Secure Yourself, Practice what we preach - BSides Austin 2015
2 likes1,404 views
This document discusses various methods for securing personal devices and systems. It provides tips for using password managers, multi-factor authentication, browser security settings, encrypted backups, and restricting administrative privileges to help protect against malware and identity theft. The document also addresses security best practices for social media, wireless networks, and monitoring children's cell phone usage.
Secure Yourself, Practice what we preach - BSides Austin 2015
- 1. Secure yourself, practice what we preach Michael Gough – Founder MalwareArchaeology.com
- 2. Who am I • Blue Team Defender Ninja, Logoholic, Malware Archaeologist • @HackerHurricane also my Blog • Inventor of the Malware Management Framework • I love logs – they tell us Who, What, Where, When and hopefully How
- 3. This talk is a discussion • Your input is required • Don’t be a Ding Dong, and you might get one! • Share, Share, Share! • We all want to know what you know
- 4. Why this talk? • It dawned on me we are not talking about our personal experiences • We have personal systems • We have work systems • We have families and they have systems • How can we ask our employers to secure stuff if we don’t do it ourselves?
- 5. Which method is best? • Let’s avoid this area, it will take too long • Let’s focus on What is being used and get other options for everyone to investigate • This is about sharing • So we can protect ourselves • And practice what we preach • Take that to our employers and improve the condition there too
- 6. The Anthem Breach • And many others that leaked our PII • Can be used to apply for credit • Steal your identity • File a fake tax return • Etc.
- 7. Credit Cards • Thank you Target… (last year’s motto) • Screw you Anthem (thus this year’s motto) • Due to Target I stopped using my Debit Card except at one location where I can get cash and gas and gift cards (MY MONEY !!!) • Credit Cards for everything (their money not mine) • Two cards, one for everyday (popped 3 times in 2014) • One for online only
- 8. Your Credit • Putting a “Freeze” on your credit is one way to prevent your credit misuse • Cost vary by State • Texas is $10-$10.83 for each Credit Reporting agency • You have to do all 3 Reporting Agencies • Credit Monitoring
- 9. Credit Freeze EXPERIAN: • To request a security freeze, • log on to www.experian.com/freeze, • Call 1 888 EXPERIAN (1 888 397 3742) TRANSUNION: • Place a Security Freeze on your TransUnion Credit Report • Online: https://freeze.transunion.com • Phone: 888-909-8872 EQUIFAX: • For other ways to add a Security Freeze to your credit file, • please contact our Automated Security Freeze System at (800) 349-9960. • https://www.freeze.equifax.com
- 10. How you build your system • We need to backup our data • Build your system with an OS drive and a Data drive • NO DATA on your OS drive • Make it easy to rebuild if something fishy happens
- 11. Build Standards • Center for Internet Security • CIS Benchmarks can help you know what to set • Both personally and for the enterprise • Windows • MAC • Linux • IE, FireFox, Safari
- 12. Backups • Encrypt it ! • On-Site – multiple copies • Off-Site – Drive at family or friend • Cloud – CloudBerry • Amazon S3 • Glacier – CrashPlan – Carbonite
- 13. Password Managers • LastPass – YubiKey – Google Auth • Dashlane – Google Auth • Password Safe – Yubikey • KeyPass • 1Password • RoboForm
- 14. Multi-Factor Auth • Fido • Yubikey • Google Auth • Lots of standards • PayPal • eBay
- 15. Browsers • Don’t use IE • FireFox – Script Block – Web of Trust – AdBlock Plus – EFF – Privacy Badger • Chrome – Script Block – Web of Trust – AdBlock Plus – EFF – Privcy Badger • Safari • Aviator
- 16. Search Engines • Google • Bing • Yahoo • DuckDuckGo • Yandex
- 17. Drive Encryption • TruCrypt – 7.1a • BitLocker • File Vault
- 18. Cloud Storage • Do you store your data in the Cloud? • InstantCryptor.com – Browser based encryption – FireFox & Chrome – DropBox – Google Drive • Trucrypt 7.1a
- 19. Bookmarks • Xmarks • Sync your bookmarks so recovery is easy • Save stuff at home, see it at work and visa- versa • FireFox Sync
- 20. DNS • OpenDNS – Nice for your family - FREE • Google DNS
- 21. Remote Access • VNC • GoToMyPC • OpenVPN • Your FW HW • TOR
- 22. Mac, PC or Linux? • We could spend an hour on this topic alone • Windows is ~85% of our systems • MAC’s get less malware, but still get malware • Linux? • Whatever you use, don’t be an Administrator • 90% reduction of risk
- 23. MAC Knock Knock - github.com/synack/knockknock • KnockKnock displays persistent items (scripts, commands, binaries, etc.), that are set to execute automatically on OS X. For a comprehensive presentation on OS X malware, persistence, and KnockKnock, see the following slides. • $ python knockknock.py
- 24. Cell Phones • I use an Apple… • It gets updated • What do you do ? • CIS Benchmarks for IOS and Android
- 25. Software Restrictions • Windows only • AppBlocker (service – Audit mode) • Software Restriction Policies • Only on Pro, Ultimate and Enterprise • Stops .EXE from running in C:Users • Can really slow down the malwarez
- 28. Software Restrictions • EventCode = 866 *
- 29. Logs • Windows Logging Cheat Sheet • Enable the logs • Collect locally • Learn how to read them • Try and send to a Log Management solution – SumoLogic – Splunk server – ELK stack – Or do it manually
- 30. Wireless • Anything we don’t know? • WPA • Use Guest for guests • Set OpenDNS as the DNS server to affect all users – Provides reporting
- 31. Cell Phones • ATT Smart Limits • Sprint Parent Controls • Verizon Family Safeguards • T-Mobile Family Allowances • Great for our kids
- 32. Social Networking • LinkedIn • Facebook • Twitter • Etc…
- 33. Privacy • Lots of breaches here • NSA, GCHQ, etc… • Social Networking • What do you do ? • 5 min discussion
- 34. Questions? • HackerHurricane.com • @HackerHurricane • MalwareArchaeology.com