get Hacked on Hostile WiFi

Mackenzie Morgan
Mackenzie Morgan

Presentation given at Ohio Linuxfest 2008 on how to lock down a Linux laptop for use in hostile wifi situations (ex: hacker con).

Tecnología
1 de 24
Descargar para leer sin conexión
Don't Get Cracked on Hostile WiFi Mackenzie "maco" Morgan http://ubuntulinuxtipstricks.blogspot.com Ohio Linux Fest 11 Oct 2008
Scenario  Open WiFi  Security conference  Hackers everywhere
Disclaimer  You won't be low-hanging fruit  But won't stop OSI Layer 2 attacks
Before You Go  VPN  Firewall & services  Users & passwords  DNS  Hashes  Disable SHMConfig in xorg.conf  Phone a friend
VPN  Creates encrypted tunnel  Termination point  DD-WRT on your router at home  School network  Online services
Firewall Goals  Drop all inbound on all interfaces  Minimal outbound ports on wireless interface  VPN port  DNS  Whitelist outbound ports on tunnel interface
Firewall & Services  UFW alone is insufficient  Cannot do outbound  Need to edit /etc/ufw/before.rules and /etc/default/ufw  Outbound matters  No phoning home  Drop, not reject – takes longer to port scan  No external services  Are you going to SSH into the laptop you're holding?  IPv6 firewall is ip6tables, not iptables
Default drop in UFW /etc/default/ufw IPV6=no DEFAULT_INPUT_POLICY="DROP" DEFAULT_OUTPUT_POLICY="DROP" DEFAULT_FORWARD_POLICY="DROP" But that's not enough... /etc/ufw/before.rules has these lines by default: # connection tracking for outbound -A ufw-before-output -p tcp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT -A ufw-before-output -p udp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
Other Example Rules # DNS -A ufw-before-output -p udp --dport 53 -j ACCEPT # Ping -A ufw-before-output -p icmp --icmp-type echo-request -j ACCEPT # Allow VPN running on port 4500 through wireless interface -A ufw-before-output -p 50 -d x.x.x.x -o wlan0 -j ACCEPT -A ufw-before-output -p udp -d x.x.x.x --sport 4500 --dport 4500 -o wlan0 -j ACCEPT # Allow outbound SSH, HTTP/S, Jabber, and IRC on tunnel interface -A ufw-before-output -p tcp -m multiport --dports 22,80,443,5222,6667 -o tun0 -j ACCEPT Port numbers for protocols can be found in /etc/services
Users & Passwords  Temporary strong password for you  Disable unneeded users  passwd -l  Set /bin/false as shell in /etc/passwd
DNS  Hardcode your DNS servers  /etc/dhcp3/dhclient.conf prepend domain-name-servers 208.67.222.222; prepend domain-name-servers 208.67.220.220;  DNS Sec if you're really paranoid
Hashes  Not-from-repository binaries  Configuration files  Will come in handy later
SHMConfig  Used for configuring synaptics touchpads with synclient or Gsynaptics  Creates area of 777 memory  Turn it OFF!
One Last Thing... Test your setup   Netstat  Nmap (or Zenmap)
While There  Bluetooth  Wireshark  Logs  Physical Security
Bluetooth  Can't really firewall it off  Blacklist the module  /etc/modprobe.d/blacklist  Add line "blacklist hci_usb"  Don't forget your cell phone
Wireshark & Logs  Watch /var/log/kern.log  Look for connection attempts
Physical Security  Theft of hardware isn't the only threat  Don't leave your laptop unattended  Don't let any untrusted person touch it  Use the buddy system to protect the laptop  DVDs, CDs, and flash drives: Do Not Mount
Afterward  Verify binaries  Check environment variables  Check for new services  Change password again  Use Netstat to check for oddly-open ports
Verifying binaries  From repositories  rpm -Va  debsums -c  Compare hashes of non-repository binaries with ones from before
If You're Really Worried...  Reinstall!
New Security Features  Shadow 4.1  SHA-256 and SHA-512 for /etc/shadow  MD-5 and SHA-1 are no longer recommended by NIST  Touchpad configuration can be changed without SHMConfig
Questions?
See Also  DNS Sec:  http://ubuntuforums.org/showthread.php?t=492489  NSA SNAC Guide:  http://www.nsa.gov/snac/os/redhat/rhel5-guide- i731.pdf  man iptables  IANA ports list:  http://www.iana.org/assignments/port-numbers

