Difference between revisions of "VTLUUG:2016-02-04"

From the Linux and Unix Users Group at Virginia Teck Wiki
Jump to: navigation, search
imported>Echarlie
(Created page with "Our second meeting of the 2016 Spring semester. == Date, Time and Location == * Thursday, 4 February * 8:30pm - 10:30pm * 1040 Torgersen Hall (projected...")
 
imported>Echarlie
(Bad OpSec)
 
(12 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
Our second meeting of the 2016 Spring semester.
 
Our second meeting of the 2016 Spring semester.
  
== Date, Time and Location ==
+
== Date, Time, and Location ==
 
* Thursday, 4 February
 
* Thursday, 4 February
 
* 8:30pm - 10:30pm
 
* 8:30pm - 10:30pm
* 1040 [[gp:Torgersen Hall|Torgersen Hall]] (projected)
+
* 1040 [[gp:Torgersen Hall|Torgersen Hall]]
  
 
== Announcements ==
 
== Announcements ==
Line 11: Line 11:
 
* F20160127 updated lives available: http://tinyurl.com/live-respins (.iso & .torrent).
 
* F20160127 updated lives available: http://tinyurl.com/live-respins (.iso & .torrent).
 
* For shell account, contact [[user:uncurlhalo|uncurlhalo]]
 
* For shell account, contact [[user:uncurlhalo|uncurlhalo]]
* Installfest? -- Advertising
+
* Installfest on the weekend of the 13 Feb -- Advertising
 +
* Milton is being replaced. #vtluug-infra to discuss
  
 
== Discussion ==
 
== Discussion ==
 +
*[[user:mr-black|mr-black]] giving remote talk on opsec
 +
*[[user:telnoratti|telnoratti]] telling about linux news
 +
*[[user:echarlie|echarlie]] moderating vote on new-milton name
 +
*[[user:echarlie|echarlie]] co-ordinating installfest
  
 
== Hacking ==
 
== Hacking ==
Line 21: Line 26:
  
 
= Meeting Happenings =
 
= Meeting Happenings =
 +
 +
== Calvin with Linux news ==
 +
* New patchset for BFQ written; may be added to kernel
 +
* perf tools added support for hierarchy view (perf tools is similar to dtrace)
 +
* namespacify more of tcp sysctl knobs
 +
 +
== [[user:mr-black|mr-black]] giving a remote talk on OpSec ==
 +
 +
With remote appearances by [[user:andreim|aam]], [[user:mutantmonkey|mutantmonkey]] and [[user:mjh|mhazinsk]].
 +
 +
OpSec: Operations Security
 +
 +
=== Bad OpSec ===
 +
* Cardsystems
 +
** 200,000 credit cards in '''plain text'''
 +
* BNY Mellon
 +
** 4.2 million social security numbers lost on a tape drive
 +
* [[user:timelord|jpo]]
 +
** funny red hat
 +
** likes maple syrup
 +
** doesn't believe in https
 +
** likes to be MITM'd (if you know what I mean)
 +
* Search CNN for VT
 +
 +
=== Good Opsec ===
 +
*'''avoid [[user:mutantmonkey|mutantmonkey]]'''
 +
** If you know him, you will never have good opsec
 +
* Don't give away trade secrets
 +
* Don't be jpo
 +
* Don't leave Computer unattended near a screwdriver during Cyber Security Summit
 +
 +
=== Exploiting Bad OpSec ===
 +
* Breaking opsec
 +
** hard hat, reflective vest, and clipboard
 +
* Penetration testing
 +
 +
 +
[[Category:VTLUUG:Meetings]]
 +
[[Category:2016]]

Latest revision as of 03:25, 5 February 2016

Our second meeting of the 2016 Spring semester.

Date, Time, and Location

Announcements

  • #VTLUUG: "No Rules, Just Right™"
  • 2016 is the year of the Linux desktop
  • F20160127 updated lives available: http://tinyurl.com/live-respins (.iso & .torrent).
  • For shell account, contact uncurlhalo
  • Installfest on the weekend of the 13 Feb -- Advertising
  • Milton is being replaced. #vtluug-infra to discuss

Discussion

Hacking

Meeting Happenings

Calvin with Linux news

  • New patchset for BFQ written; may be added to kernel
  • perf tools added support for hierarchy view (perf tools is similar to dtrace)
  • namespacify more of tcp sysctl knobs

mr-black giving a remote talk on OpSec

With remote appearances by aam, mutantmonkey and mhazinsk.

OpSec: Operations Security

Bad OpSec

  • Cardsystems
    • 200,000 credit cards in plain text
  • BNY Mellon
    • 4.2 million social security numbers lost on a tape drive
  • jpo
    • funny red hat
    • likes maple syrup
    • doesn't believe in https
    • likes to be MITM'd (if you know what I mean)
  • Search CNN for VT

Good Opsec

  • avoid mutantmonkey
    • If you know him, you will never have good opsec
  • Don't give away trade secrets
  • Don't be jpo
  • Don't leave Computer unattended near a screwdriver during Cyber Security Summit

Exploiting Bad OpSec

  • Breaking opsec
    • hard hat, reflective vest, and clipboard
  • Penetration testing