maznu-naughty-step-netmcr- maznu-naughty-step-netmcr-
Enics
9 views
30 slides
Oct 04, 2024
Slide 1 of 30
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
About This Presentation
Naughty Step Net
Slide Content
The Naughty Step
Marek Isalski — @maznu
Faelix Limited — https://faelix.net/
Marek Isalski — @maznu
Faelix Limited — https://faelix.net/
ssh
SMTP
IMAP
POP
VOIP
Drupal
WordPress
SMTP
IMAP
POP
VOIP
Drupal
WordPress
That is one big
pile of shit!
pile of shit!
The Naughty Step
The Shit Pit
The Naughty Step
The Naughty Step
PushDo
virus cover traffic sending 2kbytes with POST / HTTP/1.0
and opening connection to TCP port 25
virus cover traffic sending 2kbytes with POST / HTTP/1.0
and opening connection to TCP port 25
omg wtf loadavg
– every infosec professional ever
“Security is hard.”
“Security is hard.”
WWW
Cat GIF Blog
make DJT
root again!
Cat GIF Blog
make DJT
root again!
WWW
Cat GIF Blog
make DJT
root again!
apache
logs
fail2ban
Cat GIF Blog
make DJT
root again!
apache
logs
fail2ban
Edge Router
WWW
Cat GIF Blog
make DJT
root again!
apache
logs
fail2ban
slurry
AMQP
WWW
Cat GIF Blog
make DJT
root again!
apache
logs
fail2ban
slurry
AMQP
Edge Router
WWW
Cat GIF Blog
make DJT
root again!
apache
logs
fail2ban
slurry
spreader
AMQP
WWW
Cat GIF Blog
make DJT
root again!
apache
logs
fail2ban
slurry
spreader
AMQP
Edge Router
WWW
Cat GIF Blog
apache
logs
fail2ban
slurry
spreader
AMQP
passwords
are hard
WWW
Cat GIF Blog
apache
logs
fail2ban
slurry
spreader
AMQP
passwords
are hard
Edge Router
WWW
Cat GIF Blog
apache
logs
fail2ban
slurry
spreader
AMQP
passwords
are hard
WWW
Cat GIF Blog
apache
logs
fail2ban
slurry
spreader
AMQP
passwords
are hard
WWW
Cat GIF Blog
apache
logs
fail2ban
slurry
spreader
AMQP
passwords
are hard
Edge Router
Cat GIF Blog
apache
logs
fail2ban
slurry
spreader
AMQP
passwords
are hard
Edge Router
Edge Router
fail2ban
slurry
spreader
AMQP
passwords
are hard
fail2ban
slurry
spreader
AMQP
passwords
are hard
Edge Router
WWW
Cat GIF Blog
fail2ban
slurry
spreader
AMQP
passwords
are hard
WWW
Cat GIF Blog
fail2ban
slurry
spreader
AMQP
passwords
are hard
Edge Router
fail2ban
slurry
spreader
AMQP
make DJT
root again!
fail2ban
slurry
spreader
AMQP
make DJT
root again!
Edge Router
fail2ban
slurry
spreader
AMQP
make DJT
root again!
DNS RBL
badips.com
VIPs
fail2ban
slurry
spreader
AMQP
make DJT
root again!
DNS RBL
badips.com
VIPs
Edge Router
fail2ban
slurry
spreader
AMQP
make DJT
root again!
DNS RBL
badips.com
fastnetmon
VIPs
fastnetmon?
NetMcr #2!
fail2ban
slurry
spreader
AMQP
make DJT
root again!
DNS RBL
badips.com
fastnetmon
VIPs
fastnetmon?
NetMcr #2!
Edge Router
fail2ban
slurry
spreader
AMQP
make DJT
root again!
DNS RBL
badips.com
fastnetmon
VIPs
snort?
NetMcr #???
snort
fail2ban
slurry
spreader
AMQP
make DJT
root again!
DNS RBL
badips.com
fastnetmon
VIPs
snort?
NetMcr #???
snort
Edge Router
fail2ban
slurry
spreader
AMQP
make DJT
root again!
DNS RBL
badips.com
VIPs
IPv6
fastnetmon
snort
fail2ban
slurry
spreader
AMQP
make DJT
root again!
DNS RBL
badips.com
VIPs
IPv6
fastnetmon
snort
bots = smart
Typical day of traffic in the shitpit:
spike of traffic, bot realises, moves on.
Typical day of traffic in the shitpit:
spike of traffic, bot realises, moves on.
bots = dumb
Last 90 days, showing some ongoing, persistent attackers.
Last 90 days, showing some ongoing, persistent attackers.
Show me the code!
Show me the code!
:-(
:-(
Show me the code!
:-)
soon?
:-)
soon?
Check these out!
•fail2ban = tail log files, filter them, perform actions
•fastnetmon = am I being DDoSed? uses NetFlow/etc
•portsentry = am I being portscanned?
•mod_security + OWASP = Web Application Firewall
•snort = intrusion detection system
•fail2ban = tail log files, filter them, perform actions
•fastnetmon = am I being DDoSed? uses NetFlow/etc
•portsentry = am I being portscanned?
•mod_security + OWASP = Web Application Firewall
•snort = intrusion detection system
Check these out!
•fail2ban = tail log files, filter them, perform actions
•fastnetmon = am I being DDoSed? uses NetFlow/etc
•portsentry = am I being portscanned?
•mod_security + OWASP = Web Application Firewall
•snort = intrusion detection system
•MikroTik MUM London 2016-11-14 (Monday!)
•fail2ban = tail log files, filter them, perform actions
•fastnetmon = am I being DDoSed? uses NetFlow/etc
•portsentry = am I being portscanned?
•mod_security + OWASP = Web Application Firewall
•snort = intrusion detection system
•MikroTik MUM London 2016-11-14 (Monday!)
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 9
- Slides 30
- Age 430 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
35 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
38 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
34 views
14
Fertility awareness methods for women in the society
Isaiah47
31 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
30 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
31 views