Tuesday
This commit is contained in:
parent
e8c78ecf34
commit
24bec880e2
20
Tuesday/00-traffic_filtering_at_scale.md
Normal file
20
Tuesday/00-traffic_filtering_at_scale.md
Normal file
|
@ -0,0 +1,20 @@
|
|||
# Traffic filtering at scale on Linux
|
||||
|
||||
## BPF (Berkley Packet Filter)
|
||||
- Basically a presentation its implementation in Linux
|
||||
|
||||
## Performance analysis
|
||||
- Show some tricks to generate a LOT of traffic, and show how the kernel handles it:
|
||||
- Bash with netcat
|
||||
- Some Python
|
||||
- tcpreplay and a pcap
|
||||
- pktgen
|
||||
- Show some tricks to filter a lot of traffic from the receiver point of view:
|
||||
- iptables' raw table
|
||||
- XDP (eXtreme Drop Performance)
|
||||
- kernel bypass (XDP driver, or directly on the NIC)
|
||||
|
||||
|
||||
## Personal feeling
|
||||
Interesting talk, showing a wide view of the networking stack.
|
||||
|
16
Tuesday/01-performance_with_a_S_like_Security.md
Normal file
16
Tuesday/01-performance_with_a_S_like_Security.md
Normal file
|
@ -0,0 +1,16 @@
|
|||
# Suricata Performance with a S like Security
|
||||
|
||||
Speaker has a beautiful French accent!
|
||||
|
||||
- Suricata is a signature based IDS
|
||||
- Need of very high performance
|
||||
- Showing some performance analysis
|
||||
- Then we see a very complex performance problem
|
||||
- Presenting the solutions:
|
||||
- Some bypass during reconstruction: don't fully filter everything
|
||||
- Some "Hipster" technos: eBDF, XDP
|
||||
- Quite new, promising.
|
||||
|
||||
## Personal feeling
|
||||
Nice first approach of Suricata. Looking forward for the workshop!
|
||||
|
11
Tuesday/02-keynote:a_10_year_journey_in_Linux_firewalling.md
Normal file
11
Tuesday/02-keynote:a_10_year_journey_in_Linux_firewalling.md
Normal file
|
@ -0,0 +1,11 @@
|
|||
# A 10 years journey in Linux firewalling
|
||||
|
||||
- Netfilter is a very wide range of pieces working together
|
||||
- The speaker has an impressive CV on netfilter (starting in 2005)
|
||||
- Elder userspace tools were too inconsistent, complicated, tough...
|
||||
- Presentation of the new `nft` interface. Lot of nice features, looks far more user-friendly \o/
|
||||
- Still some WIP for more advanced features, but already working for most cases
|
||||
|
||||
## Personal feeling
|
||||
Cool guy with a very precise knowledge of the subject.
|
||||
|
9
Tuesday/03-full_packet_capture.md
Normal file
9
Tuesday/03-full_packet_capture.md
Normal file
|
@ -0,0 +1,9 @@
|
|||
# Full packet capture
|
||||
|
||||
- Far more convenient than logging in case of intrusion/pwning/etc...
|
||||
- Getting timestamped pcap's searchable via Moloch
|
||||
- Docker based solution for easy deployment without polluting the systems
|
||||
|
||||
## Personal feeling
|
||||
This presented a nice and easy solution for Full Packet Capture, be it on an
|
||||
internal network, or across the Internet.
|
52
Tuesday/04-rumps.md
Normal file
52
Tuesday/04-rumps.md
Normal file
|
@ -0,0 +1,52 @@
|
|||
# Rumps
|
||||
|
||||
## Pass the Salt feedback from the team
|
||||
- Coming from RMLL, after the decrease of technical security talks
|
||||
- Bring communities together
|
||||
- Lot of challenge, to launch a con like this from scratch
|
||||
|
||||
## Suriwire
|
||||
- Suricata informations inside Wireshark
|
||||
- Pretty nice!
|
||||
|
||||
## cURL
|
||||
- Blazing fast talk. TL;DR: `man curl`
|
||||
|
||||
## Privacy
|
||||
- How to store easily data with freedom, privacy, and security
|
||||
- Build a community around the project MonkeyCodex
|
||||
|
||||
## OPS vs SECU
|
||||
- Sysadmins vs Security team
|
||||
- How to break the world
|
||||
|
||||
## Apology and confession for all the CVEs I created
|
||||
- Self service password
|
||||
- LDAP is complicated, PHP does not help, but the dev can be careful
|
||||
|
||||
## Automated package signing
|
||||
- Tuleap guy
|
||||
- HashiCorp Vault comes handy but does not support GPG
|
||||
- A plugin exists to have the glue binding the things
|
||||
|
||||
## Feeding Your Bees
|
||||
- TheHive: Security Incident Response for the Masses
|
||||
- Email will never die!
|
||||
- Poll IMAP to feed TheHive in a cron job
|
||||
|
||||
## Fun (or not) with C ABI
|
||||
- ABI are complicated, and hard to interface with
|
||||
- Solutions: libffi, dragonffi, that provide Python bindings for example
|
||||
- `pip install pydffi`
|
||||
|
||||
## Story behind PTS goodies
|
||||
- All SVGs and scripting for 3D printers
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
15
Tuesday/05-Security_and_self-driving_computers.md
Normal file
15
Tuesday/05-Security_and_self-driving_computers.md
Normal file
|
@ -0,0 +1,15 @@
|
|||
# Security and self-driving computers
|
||||
|
||||
- Computers update themselves
|
||||
- No more humans involved
|
||||
- Lets Encrypt's revolution
|
||||
- LE integrates with Apache, but it was rough (config parsing and so...)
