Ghetto IDS and Honeypots for the Home User

Presented at The Last HOPE (2008), July 19, 2008, 4 p.m. (60 minutes)

Have you ever wondered what the heck was pounding on your Internet connection? Or what exactly was making your cable or DSL connection's activity light blink wildly when you knew there was no traffic from you? If so, this presentation will shine a light into the dark corners of your personal tube, showing you the unending stream of junk that comes across your Internet connection as well as how to pick out the good, the bad, and the ugly. This presentation will cover the steps involved in setting up a poor man's IDS and honeypot. Using open and freely available tools, strategies of IDS deployment on your home LAN and the setup of both low interaction and high interaction honeypots will be covered. Learn what you can expect to see, how to pluck out the signal from the noise, and generally be aware of what is flowing in - and out - of your LAN.


Presenters:

  • Black Ratchet
    Black Ratchet is just another phone phreak from Boston. In addition to this, he is a bitter and surly information security engineer who can't stand bot herders and script kiddies who scan his Internet connection. He enjoys telephones, radios, and a plethora of other things related to information security. He has given presentations at Defcon and HOPE, is the co-author of Asterisk Hacking from Syngress Publishing, and is an active member of the Digital Dawg Pound at http://www.binrev.com. He can be found at his website (http://www.blackratchet.org) and on the BinRev forums at http://forums.binrev.com.

Links:

Similar Presentations: