Scribd Logo
Upload

Welcome to Scribd!

  • Defcon Defending Red Team

    Uploaded by

    sadownloader
    45 views19 pages
    Asymmetric Defense is a week-long, annual information security event for students from various military institutions. Each team is given a mock budget to secure a poorly configured / compromised network. Asymmetric Defense is not for everyone Small shops with smaller budgets Limited resources Unreasonable expectations.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Asymmetric Defense is a week-long, annual information security event for students from various military institutions. Each team is given a mock budget to secure a poorly configured / compromised network. Asymmetric Defense is not for everyone Small shops with smaller budgets Limited resources Unreasonable expectations.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    45 views19 pages

    Defcon Defending Red Team

    Uploaded by

    sadownloader
    Asymmetric Defense is a week-long, annual information security event for students from various military institutions. Each team is given a mock budget to secure a poorly configured / compromised network. Asymmetric Defense is not for everyone Small shops with smaller budgets Limited resources Unreasonable expectations.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 19

    Asymmetric Defense

    Asymmetric Defense
    How to Fight Off the NSA Red Team with Five People or
    Less

    Efstratios L. Gavas

    Department of Marine Transportation


    United States Merchant Marine Academy

    DEFCON 17
    Asymmetric Defense

    Outline
    Introduction
    What is the Point?
    About the USMMA
    About the CDX
    Network Design
    Overview of Network Design
    Quick Guides
    Operating Systems
    Tools
    Network
    Application Servers
    FreeBSD
    Asymmetric Defense
    Introduction
    What is the Point?

    Who should listen?


    These are not solutions for everyone

    I Small shops with smaller budgets


    I Limited resources
    I Unreasonable expectations
    Asymmetric Defense
    Introduction
    What is the Point?

    What I hope you take away

    I Simplicity is the only way to save yourself


    I If you don’t understand it – it is not secure!
    I Don’t be afraid of your system
    Asymmetric Defense
    Introduction
    About the USMMA

    What is the USMMA?


    No, they are not Marines (mostly)

    I Established to train merchant marine officers


    I Part of the Department of Transportation
    I The folks that operate those HUGE ships
    I Smallest of the five US undergraduate service academies
    I The one you have not heard of
    I Things they are NOT:
    I Navy, Coast Guard, Marines, normal . . .
    I They may become one of the above (except normal)
    Asymmetric Defense
    Introduction
    About the CDX

    What is the CDX?

    I A week-long, annual information security event for students


    from various military institutions
    I Air Force Institute of Technology (AFIT)
    I Naval Postgraduate School (NPS)
    I Royal Military College of Canada (RMC)
    I United States Air Force Academy (USAFA)
    I United States Coast Guard Academy (USCGA)
    I United States Merchant Marine Academy (USMMA)
    I United States Military Academy (USMA)
    I United States Naval Academy (USNA)
    Asymmetric Defense
    Introduction
    About the CDX

    What is the CDX?

    I Each team is given a mock budget to secure a poorly


    configured/compromised network
    I Email, Instant Messaging, Database and Web Servers,
    Workstations, and a Domain Controller
    I Administrate network while under live-attacks from NSA
    Red Team
    I Deal with exercise “injects”
    I Forensics, help-desk requests, DNS and network
    reconfigurations
    I Reporting requirements
    Asymmetric Defense
    Network Design
    Overview of Network Design

    Review of USMMA Network Design


    Keep It Simple Sailor
    Asymmetric Defense
    Network Design
    Overview of Network Design

    How They Came to the Design

    I Cost Trade-Offs
    I Administrative Trade-Offs
    I Monitoring Trade-Offs

    I Mistakes Made
    I Last Minute Course Corrections
    Asymmetric Defense
    Quick Guides
    Operating Systems

    Learn multiple OS’es


    Variety is good

    I Lots of OS’es for lots of different jobs


    I Ubuntu, FreeBSD, OpenBSD, Solaris, MacOS, DSL. . .
    I Look at the NSA guides for some secure configuration
    I www.nsa.gov/ia/guidance/security_configuration_guides/
    Asymmetric Defense
    Quick Guides
    Operating Systems

    Learn about multiple OS’es

    But you can’t forget about Windows


    I Use Group Policies
    I Don’t get carried away with Group Policies
    I Vista is OK. . . for security
    Asymmetric Defense
    Quick Guides
    Tools

    A Simple Tool is a Useful Tool

    I SysInternals
    I Firewall/IDS
    I Internal Firewall, Core Force
    I Anti-virus Scanner
    I Ad-Aware, AVG (don’t go scan crazy)
    I Pass-phrases vs passwords
    Asymmetric Defense
    Quick Guides
    Network

    Layout of the Network


    Logical and Physical

    I VLANs or,
    I Real LANs
    This option exist for small networks
    Asymmetric Defense
    Quick Guides
    Network

    Firewall/Gateway Applications

    Survey of Firewall/Gateway Applications


    I m0n0wall
    I IPCop
    I Untangle
    I pfSense
    Asymmetric Defense
    Quick Guides
    Application Servers

    Application Server Tools

    Survey of Application Server Tools


    I eBox
    I Webmin
    I Untangle
    Asymmetric Defense
    Quick Guides
    FreeBSD

    Don’t be Afraid of FreeBSD


    Boris Kochergin teaching us how to fish...
    Asymmetric Defense
    Quick Guides
    FreeBSD

    Using FreeBSD for routing

    FreeBSD vs m0n0wall
    I NAT
    I VLANs
    I pf AND ipfw
    Asymmetric Defense
    Quick Guides
    FreeBSD

    Using FreeBSD for Application Servers

    FreeBSD vs eBox
    I Email
    I Webserver
    I Database
    I Jabber
    Asymmetric Defense
    Summary

    Summary

    With a small team, and a limited budget, simplicity is critical.


    I Use the simplest possible security, but no simpler.
    I Remember, if you don’t understand it – it is not secure!
    I Security is about exploration. Jump in, and don’t panic.

    I Final Words
    I If you hack boats, or students, contact me
    (gavase{at}usmma[.]edu)
    I Suggestions welcome

    You might also like