Recomendados

Snort-IPS-Tutorial
Snort-IPS-TutorialSnort-IPS-Tutorial
Snort-IPS-TutorialVladimir Koychev
 
Snort
SnortSnort
Snortbala150985
 
Hardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesHardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesSalvatore Lentini
 
8 steps to protect your cisco router
8 steps to protect your cisco router8 steps to protect your cisco router
8 steps to protect your cisco routerIT Tech
 
Hacking cable modems the later years
Hacking cable modems the later yearsHacking cable modems the later years
Hacking cable modems the later yearsNullbyte Security Conference
 
From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13Jaime Sánchez
 
Snort
SnortSnort
SnortFadwa Gmiden
 
Metasploitable
MetasploitableMetasploitable
MetasploitableSri Manakula Vinayagar Engineering College
 

Recomendados

Snort-IPS-Tutorial
Snort-IPS-TutorialSnort-IPS-Tutorial
Snort-IPS-TutorialVladimir Koychev
 
Snort
SnortSnort
Snortbala150985
 
Hardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesHardening Three - IDS/IPS Technologies
Hardening Three - IDS/IPS TechnologiesSalvatore Lentini
 
8 steps to protect your cisco router
8 steps to protect your cisco router8 steps to protect your cisco router
8 steps to protect your cisco routerIT Tech
 
Hacking cable modems the later years
Hacking cable modems the later yearsHacking cable modems the later years
Hacking cable modems the later yearsNullbyte Security Conference
 
From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13Jaime Sánchez
 
Snort
SnortSnort
SnortFadwa Gmiden
 
Metasploitable
MetasploitableMetasploitable
MetasploitableSri Manakula Vinayagar Engineering College
 
Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEamiable_indian
 
Unidade3 roteiro proxy
Unidade3 roteiro proxyUnidade3 roteiro proxy
Unidade3 roteiro proxyLeandro Almeida
 
C&C Botnet Factory
C&C Botnet FactoryC&C Botnet Factory
C&C Botnet FactoryNullbyte Security Conference
 
Security & ethical hacking p2
Security & ethical hacking p2Security & ethical hacking p2
Security & ethical hacking p2ratnalajaggu
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort webhostingguy
 
Network Security Nmap N Nessus
Network Security Nmap N NessusNetwork Security Nmap N Nessus
Network Security Nmap N NessusUtkarsh Verma
 
IDS & Passive Network Defense
IDS & Passive Network DefenseIDS & Passive Network Defense
IDS & Passive Network DefenseSalvatore Lentini
 
Hunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsHunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsAndrew Case
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with SnortNarudom Roongsiriwong, CISSP
 
Security & ethical hacking
Security & ethical hackingSecurity & ethical hacking
Security & ethical hackingAmanpreet Singh
 
All About Snort
All About SnortAll About Snort
All About Snort28pranjal
 
snortinstallguide
snortinstallguidesnortinstallguide
snortinstallguideLiễu Hồng
 
Snort
SnortSnort
SnortMichael Boman
 
Snort
SnortSnort
Snortnazzf
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
DefCon 2012 - Hardware Backdooring (Slides)
DefCon 2012 - Hardware Backdooring (Slides)DefCon 2012 - Hardware Backdooring (Slides)
DefCon 2012 - Hardware Backdooring (Slides)Michael Smith
 
Dynamic Port Scanning
Dynamic Port ScanningDynamic Port Scanning
Dynamic Port Scanningamiable_indian
 
Dji phantom 2 vision vision+ open wrt webgui install
Dji phantom 2 vision vision+ open wrt webgui installDji phantom 2 vision vision+ open wrt webgui install
Dji phantom 2 vision vision+ open wrt webgui installSeyoung Park
 
GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-Naoto MATSUMOTO
 
Linux internet server security and configuration tutorial
Linux internet server security and configuration tutorialLinux internet server security and configuration tutorial
Linux internet server security and configuration tutorialannik147
 
