Скачать или смотреть DEF CON 12 - Michael Rash, Advanced Netfilter; Content Replacement (ala Snort_inline)

DEF CON 12 - Michael Rash, Advanced Netfilter; Content Replacement (ala Snort_inline)

Скачать DEF CON 12 - Michael Rash, Advanced Netfilter; Content Replacement (ala Snort_inline) бесплатно в качестве 4к (2к / 1080p)

У нас вы можете скачать бесплатно DEF CON 12 - Michael Rash, Advanced Netfilter; Content Replacement (ala Snort_inline) или посмотреть видео с ютуба в максимальном доступном качестве.

Для скачивания выберите вариант из формы ниже:

Информация по загрузке:

Cкачать музыку DEF CON 12 - Michael Rash, Advanced Netfilter; Content Replacement (ala Snort_inline) бесплатно в формате MP3:

Если иконки загрузки не отобразились, ПОЖАЛУЙСТА, НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если у вас возникли трудности с загрузкой, пожалуйста, свяжитесь с нами по контактам, указанным в нижней части страницы.
Спасибо за использование сервиса video2dn.com

Описание к видео DEF CON 12 - Michael Rash, Advanced Netfilter; Content Replacement (ala Snort_inline)

Michael Rash, Advanced Netfilter; Content Replacement (ala Snort_inline), and Port Knocking Based on Passive OS Fingerprinting
The boundaries between network access control devices and network monitoring devices are steadily becomming blured. Network intrusion detection systems are moving into the realm of not only monitoring network traffic, but also modifying it either through dynamic reconfiguration of firewall rulesets, spoofed session-busting traffic, or outright alteration of application layer data (ala Snort_inline). Firewalls themselves are also getting smarter about protocol validation and application layer data.

This talk will discuss two main topics; 1) a patch to the iptables string match extension in the Linux kernel that allows iptables to perform the same data substitution as Snort_inline but three times faster, and 2) a new tool called "fwknop" that implements port knocking authentication based on passive operating system fingerprints as detected via iptables log messages. The latter makes it possible to allow only, say, Linux systems to connect to your SSH daemon.

Michael Rash holds a Master's Degree in applied mathematics with a concentration in computer security from the University of Maryland. Mr. Rash works as a security research engineer for Enterasys, Inc. where he develops signatures and writes code for the Dragon IDS. Previous to Enterasys, Michael developed a custom host-based intrusion detection system for USinternetworking, Inc. which was deployed on over one thousand systems from Linux to Cisco IOS. Michael frequently contributes to open source projects such as Netfilter and Bastille-Linux, and has written security related articles for the Linux Journal, Sys Admin Magazine, and Information Security Magazine. He is also a co-author of the book Snort-2.1 Intrusion Detection published by Syngress (to be published in late May, 2004). Michael is the developer of two open source tools "psad" and "fwsnort" that are designed to tear down the boundaries between iptables and the Snort IDS. More information about Michael and his open source projects can be found at: http://www.cipherdyne.org/

Комментарии

Информация по комментариям в разработке