Upload File

rabovoluk presentation yaroslav-2

18

Upload: kuchinskaya

Post on 22-May-2015

460 views

Category:

Documents


4 download

Report

TRANSCRIPT

Page 1: Rabovoluk presentation yaroslav-2
Page 2: Rabovoluk presentation yaroslav-2

ВНЕШНИЙ КОНТРОЛЬЗАЩИЩЕННОСТИ СЕТИ

Page 3: Rabovoluk presentation yaroslav-2

company internet

ПОВЕРХНОСТЬ АТАКИ

Page 4: Rabovoluk presentation yaroslav-2

ПРОЦЕСС НАБЛЮДЕНИЯ

Интерпретация данных ЦельОтчетность

дополнительные проверки

Page 5: Rabovoluk presentation yaroslav-2

• Обладает ограниченным знанием цели

• Находится во внешней области по отношению к цели

• Имеет доступ к ресурсам, не связанным с целью

МОДЕЛЬ ВНЕШНЕГО НАБЛЮДАТЕЛЯ

Internet

Page 6: Rabovoluk presentation yaroslav-2

ОБЛАСТЬ ПРИМЕНЕНИЯ

- обнаружение нарушений политик ИБ- обнаружение утечек информации- определение скомпрометированных систем

НЕ ЯВЛЯЕТСЯ- средством мониторинга состояния систем- единственным средством контроля нарушений

Page 7: Rabovoluk presentation yaroslav-2

ДОСТУПНАЯ ИНФОРМАЦИЯ

• Открытые порты• html-код• наличие форм или методов авторизации• ошибки конфигурации• кэш поисковых машин• etc

Page 8: Rabovoluk presentation yaroslav-2

ТРЕБОВАНИЯ К СИСТЕМЕSubject: Report point x120 mar 2012Found 2 new hosts, 6 new ports, 1 violation

Hosts:new 192.168.0.16:[ 22,443]new 192.168.0.23:[139,1223]

192.168.0.1:[3128]192.168.0.45:[22122]

Violations:192.168.0.16:[22] : root/root

• удобный отчет

• низкий уровень false positives

• конечное время работы цикла

• оперативное оповещение о серьезных

нарушениях

• безопасные проверки

Page 9: Rabovoluk presentation yaroslav-2

СКАНЕРЫ УЯЗВИМОСТЕЙ

Page 10: Rabovoluk presentation yaroslav-2

ИНСТРУМЕНТАРИЙ

• порт-сканеры: nmap,unicornscan,nessus,etc.

• фреймворки эксплойтов: metasploit, nmap scripting

• скриптовый язык: python,perl

Page 11: Rabovoluk presentation yaroslav-2

PORTSCANNING

25/tcp open smtp80/tcp open http111/tcp open rpcbind873/tcp open rsync2049/tcp open nfs4700/tcp open unknown5040/tcp open unknown5050/tcp open mmcc5051/tcp open ida-agent22122/tcp open unknown38024/tcp open unknown47039/tcp open unknown54015/tcp open unknown

NMAP - универсальное средство доставки радости

Page 12: Rabovoluk presentation yaroslav-2

ФРЕЙМВОРКИ ЭКСПЛОЙТОВ

- metasploit

- nmap scripting engine

Page 13: Rabovoluk presentation yaroslav-2

GOOGLE DORKS

• Общие запросы– “Index of”– “allintitle: phpinfo()”– “"Warning: mysql_connect():

Access denied for user: '*@*" "on line" -help -forum”

• Policy-based запросы

+ “site:companyname.com”

Page 14: Rabovoluk presentation yaroslav-2

РАСПОЛОЖЕНИЕ

InternetZ1

Z2

Z3Ntotal = Nzones+2

Page 15: Rabovoluk presentation yaroslav-2

ОГРАНИЧЕНИЯ

• ips

• характер траффика

• риск вызвать отказ в обслуживании

• “черный список” при мониторинге внешнего ресурса

Page 16: Rabovoluk presentation yaroslav-2

ПОДДЕРЖКА

Обработка отчетов

Уточнение модели

Отчет

Page 17: Rabovoluk presentation yaroslav-2

ЭФФЕКТ ОТ ВНЕДРЕНИЯ

• обнаруживается до 80% уязвимостей• усиливается ответственность в соблюдении политик

0

25

50

75

100

Page 18: Rabovoluk presentation yaroslav-2

Ярослав РабоволюкCISO

[email protected]

СПАСИБО!

mailto:[email protected]
mailto:[email protected]