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesIETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesMark Smith
 
Filip palian mateuszkocielski. simplest ownage human observed… routers
Filip palian mateuszkocielski. simplest ownage human observed… routersFilip palian mateuszkocielski. simplest ownage human observed… routers
Filip palian mateuszkocielski. simplest ownage human observed… routersYury Chemerkin
 

Más contenido relacionado

La actualidad más candente

Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEamiable_indian
 
Security & ethical hacking p2
Security & ethical hacking p2Security & ethical hacking p2
Security & ethical hacking p2ratnalajaggu
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort webhostingguy
 
Network Security Nmap N Nessus
Network Security Nmap N NessusNetwork Security Nmap N Nessus
Network Security Nmap N NessusUtkarsh Verma
 
IDS & Passive Network Defense
IDS & Passive Network DefenseIDS & Passive Network Defense
IDS & Passive Network DefenseSalvatore Lentini
 
Hunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsHunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsAndrew Case
 
Security & ethical hacking
Security & ethical hackingSecurity & ethical hacking
Security & ethical hackingAmanpreet Singh
 
All About Snort
All About SnortAll About Snort
All About Snort28pranjal
 
Snort
SnortSnort
Snortnazzf
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
DefCon 2012 - Hardware Backdooring (Slides)
DefCon 2012 - Hardware Backdooring (Slides)DefCon 2012 - Hardware Backdooring (Slides)
DefCon 2012 - Hardware Backdooring (Slides)Michael Smith
 
Dji phantom 2 vision vision+ open wrt webgui install
Dji phantom 2 vision vision+ open wrt webgui installDji phantom 2 vision vision+ open wrt webgui install
Dji phantom 2 vision vision+ open wrt webgui installSeyoung Park
 
GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-Naoto MATSUMOTO
 

La actualidad más candente (19)

Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoE
 
Unidade3 roteiro proxy
Unidade3 roteiro proxyUnidade3 roteiro proxy
Unidade3 roteiro proxy
 
C&C Botnet Factory
C&C Botnet FactoryC&C Botnet Factory
C&C Botnet Factory
 
Security & ethical hacking p2
Security & ethical hacking p2Security & ethical hacking p2
Security & ethical hacking p2
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort
 
Network Security Nmap N Nessus
Network Security Nmap N NessusNetwork Security Nmap N Nessus
Network Security Nmap N Nessus
 
IDS & Passive Network Defense
IDS & Passive Network DefenseIDS & Passive Network Defense
IDS & Passive Network Defense
 
Hunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsHunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory Forensics
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with Snort
 
Security & ethical hacking
Security & ethical hackingSecurity & ethical hacking
Security & ethical hacking
 
All About Snort
All About SnortAll About Snort
All About Snort
 
snortinstallguide
snortinstallguidesnortinstallguide
snortinstallguide
 
Snort
SnortSnort
Snort
 
Snort
SnortSnort
Snort
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 
DefCon 2012 - Hardware Backdooring (Slides)
DefCon 2012 - Hardware Backdooring (Slides)DefCon 2012 - Hardware Backdooring (Slides)
DefCon 2012 - Hardware Backdooring (Slides)
 
Dynamic Port Scanning
Dynamic Port ScanningDynamic Port Scanning
Dynamic Port Scanning
 
Dji phantom 2 vision vision+ open wrt webgui install
Dji phantom 2 vision vision+ open wrt webgui installDji phantom 2 vision vision+ open wrt webgui install
Dji phantom 2 vision vision+ open wrt webgui install
 
GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-
 

Similar a Don't Get Hacked on Hostile WiFi

Linux internet server security and configuration tutorial
Linux internet server security and configuration tutorialLinux internet server security and configuration tutorial
Linux internet server security and configuration tutorialannik147
 
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesIETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesMark Smith
 
Filip palian mateuszkocielski. simplest ownage human observed… routers
Filip palian mateuszkocielski. simplest ownage human observed… routersFilip palian mateuszkocielski. simplest ownage human observed… routers
Filip palian mateuszkocielski. simplest ownage human observed… routersYury Chemerkin
 