|
||||
- Solution: `mod_md`, now in Apache upstream
|
||||
- Add only one line to your Apache configuration and LE works automagically
|
||||
- TL;DR, `mod_md` is secure, robust, resilient, and still very simple to use
|
||||
- Should be secure enough, but: "A ship in harbor is safe, but that is not what ships are built for."
|
||||
- Conclusion: HTTPS everywhere becomes a reality, and even if that doesn't help antimalware researchers, it's actually a very good thing in 2018
|
||||
|
||||
## Personal feeling
|
||||
A clear and precise explanation on how `mod_md` works, how it was designed.
|
||||
Very good speaker, with crystal clear sentences.
|
11
Tuesday/06-Snuffleupagus.md
Normal file
11
Tuesday/06-Snuffleupagus.md
Normal file
|
@ -0,0 +1,11 @@
|
|||
# Snuffleupagus
|
||||
|
||||
- Funny story about Wordpress, and pwning
|
||||
- Everything is already secured everywhere in hosting companies, except the PHP interpreter
|
||||
- Need to secure PHP applications without touching the PHP code
|
||||
- Listing all the classes of bug (RCE, LFI, CSRF, Auth bypass, ...) and how to kill them with Snuffleupagus
|
||||
- Already used in production for **big** websites
|
||||
|
||||
## Personal feeling
|
||||
Very useful project, able to secure 3/4 of the web (the part using PHP).
|
||||
Cool guys doing the talk, too, but that's not objective at all.
|
8
Tuesday/07-VultureOS.md
Normal file
8
Tuesday/07-VultureOS.md
Normal file
|
@ -0,0 +1,8 @@
|
|||
# Vulture OS
|
||||
|
||||
- A reverse-proxy OS, combining, HAProxy, Apache module, httpd, Django, etc...
|
||||
- Provides Applicative firewalling, Auth SSO, GeoIP blacklisting, and more!
|
||||
- Embeds machine-learning to avoid humans intervention
|
||||
|
||||
## Personal feeling
|
||||
Basically an explanation of their quite complex stack. Cool guys too.
|
10
Tuesday/08-Clusterize_malware_dataset.md
Normal file
10
Tuesday/08-Clusterize_malware_dataset.md
Normal file
|
@ -0,0 +1,10 @@
|
|||
# Clusterize malware dataset
|
||||
|
||||
- Automatically classify malware based on Yara rules and machine learning
|
||||
- Describing quite theoretically the different ways to sort the dataset.
|
||||
- Automated way to generate Yara rules at the end
|
||||
|
||||
## Personal feeling
|
||||
Quite theoretical talk, with a not-that-dynamic speaker. Though, the research
|
||||
work behind the talk was really interesting.
|
||||
|
13
Tuesday/09-LemonLDAP::NG_2FA.md
Normal file
13
Tuesday/09-LemonLDAP::NG_2FA.md
Normal file
|
@ -0,0 +1,13 @@
|
|||
# LemonLDAP::NG 2 factors authentication
|
||||
|
||||
## Generalities on 2FA
|
||||
- One-time password
|
||||
- U2F, Yubikey
|
||||
|
||||
## LemonLDAP::NG
|
||||
- SSO for French government
|
||||
- Feature presentation, including screenshots of the admin pages
|
||||
- Fusion IAM
|
||||
|
||||
## Personal feeling
|
||||
Mostly informative talk, cool guys.
|
12
Tuesday/10-No_way,_JOSE.md
Normal file
12
Tuesday/10-No_way,_JOSE.md
Normal file
|
@ -0,0 +1,12 @@
|
|||
# Lessons for authors and implementers of open standards
|
||||
|
||||
- JOSE: JSON Object S E
|
||||
- Journey into writing a standard for using JSON in cryptography
|
||||
- You better write a library than a standard
|
||||
- Example of JSON, used as a base for the standard the speaker wrote
|
||||
- Many problems with "standard" JSON, it's not standard, because no reference implementation, and not that precise standard
|
||||
- Be careful when implementing cryptography!
|
||||
|
||||
## Personal feeling
|
||||
As expected, mainly generalities and guidelines to write standards, based on his real-world experience.
|
||||
|
13
Tuesday/11-Did_you_consider_using_2FA.md
Normal file
13
Tuesday/11-Did_you_consider_using_2FA.md
Normal file
|
@ -0,0 +1,13 @@
|
|||
# Did you consider using 2FA?
|
||||
|
||||
- Password is a way to provide security
|
||||
- Only Bob knows Bob's password: this statement is **NOT** true!
|
||||
- Many password leaks everywhere
|
||||
- Add a physical second factor if possible
|
||||
- OTP: one-time password, retrieved by another mean
|
||||
- Smartcard, with PIN and write-only private keys that can't be stolen
|
||||
- Some explanation on FreeIPA protocol with various 2FA, and its features in latest version
|
||||
|
||||
## Personal feeling
|
||||
At the same time technical and non-technical. Still mostly informative about
|
||||
existing standards for 2FA.
|
Loading…
Reference in a new issue