Ag3nt47 Security – Shmoocon 2013 – Identity Based Internet Protocol

Description: David Pisano
The Identity-Based Internet Protocol (IBIP) Network project is experimenting with a new enterprise oriented network architecture using standard IPv6 to encode user and host identity (ID) information into the IP address. Our motivation is to increase our security posture by leveraging identity, reducing our threat exposure, enhancing situational understanding of our environment, and simplifying network operations. Our current implementation uses credentials from the Common Access Card (CAC) and from the computer’s Trusted Platform Module (TPM) to establish a host and user ID and IP address. A registration process (built on top of 802.1x) that occurs between the host and a RADIUS server. After validating the credentials, the RADIUS server then automatically configures the edge router, fronting the host, with appropriate access privileges so that no IP address spoofing (or impersonation) is permitted. Hosts that are client machines do not have their IP addresses advertised, making them unreachable or hidden from reconnaissance initiated by other clients. Servers have their IP addresses advertised as usual. A unique IPv6 extension header was conceived to enable return traffic to hidden clients. Access controls are created and deployed from the RADIUS server without human intervention, enforcing established policies.

David earned a B.S. in Applied Networking and Systems Administration and an M.S. in Networking and Systems Administration from Rochester Institute of Technology. He is a contributor to The Honeynet Project. Professionally, David is active in research in the fields of network engineering and network security. His interests include data visualization and data correlation. David has coauthored multiple peer-reviewed papers in the fields of networking and cyber security.


Ag3nt47 Security – Shmoocon 2013 – Mainframed The Secrets Inside That Black Box

Description: Phil Young
The mainframe is not legacy, far from it. Not only is it not legacy, but the majority of fortune 100 companies run a current and up to date mainframe OS. Airline, insurance, financial, power and oil industries, governments and three letter agencies, worldwide, run them, yet no one in the community knows how to properly tackle these ‘iron beasts’. Be it a lack of access by the security community or the false notion that mainframes are dead, there is a distinct gap between the IT security world and the mainframe world. This presentation aims to help close this gap by talking about common security pitfalls on the mainframe and how you can take advantage of, or secure against, them. After this talk you’ll be able to talk intelligently about mainframes, use SHODAN to find mainframes, enumerate and brute force users, crack the password database with John the Ripper and run netcat. Since mainframes are a big world, I will also show you how you can run your own mainframe at home on whatever old laptop you’ve got laying around using opensource software so that you too can get your hands dirty!

Ever since he saw the movie TRON, Phil has been fascinated with computers, mainframes especially. Throughout his career he’s had the chance to review mainframe security at various large organizations. He has worked in IT security for 9 years but ever since he learned you could emulate your own mainframe he’s been knee deep in JCL, print queues and OMVS. Some people build toy trains, others model airplanes, but Phil’s hobby is mainframe security. He has given a talk about mainframe security at BSidesLV, has been interviewed for podcasts and maintains a blog about mainframe security research.

Ag3nt47 Security – Shmoocon 2013 – Ka-Ching – How To Make Real Money

Description: Margaret Russell
Emerging security technology –your technology—is overlooked, undersold, and underutilized partly because big customers often procure from big companies. Start up and young companies face stiff sales competition from established companies that have large marketing and sales organizations. This talk provides the secrets to winning competitive sales scenarios when the written response to an RFP is the key to being competitive.

Successful sales to businesses or governments usually rely on qualifying rounds of requests for information, proposals, quotes, and oftentimes demonstrations. For a startup or young company that concentrates on technology over marketing, this standard process can be exclusionary. Here’s how to manage a sales process that is dependent on response documents to win the business. And make money. Real Money.

Ms. Russell is a marketing professional with over 30 years experience in networking software, secure networks, and SaaS. She has written and managed hundreds of technical software and services proposals for very large, insanely large, and ginormous multi-national companies. She has run projects that have brought in billions of dollars to her corporate masters. It’s time for the little guys to know the secrets, too. She holds a BA from New York University and a Master’s from Cornell. This is her first ShmooCon talk.

Ag3nt47 Security – Carolinacon – 9 – 2013 – Iphone Data Reconnaissance Without Physical Access To The Device.

Description: Abstract:

I’ll explore methodologies for iOS data reconnaissance without physical access to the device. Using a non jailbroken iPhone, I’ll show how to use a local network to use common settings on devices to remotely backup the device to its paired instance of iTunes (assuming network or physical access to the computer), find the backup on disk, and extract things like the TXT/iMessage raw sqlite database to the recent calls list.
These tactics can be used to automate backups of your own device for safekeeping of data or for more nefarious things like recovering text message logs from a spouse’s phone to see what they’ve ben up to behind your back. I’ll show example SQL queries to adjust date/timestamps and account for an Apple bug that made it into production with iMessage database records which will make it easier to work with the data. I’ll also show a simple way to protect against this sort of data reconnaissance by others.