Simplest-Ownage-Human-Observed… - Routers
Simplest-Ownage-Human-Observed… - Routers Simplest-Ownage-Human-Observed… - Routers
Simplest-Ownage-Human-Observed… - RoutersLogicaltrust pl
 
bh-us-02-murphey-freebsd
bh-us-02-murphey-freebsdbh-us-02-murphey-freebsd
bh-us-02-murphey-freebsdwebuploader
 
Wireshark OTG Extend your Wireshark with extcap.pdf
Wireshark OTG Extend your Wireshark with extcap.pdfWireshark OTG Extend your Wireshark with extcap.pdf
Wireshark OTG Extend your Wireshark with extcap.pdfMegumi Takeshita
 
Wireless Cyber Warfare
Wireless Cyber WarfareWireless Cyber Warfare
Wireless Cyber Warfareideaflashed
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commandsHanan Nmr
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...Zoltan Balazs
 
Hands on Virtualization with Ganeti
Hands on Virtualization with GanetiHands on Virtualization with Ganeti
Hands on Virtualization with GanetiOSCON Byrum
 
IPv6-Hardening.pdf
IPv6-Hardening.pdfIPv6-Hardening.pdf
IPv6-Hardening.pdfMustafazer21
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...idsecconf
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Needamiable_indian
 
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliDefcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliPriyanka Aash
 
Squid proxy server
Squid proxy serverSquid proxy server
Squid proxy serverGreen Jb
 
Linux security quick reference guide
Linux security quick reference guideLinux security quick reference guide
Linux security quick reference guideCraig Cannon
 

Similar a Don't Get Hacked on Hostile WiFi (20)

Linux internet server security and configuration tutorial
Linux internet server security and configuration tutorialLinux internet server security and configuration tutorial
Linux internet server security and configuration tutorial
 
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesIETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
 
Filip palian mateuszkocielski. simplest ownage human observed… routers
Filip palian mateuszkocielski. simplest ownage human observed… routersFilip palian mateuszkocielski. simplest ownage human observed… routers
Filip palian mateuszkocielski. simplest ownage human observed… routers
 
Simplest-Ownage-Human-Observed… - Routers
Simplest-Ownage-Human-Observed… - Routers Simplest-Ownage-Human-Observed… - Routers
Simplest-Ownage-Human-Observed… - Routers
 
bh-us-02-murphey-freebsd
bh-us-02-murphey-freebsdbh-us-02-murphey-freebsd
bh-us-02-murphey-freebsd
 
Wireshark OTG Extend your Wireshark with extcap.pdf
Wireshark OTG Extend your Wireshark with extcap.pdfWireshark OTG Extend your Wireshark with extcap.pdf
Wireshark OTG Extend your Wireshark with extcap.pdf
 
Essential security for linux servers
Essential security for linux serversEssential security for linux servers
Essential security for linux servers
 
Wireless Cyber Warfare
Wireless Cyber WarfareWireless Cyber Warfare
Wireless Cyber Warfare
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commands
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
 
Hands on Virtualization with Ganeti
Hands on Virtualization with GanetiHands on Virtualization with Ganeti
Hands on Virtualization with Ganeti
 
Securing Asterisk: A practical approach
Securing Asterisk: A practical approachSecuring Asterisk: A practical approach
Securing Asterisk: A practical approach
 
IPv6-Hardening.pdf
IPv6-Hardening.pdfIPv6-Hardening.pdf
IPv6-Hardening.pdf
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Need
 
Linux Hardening - nullhyd
Linux Hardening - nullhydLinux Hardening - nullhyd
Linux Hardening - nullhyd
 
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliDefcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
 
Squid proxy server
Squid proxy serverSquid proxy server
Squid proxy server
 
Linux security quick reference guide
Linux security quick reference guideLinux security quick reference guide
Linux security quick reference guide
 
OpenVPN
OpenVPNOpenVPN
OpenVPN
 

Último

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 

Último (20)

