Presented at
DEF CON 22 (2014),
Aug. 7, 2014, 4 p.m.
(60 minutes)
Bandwidth, computing power, and software advancements have empowered hackers to quickly scan for and exploit services across the Internet. While this is a major issue, it does allow researchers to track criminal activity with strategically placed honeypots that lure and trap criminals, allowing organizations to put that information to use improving network security. This talk will outline how to use DDoS vulnerable services to develop a honeypot network that will extract valuable information from the Internet and produce a data feed that can be used to protect online assets with kibana, elasticsearch, logstash, and AMQP.
Presenters:
-
Mike Thompson
Mike “The Janitor” Thompson lives in a mushroom bin and not in a box. The Janitor by day, is the Director of Architecture and Engineering for ADC, Cloud (e.g. cumulus, stratus, cirrus, nimbus) and Security for A10 Networks and by night an animal who spits out fire-breathing code for whatever. He worked as a Pen Tester and has provided security-consulting services for many global corporations. The Janitor was part of A10's technical team, which assisted Microsoft as part of the Citadel and Zero Access botnet takedown, is the lead OpenStack Developer and part of the SERT for A10. His favorite pass-times besides being alive are hanging with the fam, building robots and playing with his car. His message to the world "Kiddies ->welfare sucks, grow a brain and learn to code." and "value is like beauty it is solely in the eye of the beholder…put the mirror down when I am talking to you!"
-
Terrence Gareau
As A10 Networks’ Principal Research Scientist, Terrence Gareau leads the company’s security engineering and response team tasked with providing A10 customers in-depth DDoS research and advisories they require to continually improve their network security defenses. Prior to joining A10, Gareau was Principal Security Architect and the founding member of the PLXsert for Prolexic Technologies. He began his IT security career more than 10 years ago, and has broad expertise in enterprise security and distributed denial of services (DDoS) mitigation, prevention and recovery. Gareau has mitigated some of the Internet’s largest DDoS attacks for both government agencies and private enterprises, and has lead architecture, engineering and research teams, creating solutions to protect client networks, establishing security testing policies, network and digital forensics, and serving as the subject matter expert for multiple private and government organizations. Prior to Prolexic, Gareau worked for the Food and Drug Administration (FDA) and CNI. A recognized expert in DDoS attack mitigation, Gareau has shared his knowledge at NIH, FDA, DoD, DHS, and other organizations.
Links:
Similar Presentations: