Difference between revisions of "VTLUUG:2016-02-04"

From the Linux and Unix Users Group at Virginia Teck Wiki
Jump to: navigation, search
imported>Echarlie
imported>Echarlie
(Bad OpSec)
 
(6 intermediate revisions by the same user not shown)
Line 32: Line 32:
 
* namespacify more of tcp sysctl knobs
 
* namespacify more of tcp sysctl knobs
  
== mr_black giving a remote talk on OpSec ==
+
== [[user:mr-black|mr-black]] giving a remote talk on OpSec ==
With remote appearances by [[user:aam|aam]] and [[user:mjh|mhazinsk]].
 
  
Bad OpSec:
+
With remote appearances by [[user:andreim|aam]], [[user:mutantmonkey|mutantmonkey]] and [[user:mjh|mhazinsk]].
 +
 
 +
OpSec: Operations Security
 +
 
 +
=== Bad OpSec ===
 
* Cardsystems
 
* Cardsystems
 
** 200,000 credit cards in '''plain text'''
 
** 200,000 credit cards in '''plain text'''
*BNY Mellon
+
* BNY Mellon
**4.2 million social security numbers lost on a tape drive
+
** 4.2 million social security numbers lost on a tape drive
 +
* [[user:timelord|jpo]]
 +
** funny red hat
 +
** likes maple syrup
 +
** doesn't believe in https
 +
** likes to be MITM'd (if you know what I mean)
 +
* Search CNN for VT
 +
 
 +
=== Good Opsec ===
 +
*'''avoid [[user:mutantmonkey|mutantmonkey]]'''
 +
** If you know him, you will never have good opsec
 +
* Don't give away trade secrets
 +
* Don't be jpo
 +
* Don't leave Computer unattended near a screwdriver during Cyber Security Summit
  
Good Opsec:
+
=== Exploiting Bad OpSec ===
*'''avoid [[user:mutantmonkey|mutantmonkey]]'''
+
* Breaking opsec
 +
** hard hat, reflective vest, and clipboard
 +
* Penetration testing
  
  
 
[[Category:VTLUUG:Meetings]]
 
[[Category:VTLUUG:Meetings]]
 
[[Category:2016]]
 
[[Category:2016]]

Latest revision as of 03:25, 5 February 2016

Our second meeting of the 2016 Spring semester.

Date, Time, and Location

Announcements

  • #VTLUUG: "No Rules, Just Right™"
  • 2016 is the year of the Linux desktop
  • F20160127 updated lives available: http://tinyurl.com/live-respins (.iso & .torrent).
  • For shell account, contact uncurlhalo
  • Installfest on the weekend of the 13 Feb -- Advertising
  • Milton is being replaced. #vtluug-infra to discuss

Discussion

Hacking

Meeting Happenings

Calvin with Linux news

  • New patchset for BFQ written; may be added to kernel
  • perf tools added support for hierarchy view (perf tools is similar to dtrace)
  • namespacify more of tcp sysctl knobs

mr-black giving a remote talk on OpSec

With remote appearances by aam, mutantmonkey and mhazinsk.

OpSec: Operations Security

Bad OpSec

  • Cardsystems
    • 200,000 credit cards in plain text
  • BNY Mellon
    • 4.2 million social security numbers lost on a tape drive
  • jpo
    • funny red hat
    • likes maple syrup
    • doesn't believe in https
    • likes to be MITM'd (if you know what I mean)
  • Search CNN for VT

Good Opsec

  • avoid mutantmonkey
    • If you know him, you will never have good opsec
  • Don't give away trade secrets
  • Don't be jpo
  • Don't leave Computer unattended near a screwdriver during Cyber Security Summit

Exploiting Bad OpSec

  • Breaking opsec
    • hard hat, reflective vest, and clipboard
  • Penetration testing