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 

Don't Get Hacked on Hostile WiFi

  • 1. Don't Get Cracked on Hostile WiFi Mackenzie "maco" Morgan http://ubuntulinuxtipstricks.blogspot.com Ohio Linux Fest 11 Oct 2008
  • 2. Scenario  Open WiFi  Security conference  Hackers everywhere
  • 3. Disclaimer  You won't be low-hanging fruit  But won't stop OSI Layer 2 attacks
  • 4. Before You Go  VPN  Firewall & services  Users & passwords  DNS  Hashes  Disable SHMConfig in xorg.conf  Phone a friend
  • 5. VPN  Creates encrypted tunnel  Termination point  DD-WRT on your router at home  School network  Online services
  • 6. Firewall Goals  Drop all inbound on all interfaces  Minimal outbound ports on wireless interface  VPN port  DNS  Whitelist outbound ports on tunnel interface
  • 7. Firewall & Services  UFW alone is insufficient  Cannot do outbound  Need to edit /etc/ufw/before.rules and /etc/default/ufw  Outbound matters  No phoning home  Drop, not reject – takes longer to port scan  No external services  Are you going to SSH into the laptop you're holding?  IPv6 firewall is ip6tables, not iptables
  • 8. Default drop in UFW /etc/default/ufw IPV6=no DEFAULT_INPUT_POLICY="DROP" DEFAULT_OUTPUT_POLICY="DROP" DEFAULT_FORWARD_POLICY="DROP" But that's not enough... /etc/ufw/before.rules has these lines by default: # connection tracking for outbound -A ufw-before-output -p tcp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT -A ufw-before-output -p udp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
  • 9. Other Example Rules # DNS -A ufw-before-output -p udp --dport 53 -j ACCEPT # Ping -A ufw-before-output -p icmp --icmp-type echo-request -j ACCEPT # Allow VPN running on port 4500 through wireless interface -A ufw-before-output -p 50 -d x.x.x.x -o wlan0 -j ACCEPT -A ufw-before-output -p udp -d x.x.x.x --sport 4500 --dport 4500 -o wlan0 -j ACCEPT # Allow outbound SSH, HTTP/S, Jabber, and IRC on tunnel interface -A ufw-before-output -p tcp -m multiport --dports 22,80,443,5222,6667 -o tun0 -j ACCEPT Port numbers for protocols can be found in /etc/services
  • 10. Users & Passwords  Temporary strong password for you  Disable unneeded users  passwd -l  Set /bin/false as shell in /etc/passwd
  • 11. DNS  Hardcode your DNS servers  /etc/dhcp3/dhclient.conf prepend domain-name-servers 208.67.222.222; prepend domain-name-servers 208.67.220.220;  DNS Sec if you're really paranoid
  • 12. Hashes  Not-from-repository binaries  Configuration files  Will come in handy later
  • 13. SHMConfig  Used for configuring synaptics touchpads with synclient or Gsynaptics  Creates area of 777 memory  Turn it OFF!
  • 14. One Last Thing... Test your setup   Netstat  Nmap (or Zenmap)
  • 15. While There  Bluetooth  Wireshark  Logs  Physical Security
  • 16. Bluetooth  Can't really firewall it off  Blacklist the module  /etc/modprobe.d/blacklist  Add line "blacklist hci_usb"  Don't forget your cell phone
  • 17. Wireshark & Logs  Watch /var/log/kern.log  Look for connection attempts
  • 18. Physical Security  Theft of hardware isn't the only threat  Don't leave your laptop unattended  Don't let any untrusted person touch it  Use the buddy system to protect the laptop  DVDs, CDs, and flash drives: Do Not Mount
  • 19. Afterward  Verify binaries  Check environment variables  Check for new services  Change password again  Use Netstat to check for oddly-open ports
  • 20. Verifying binaries  From repositories  rpm -Va  debsums -c  Compare hashes of non-repository binaries with ones from before
  • 21. If You're Really Worried...  Reinstall!
  • 22. New Security Features  Shadow 4.1  SHA-256 and SHA-512 for /etc/shadow  MD-5 and SHA-1 are no longer recommended by NIST  Touchpad configuration can be changed without SHMConfig
  • 24. See Also  DNS Sec:  http://ubuntuforums.org/showthread.php?t=492489  NSA SNAC Guide:  http://www.nsa.gov/snac/os/redhat/rhel5-guide- i731.pdf  man iptables  IANA ports list:  http://www.iana.org/assignments/port-numbers