MASS-ANALYZING A CHUNK OF THE INTERNET: THE ROMANIAN IT LANDSCAPE GEORGE-ALEXANDRU ANDREI.

Slides:

Advertisements

Similar presentations

WEB AND WIRELESS AUTOMATION connecting people and processes InduSoft Web Solution Welcome.

Advertisements

Database Security Policies and Procedures and Implementation for the Disaster Management Communication System Presented By: Radostina Georgieva Master.

1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.

Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

1 June 1, 2015 Secure access to project budget information for OAR Principal Investigators Eugene F Burger Sylvia Scott Tracey Nakamura John L Forbes PMEL.

System and Network Security Practices COEN 351 E-Commerce Security.

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

Network Security Peter Behrens Seth Elschlager. Computer Security Preventing unauthorized use of your network and information within that network. Preventing.

Hacking Web Server Defiana Arnaldy, M.Si

Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.

RFC6520 defines SSL Heartbeats - What are they? 1. SSL Heartbeats are used to keep a connection alive without the need to constantly renegotiate the SSL.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

That’s Really not the Point… haroon meer | charl van der walt SensePost.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

Introduction to SQL Server 2000 Security Dave Watts CTO, Fig Leaf Software

Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.

Honeypot and Intrusion Detection System

SECURITY ZONES. Security Zones  A security zone is a logical grouping of resources, such as systems, networks, or processes, that are similar in the.

Operating System Security. OS manages and controls access to hardware components Older OSs focused on ensuring data confidentiality Modern operating systems.

APRICOT 2015 Security Day Cooperation between Security Teams and Network Operators: Actionable Intelligence on ShellShock Arnold S. Yoon Information Security.

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,

Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.

Hands-On Microsoft Windows Server Implementing Microsoft Internet Information Services Microsoft Internet Information Services (IIS) –Software included.

Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server.

1 Security Penetration Testing Angela Davis Mrinmoy Ghosh ECE4112 – Internetwork Security Georgia Institute of Technology.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

REALLY HACKING SQL SERVER 2000 Less Theory – More Action Jasper Smith.

Scott Charney Cybercrime and Risk Management PwC.

User Manager Pro Suite continued… All-in-One Security, Management & Reporting.

Retina Network Security Scanner

Database Security David Nguyen. Dangers of Internet  Web based applications open up new threats to a corporation security  Protection of information.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.

An Introduction to E-Commerce Security By Graham Mead.

Copyright © 2015 Cyberlight Global Associates Cyberlight GEORGIAN CYBER SECURITY & ICT INNOVATION EVENT 2015 Tbilisi, Georgia19-20 November 2015 Hardware.

Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.

Web Security Introduction (Some of the slides were adapted from Oppliger’s online slides at

Alison Buben Jay Pataky COSC 316.  Main purpose: Penetration Testing ◦ Evaluating the security of a computer by simulating an attack ◦ Showing where.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

SECURE LAB: CREATING A CISCO 3550 VLSM NETWORK

Security and resilience for Smart Hospitals Key findings

Troubleshooting Networked Video

VMware ESX and ESXi Module 3.

Nessus Vulnerability Scan

Secure Software Confidentiality Integrity Data Security Authentication

CAN A DATABASE REALLY BE SECURE?

Securing the Network Perimeter with ISA 2004

Identity Provider in a Box

Introduction to SQL Server 2000 Security

Dissecting the Cyber Security Threat Landscape

Jon Peppler, Menlo Security Channels

Security in Networking

Nessus Vulnerability Scanning

Chapter 9 E-Commerce Security and Fraud Protection

– Chapter 3 – Device Security (B)

12 STEPS TO A GDPR AWARE NETWORK

Secure Gateway Today Internet Internet Explorer and ICA MetaFrame

Web Servers / Deployment

Unit 36: Internet Server Management

Implementing Client Security on Windows 2000 and Windows XP Level 150

Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein

How To Configure Hotspot in Virtual Mikrotik on VMware

Securing web applications Externally

Presentation transcript:

MASS-ANALYZING A CHUNK OF THE INTERNET: THE ROMANIAN IT LANDSCAPE GEORGE-ALEXANDRU ANDREI

INTRODUCTION Hello. I am an IT Security fanatic. 6 years of hands on IT Security(penetration testing, physical security, threat hunting, security audits, etc.) IT Security masters student WARNING! This presentation will cover technical aspects. Sorry non-techies!

MASS-ANALYZING: THE ROMANIAN IT LANDSCAPE Why do it ? From a defensive point of view: to see how many systems are vulnerable to the latest and greatest exploits (Practical) Survey SSL certificates in use in Romania (Practical) To see how many users are affected by vulnerable routers (I am looking at you D-Link)

MASS-ANALYZING: THE ROMANIAN IT LANDSCAPE Why do it ? From an offensive point of view: to see how many systems can be weaponized to perform DDoS attacks (Theoretical) To see how easy we can compromise systems (Theoretical) To find out if we can exfiltrate information (Think databases – Still theoretical)

MASS-ANALYZING: THE ROMANIAN IT LANDSCAPE Why do it ? – From my point of view Because it’s fun & informative Because it’s a wide scope so there is a big chance to have something vulnerable Because of the legal challenges

MASS-ANALYZING: THE ROMANIAN IT LANDSCAPE Getting down to business: Vulnerable systems. Number of assets scanned by third parties: 1,600,727 Number of assets that have Windows XP ( directly connected to the internet ) : 721. Bucharest has 59 of these assets. Global Number of XP assets: 292,536 On a national scale these XP systems are used as: Web Servers ( 38 – IIS web server, 19 – Apache web server ) VNC 13 instances found TeamViewer – 6 instances MySQL – 6 Instances MS08-67 Critical Vulnerability that can allow remote command execution could affect these systems ( Not tested just an assumption )

MASS-ANALYZING: THE ROMANIAN IT LANDSCAPE SSL Certificates ( Port 443 only implementation ) Total number of assets: SSL v2 : 59,461 SSL v1: 28 TLSv1.2: 59,537 Unfortunately all the proper implementations of SSL ( TLSv1.2 ) had backwards compatibility meaning they allow connection on weak or deprecated encryption cyphers.

MASS-ANALYZING: THE ROMANIAN IT LANDSCAPE SSL Certificates: Heartbleed Number of Heartbleed vulnerable assets in Romania : 819 HTTPS Victims of Heartbleed in Romania are : National Institutions, City Halls, cPannel / WHM + SSL - 67 Hosting providers that have VMware ESXi externally facing WebMin - 36 OpenVPN servers that are unpatched HTTPS(port 8080) - 18 Gateways Firewalls that have SSL enabled and are vulnerable

MASS-ANALYZING: THE ROMANIAN IT LANDSCAPE D Link Routers 1,997 D Link routers in Romania Vulnerable routers: 511 were identified as having vulnerable firmware installed on them

MASS-ANALYZING: THE ROMANIAN IT LANDSCAPE Getting Offensive: DDoS Attacks Romanian Webcams: ~3000 ( most of them with default administrative credentials or even worse with no password Why stop there: 4,995 NTP Servers that could be used in an NTP DDoS attack Dream Box TV set tops : 188 And many other IoT devices that are “vulnerable by design”.

MASS-ANALYZING: THE ROMANIAN IT LANDSCAPE Databases

MASS-ANALYZING: THE ROMANIAN IT LANDSCAPE

THANK YOU