Jarrick is a software engineer by trade and manages the engineering department of a small custom web application development company. He also has a successful side business developing iOS apps for the masses. Jarrick is a member of the FALE Association of Locksport Enthusiasts.

Ag3nt47 Security – Carolinacon – 9 – 2013 – Search Engine Hacking: Finding Credit Cards, Social Security Numbers, And Frighteningly More

Description: Abstract:

Brief Topic Abstract: This presentation is for anyone interested in learning the true power of search. While the vast majority of people think of search engines as gateways to movie times, shopping deals, and a little fact-checking, the reality is that advanced search queries are being used via the most popular search engines every day to find unbelievable types of information. Search has proven time and again that even the most paranoid and cautious individuals can find themselves on the business end of identity theft, and they’d never know how it happened. If you don’t know how to use a search engine to find credit card scans, Social Security numbers, usernames and passwords, VPN credentials, back-up images, virtual machine installs, software licenses, confidential documents, private image/video dumps, or similarly fascinating/frightening data, then I’m offering you the chance to take the red pill and see just how deep the search engine rabbit hole really goes…

Stephen is a freelance writer and investigative researcher who is head-over-heels in love with search. Whether it’s tirelessly refining advanced search queries, unearthing awesome niche search engines, Internet marketing (SEO, social media, etc.), or just about anything Web-related, Stephen is passionate about it. Such passion allows him to touch on various facets of competitive research, Web security, search-related “fun and profit,” and much more. Currently, Stephen writes for CBS Interactive / ZDNet on topics related to search, security, hardware, software, gaming, and other tech-related subjects. He speaks at conferences regarding search engine hacking and is also in the process of writing a book regarding advanced search querying with Google. Connect with Stephen via his Web site, LinkedIn, Twitter, or Facebook!

Ag3nt47 Security – Carolinacon – 9 – 2013 – Getting Shells When Metasploit Fails

Description: Penetration Tests aren’t new, and most companies have figured out how to eliminate the low hanging fruit. Some have even gone above and beyond and deployed technologies like Network AV, IPS, and egress filtering. In 50 minutes, this talk is going to go through different ways of getting access to systems on the network without exploits and working around common hardening. Leveraging configuration weaknesses, common hardening oversights, and more, we’ll go through ways to get around difficult AV systems, network AV, using open source and commonly available tools to get access to boxes were the standard stuff fails. Join us for a adventure with few slides and lots of shells, just make sure to keep your hands and feet inside the ride at all times.

Ryan Linn is a Senior Consultant with Trustwave’s SpiderLabs – the advanced security team focused on penetration testing, incident response, and application security. Ryan is a penetration tester, an author, a developer, and an educator. He comes from a systems administration and Web application development background, with many years of IT security experience. Ryan currently works as a full-time penetration tester and is a regular contributor to open source projects including Metasploit and BeEF, the Browser Exploitation Framework.

Ag3nt47 Security – Carolinacon – 9 – 2013 – The Maru Architecture Design: A Proposed Byod Architecture For An Evolving Threat Landscape

Description: Abstract:

Abstract: BYOD has been a strong growing trend in information technology over the last few years. Proponents cite the benefits of cost savings, employee productivity, and worker satisfaction when pushing for adoption. As organizations explore accepting this paradigm shift, IT faces a future reality where devices are no longer under their complete control. This loss of control, along with a rapidly evolving security landscape focused on data breaches through attacking the user, is enough to keep IT staff and management awake at night with the fear that a breach of their network will soon make headlines.
Despite these fears and objections, the growing thought among industry experts is that BYOD acceptance is inevitable for most organizations. A shift in strategic thinking towards accepting BYOD in the enterprise and mitigating its potential risks is needed. This talk focuses on a proposed architecture blueprint for BYOD enterprises. The goal of this design, when part of a proper BYOD program, will be to help reduce many of the risks associated with BYOD, while allowing users and organizations to enjoy the many benefits.

Michael Smith is a consultant for ePlus Security. A ten-year veteran of the industry, he has a diverse IT background, although his true passion remains security. Michael is currently a Doctoral candidate at Capital College, researching attack prediction and discovery using predictive analytics. He holds several certifications including his CISSP, OSCP, and GPEN. When not testing or securing the enterprise, Michael enjoys spending time with his family, pursuing his many geeky interests, and traveling… especially to see the Mouse.