Penguicon 2019 - DDOSs and What the Average Person Can Do About ItSlides (HTML Version) PDF Version ( Created on Strut.io ) DDOS Distributed Denial of Service Denial of Service Affects the Availablity of the resource (Website, internet access or other services) The Distributed part is talking about the attacker or source Computers. Increases the impact of the attack when there is more computers attacking CIA Triad DOS affects the Availablity in realtion to the CIA triad Confidentiality - Keeping things secret Integrity - Insuring acurate or unchanged info Availablity - Making sure the system us avilable when someone needs it. Who Who are they attackers Script kiddies Hired thugs Sources are distributed and spoofed IP addresses Why Extorsion Vandalism Distraction How High Bandwidth Attacks Traffic flood Ping/ICMP Reflection or Amplification UDP Based: DNS, TCP Low Bandwidth Attacks Application attacks (L7) Slow Lorus, HTTP GET flood, SIP invite flood, dns amplification TCP Attack Flood TCP SYN, TCP FIN, TCP RST, TCP Flags (Diagram of TCP 3 way hand shake) Wireshark Example of good tcp connections Wireshark pcap example of syn attack TCP Connection attacks Large number of half open connections or idle connections stopping other people from connecting TCP Idle attack Defensive Countermeasures When an attack hits More bandwidth stateless packet filtering Hardware appliance (Not Firewall or IPS) Proxy / Cloud / CDN redirect service Work with ISP to block the traffic (very difficult when the sources are distributed) Proactive Countermeasures Take steps to not become part of a bot net Patch your devices Enable firewalls Change Default passwords be vigilant agains phishing attacks update your anti-virus and anti-maleware This presentation is licensed under the Creative Commons License CC-BY-SA This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Firewalls for Fun and Profit I will be presenting at the MUG April 2017 Meeting and Penguicon 2017 on Firewalls for Fun and Profit. The presentation is about what a firewall is, some history, the differences between the three types, and how to understand the Firewall Rules The presentation slides can be found here: https://bemushosting.com/present/firewall
- What is a Firewall
- Host based vs network based
- Packet Filtering, Statefull Firewall, and Application Gateway
- Who uses firewall?
- Creating Firewall Rules
In this post is where I have posted my Penguicon 2016 - Internet Security For the Lay Geek talk. It took place on April 30th at 5pm at Penguicon in Southfield Michigan. The internet is a place full of wonder and excitement for all people. It is a great place to for education and collaboration. While there is great opportunities to learn from people all over the world you will may also fall pray to malicious people too. Here I propose 5 steps you can take to reduce the likely hood of an attack.
- Get an AntiVirus/AntiSpyware/Firewall
- Install updates or remove programs
- Use strong unique passwords
- Turn on Two Factor
- Watch out for scammers
- Don't use login links in emails
- Don't over share on Social Media
The information in this presentation is intended for educational use only. Techniques shown should only be performed on your own network. Using these skills on a network without prior consent is illegal. (Don't be evil) In this talk I present on the techniques that hackers use and how to keep your self safe. Here is my presentation slides from Ohio Linux Fest on 10/8/2016 - https://bemushosting.com/present/kali-olf-2016-10-08/Kali-OLF_2016-10-08.html A printable version of the slide are here: https://bemushosting.com/present/kali-olf-2016-10-08/Bemus-Kali-OLF2016.pdf I also presented this at MUG on 3/8/2016 and MDLUG on 9/10/2016 Slides are available here: https://bemushosting.com/present/kali-mug-2016-03-08/Kali-MUG_2016-03-08.html The presentation was recorded via Google Hangouts On-air and available on youtube.com: https://www.youtube.com/watch?v=0xNZ8I8JVII The following topics are covered:
- Definition of Offensive security and Countermeasures
- The CIA triad
- Basic Security Countermeasures
- About Kali Linux
- Kali Linux Options
- Kali Linux Top 10
- Android RAT with MSF
- Scan computers using nmap
- Network Sniffing with macof and Wireshark
For Penguicon 2015 I gave a talk with the above title. Here is my Impress slides bemushosting.com/present/LinuxRouter/index.html
Here is my Bespoke slides bemushosting.com/present/LinuxRouter/bespoke.html
Here is the Handouts for the slides bemushosting.com/present/LinuxRouter/Handout.html *Slides are in HTML best viewed directly from the above links Outline:
- Internet Interactions
- Inside the Home Network
- Replace the Commercial Router
- Physical Design of the Network
- Logical Design of the Network
- Configure the new Router
- Addressing Devices
- Port Forwarding
- Public IP address
- Dynamic DNS (DDNS)
Presentation by Tony Bemus is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Based on a work at http://bemushosting.com/practical-networking-using-linux-router.
I decided I wanted to start playing with IPV6. to do it with out native IPV6 you need to have a tunnel to a Tunnel Broker. I have herd from a lot of people that Hurricate Electric is a good one to use.
I recently had to cleanup some websites where some of the wordpress files were changed. I was able to clean the files by using a few scripts. The first one looks through all the files looking for base64 php code: base64-check.sh
Here is my presentation given at Penguicon 2014 on May 3rd 2014. http://bemushosting.com/present/PGP-GPG_Pen14.html In this presentation I cover these subjects:
- Why Encryption
- Whys and Hows of PGP/GPG
- GPG setup and maintenance on linux
- Privacy through Encryption
- Getting you key signed
- Using GPG for secure communication
To get started you will need to create a gpg key and put it on a key server. There are many key servers available, so choose one that people will be able to use. My key is available on the https://sks-keyservers.net/i/ There are some GUI or point and click programs available and here are two common ones. These programs will allow you to create, export, update, sign, send and sync with the servers. In Linux Mint there are three servers configured by default: Ubuntu, SKS, and PGP.com.