Made by: Yaroslav Titov Form 7A Teacher: R.S.Miroshnichenko

Yaroslav Barkovskyi portfolio

Yaroslav Sorokin - Accident Consequences Group · PDF file52'265w*udsk$gplqlvwudwru¶v0dqxdo yaroslav sorokin $sulo ,qvw lwxwhri0dwkhpdwlfdo 0dfklqhvdqg6\vwhpv &\ehuqhwlfv&hqwuh ,006&&

Nina Kondrashova, Andriy Pavlov, Yaroslav Pavlov

Design a Document Editor Oksana Protsyk Yaroslav Kaplunskiy

Yaroslav Sergienko - pallada-92.github.io · Yaroslav Sergienko interactive animation • data visualization • full-stack • data analysis resume • print version of this portfolio

NATIONAL BRANDING AGENCY KAZAKHSTANIKA»kazakhstanika.kz › upload › userfiles › files › -Kazakhstanika_Base_20… · Burlakov Roman . Layout Designer. Kozhevnikov Yaroslav

YAROSLAV SENCHUK - thewebys.com · Yaroslav Senchuk has successfully completed the online, non-credit Specialization Strategic Management and Innovation This Specialization explores

Nanotechnology for Future Batteries Yaroslav Aulin

Legal clinic in yaroslav mudryi national law university

Sorting algorithms Yaroslav Dmytruk [email protected]

Legal issues of development of organic farming in …. Fedchyshyn...2 Iryna Ignatenko - Yaroslav Mudryi National Law University, Ukraine, [email protected]. 3 Oleksandr Bondar

Ukrainian Banking Sector Outlook by Yaroslav Sovgyra, Associate Managing Director, Moody’s

DIVA 2013 - misonzhnikov.commisonzhnikov.com/wp-content/uploads/2017/05/Yaroslav-Misonzhnikov... · Yaroslav Misonzhnikov fühlt Sich in einer Welt voller und Kanten Man kann sie

Microsoft SharePoint Server 2010 for the Microsoft ASP.NET Developer Yaroslav Pentsarskyy @spentsarsky

Bogdan Lissovolik and Yaroslav Lissovolik · Prepared by Bogdan Lissovolik and Yaroslav Lissovolik Authorized for distribution by Philip Gerson August 2004 Abstract This Working Paper

Mag. Yaroslav Anikeev - DLFMag. Yaroslav Anikeev Associate, Insolvency Administrator Real estate law Insolvency and corporate restructuring Litigation and dispute resolution Contract

Slava as “Yaroslav Sergeevich” › conferences › bps2010 › BPS2010 Tuesday...Page 1 Slava as “Yaroslav Sergeevich”: CSR without Partial Derivatives, Round Beams Colliders,

Yaroslav: ideas for promo

Created by: Yaroslav Zorenko Form 8 Kharkiv Boarding school №9

3 yaroslav vakhitov_ufs

YAROSLAV KURYLEV, MATTI LASSAS, GUNTHER UHLMANN …gunther/... · 2 YAROSLAV KURYLEV, MATTI LASSAS, GUNTHER UHLMANN waves that propagates along the geodesic determined by (y,η) and

Yaroslav Slinin READING TRENDELENBURG · 2018-02-10 · Yaroslav Slinin READING TRENDELENBURG Resume: In his «Logische Untersuchungen» (1840, “Logical Investigations”), A. Trendelenburg

ALLAN GREENLEAF, YAROSLAV KURYLEV, arXiv:0812.1706v1 …gunther/... · ALLAN GREENLEAF, YAROSLAV KURYLEV, MATTI LASSAS AND GUNTHER UHLMANN Abstract. For any E ≥ 0, we construct

London, March 10 2008 Yaroslav Porokhnyak Vice-president, strategic investments

UKRAINIAN IT COMPANIES GOING GLOBAL: CHALLENGES & SOLUTIONS Yaroslav Lyubinets

Entity. Anton Shubkin and Yaroslav Ponomarev

Yaroslav D. Sergeyev- A New Applied Approach for Executing Computations with Infinite and Infinitesimal Quantities

Artist Yaroslav Gerzhedovich

Russia Made by Yaroslav Titov Form 6 A Teacher: R. S. Miroshnichenko

Accepted Manuscript Yaroslav Z. Khimyak, Alexander Zaichenko · Alexander Zaichenko ([email protected] ), Yaroslav Z. Khimyak ([email protected]) surface functionalization of both

Internet Censorship In order of appearance: Dmitriy Bespalov Ilya Braude Brian McBurney Yaroslav Volkov

Magento 2 performance comparison in different environments by Yaroslav Rogoza from Atwix

CROSS Yaroslav the Wise in Norse Tradition

Bohdan Durnyak Yaroslav Uhryn Vorbereitung der Fachleute für Druck- und Verlagswesen der Ukraine