In the world of information security, it's not a matter of how anymore…it’s a matter of when. With the advent of penetration tools such as Metaspolit, AutoPwn, etc.—plus the day-to-day use of insecure operating systems, applications, and Web sites—reactive systems have become more important than proactive systems. Discovery of penetration by out-of-band processes and being able to determine the when and how to then mitigate the particular attack has become a stronger requirement than active defense. I will discuss the basic precepts of this idea and expand with various types of tools that help resolve the issue. Attendees should be able to walk away from this discussion and apply the knowledge immediately within their environment.
Branson Matheson is a 23-year veteran of UNIX and security. He started as a cryptologist for the U.S. Navy and has since worked on NASA shuttle projects, TSA security and monitoring systems, and Internet search engines; he continues to support many open source projects. He works at NASA as a Systems Architect; founded sandSecurity to provide policy and technical audits, support and training for IT Security, system administrators and developers; and he speaks at sysadmin and security conferences year-round. Branson has CEH, GSEC, GCIH, and several other credentials, but generally likes to spend time responding to the statement "I bet you can't…"
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
BibTeX
@conference {255632,
author = {Branson Matheson},
title = {{TTL} of a Penetration},
year = {2012},
address = {San Diego, CA},
publisher = {USENIX Association},
month = dec
}
connect with us