Tuesday, July 31, 2012

CYBR 650 - DEFCON 20 - Fundamental Knowledge For Any Hacker

On Wed, I left for Las Vegas to see if I could match wits (not not my last name) with some real talent. I came upon some interesting realizations! First of all, they have this strange obsession with liquor and to be sober by the end of all the talk could end up in public humiliation (or some free booze so you can be as lit as they are????).

Second, do NOT trust anything that comes from Dark Tangent, LostBoy (aka 1o57),  Tuna, and the goons (USB thumb drives were given to the virgins and malicious codes in their badges which would prevent the human badges from working properly)!!!

Third, as much as I know, there is a lot I do not know!

I have had to deal with the fact that I have to actually pick ONE talk because I can't make them all. This sucks, but I will be buying the DEFCON discs to make up for that, so look for that summary when I get those.

I can't really summarize what I have learned the last couple days, but there was a talk that really got my attention. It was given by 1o57. It was titled "Hacking the Hackers: How Firm is Your Foundation?"

It got me thinking and I began to realize that in order to be good in Cybersecurity, we need a solid foundation just like anything else. When he went through his talk, I began to realize that there was a lot I didn't know. I realized I was in the right place. I have an insatiable curiosity. Now I know where to fill in my gaps.

He starts with, "I"ve got some things that are just bugging me because there are some people that I talk to that just don't have the basic fundamental knowledge of things that we need in the hacker community."

I will admit, I am a n00b. For me, this was the perfect talk. What foundation do I need to not only be excellent in the Cybersecurity field, but to build upon in an ever changing world?

****WARNING: Some hyperlinks do go to Wikipedia. Do not tell Professor Karla Carter! She will punish me for torturing her little alien****

Here is 1o57's take on what the basic foundation is:

1. Binary - Everyone knows that binary is 1's and 0's but what does it mean? Also it is common knowledge that 1's and 0's have two states: on and off. 1o57 asked this question: "Who can do a 4-bit binary count up off in your heads, right now? It should be everybody in this room." I suddenly felt very lame. He explained further:
      0+0 in binary is 0
      0+1 in binary is 1
      1+0 in binary is 1
      1+1 in binary is 0 with a carry

    If you don't have a solid fundamental understanding of binary, look it up. ***There is hope for me yet.***

2. Hex - "Everybody who is like the elite hacker now knows we write stuff in hex codes! Hex is cool!"  Why do we use hex? It starts with the binary (the foundation of everything). Hex is the exhaustive use of 4-bits.

3. TOR

4. SHODAN - "Silence on the wire." You can look something up on SHODAN without ever having to touch the site and not giving your presence away.

5. Reverse engineering - Tools help in reverse engineering. A popular one is IDA Pro, but 1o57 recommends Visisect created by InvisiGoth (aka Ken Shoto).

6. TCP/IP - Have a fundamental understanding of what it is. If you are going to do network security based stuff, you should have that foundational knowledge.

7. Assembly - Learning the fundamental language of the architectures we are dealing with.

8. Scripting language - Python, Perl, JavaScript, Lua, Ruby (makes 1o57 shudder, 1o57 does not like Ruby )

9. Get a little exposure to C/C++ -  Kernighan & Ritchie wrote the book on C back in the day and should be in every IT/security person's library.

10. Basic crypto properties - Know what the basic algorithms are, basic encryption schemes,  how to get a basic GPG or PGP key.

11. Wireshark -  If you don't have that fundamental knowledge of TCP/IP, you won't know what you are looking at.

12. NESSUS- A tool that is being used for compliance. According 1o57 though, it means nothing these days. To run a NESSUS scan on a system and say it is protected is snake oil (the opinion of 1o57). Security is a never ending cycle and continually evolving.

13. Metasploit - An attack framework for pen-testing

14. VMs - These can be used to create multiple machines in one computer to test the "mad hacking" skills the hacking community has. Virtual machines other uses too. :-)

15. Backtrack - A pre-compiled Linux distribution. You can run all your fun, basic tools built into it

16. Command Lines - These are timesavers. Pull down menus are inefficient. If you learn 15 of the most common commands in whatever software you use regularly, you get an hour back. Don't be slaves to the GUI. Also using "man pages" (manual pages) are for looking up instructions for different systems, primarily LINUX and UNIX.
   
17. SSH - If you use IRC, you should be using an SSH tunnel. If you don't, learn how!

18. PuTTY - PuTTY is used in a Windows box. If you log into Firezilla, what are you credentials encrypted with? Nothing. This adds a little bit of security.

19. Great open source tools - GIMP, Inkscape. These are great for graphic manipulations.

20. How DNS works and how it is fundamentally broken. There are protocols and systems that are in place that have been in use since the early days of the ARPANET that we keep putting spackle and duct tape on and continue to force them down people's throats. "DNS is fundamentally broken." We've blindly adhered to some protocols that need to be reworked because they were not designed with security in mind from the start.

21. If you are going to tinker in hardware based stuff, stay away from Radio Shack. Digikey, JamecoMouser, Sparkfun are much cheaper!!!!

22. Schematic Capture - Still on the hardware kick. Taking your circuit and putting in software to make it produce.

23. FPGA - This is going to change a lot of stuff. It allows software to change an electronic component (over simplified) It is the concept that was used for the DEFCON 20 badge. Once the VGA and PS/2 connectors were soldered onto the badges, it would allow a Commodore 64 emulator to run on the badge.

24. Eagle - A circuit designed software. Students can get a free version of this.

25. FREE STUFF!!! Ladyada put together on her page a place where you can pick up sample parts and free stuff from various companies. If you order a part, don't be stupid! Order a couple! If you have an .edu address, they love sending stuff to you.

26. Learn how to use an oscilloscope and digital multimeters.

27. Forrest Mims' "Getting Started In Electronics"

28. Stupid Code Tricks - Things like bit shifting (there's that binary code again) to make a multiplier divide very fast. Swapping two variables with no scratch spaced used: XOR three times. Makes code processing more efficient. Don't be intellectually lazy with how you write code.

29. Hacking servos! A servo is a DC motor with some kind of sensing technology in it to control position.

30. Social Engineering

31. Learn to communicate. Learn to communicate with as many people and things as possible. It makes for a better life.

30. Be a hacker. Go outside the box. Do not remain in the bubble that people want to put us in either due to societal definitions (hackers are criminals) or because of the potential to violate privacy (they are going to put it on Facebook anyways!).  Follow your intellectual curiosity.



No comments:

Post a Comment