My life with Mirai

Presented at BSides Austin 2017, May 5, 2017, 1 p.m. (60 minutes).

The Mirai botnet has brought public awareness to the danger of poorly secured embedded devices. Its ability to propagate, although crude, is fast and reliable. Its impact can be devastating and it will probably outlive us all. You need to identify it, stop it, and prevent its spread. I had the opportunity to become very familiar with the structure, design, and weaknesses of Mirai. At this talk you'll learn how to detect members of the botnet, sinkhole them to prevent further scanning, and setup a safe live fire lab environment for study. We'll even talk about joining a C2 server, how to collect new samples for study, and some changes that have already occurred.

Presenters:

• Chuck McAuley   as chuck mcauley
  Chuck is responsible for gathering actionable application and security intelligence for Keysight products. Chuck has more than 15 years of experience working in the field of Computer and Network Security for Ixia Communications, BreakingPoint, Spirent Communications, and Imperfect Networks. Chuck applies his passion through engineering and speaking at technology events. But he mostly spends his time in a cave in New Hampchussetts staring at PCAPs.

Links:

• https://bsidesaustin2017.sched.com/event/AP1z/my-life-with-mirai

Similar Presentations:

• THOTCON 0x8 (2017) / The Mirai BotNet and where DDoS attacks are headed
• VB2018 / Tracking Mirai variants
• DerbyCon 8.0 Evolution (2018) / Mirai, Satori, OMG, and Owari - IoT Botnets Oh My