Sean Hanna Q&A
Изпратихте ни много въпроси, свързани с Отворения ден на етичното хакерство – Hack the Hackers. Отговорите на Шон Ханна на повечето от тях ще намерите по-долу.
Шон Ханна е консултант по информационна сигурност със задълбочена експертиза и богат опит в областта на GRC, дизайн и одит по сигурността, penetration testing, incident handling, управление на риска, тренинги по ИТ сигурност.
Сертифициран е като: CISSP, GCIA, GCIH, GSEC, CEH, CHFI, ECSA, LPT, EDRP; CEI, CISM, MCT, CTT+; MCITP (Enterprise Messaging), MCSE+Security
Експертизата му получава международно признание и той става носител на редица престижни награди, сред които EC Council Инструктор по сигурността на годината в безпрецедентни 3 години (2007, 2008 & 2010). Шон има многобройни участия в конференции и семинари, включително като почетен лектор на Cyber Warfare на InfoSEC 2010, най-голямата конференция за сигурност в Европа.
През м. май 2011 г. Шон проведе първите в България курсове за Certified Ethical Hacker (CEH7) и Computer Hacking Forensics Investigator (CHFI), по покана на New Horizons. Той беше и гост-лектор на Отворения ден на етичното хакерство – Hack the Hackers на 18 май.
You: What are the simple rules for protection?
Sean: Simple security, simply works. If it’s complex, it’s wrong.
You: What are the new trends in the security field, and what opportunities do they open?
Sean: One of the hottest topic is Cloud Security and there are many opportunities to contribute to formation of new guidelines and methods we require to help secure such a complex technology. I’m involved with ISACA who are doing a lot of good work in this area.
You: How I can secure my DATA more to I set it to highest level: larceny on information by MS corp.?
Sean: This site should help you http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml
You: What are the vulnarabilities in pfSense?
Sean: It’s really the same as the base operating system. It’s a system that I love and use myself, but such a specific question is very hard to answer and new vulnerabilities can be found every day. Instead you be focusing on how it’s been configured as this is your real risk.
You: Full disclosure or responsible disclosure?
Sean: I think I covered this in detail during the event. I’m a big fan of regulated full disclosure where companies have a legal requirement to report security incidents, but that identifying details are never released.
You: Adv windows exploitation: bypassing DEP , ASLR.. etc …
Sean: In short, Heap Spray. This is such a wide ranging and technical question, a book could be written on the topic. It’s also something that I’m uneasy helping with, as if I could share such things, I would be enabling a large audience with attacks that could be widely used. That’s not what I’m about. I want people to understand how systems are compromised in order to help my customers to better secure them. In short I think it’s enough to know that buffer overflows remain one of the largest attack vector and still need to ensure that we have a defense in depth approach to all our security.
You: What are a person’s first steps towards a carrier in network security and how does one practice hacking without breaking the law?
Sean: I’m unsure of the meaning of the first part but I can help with the second. I’d always strongly recommend that you would use a isolated sandbox such as a laptop disconnected from the network running VMware or similar. You can also look as joining various web sites and groups that provide war game servers which you can freely attack. Never try these skills on live networks or systems or on the internet as hacking is a criminal act.
You: What are the countermeasures against Spear Phishing Attack?
Sean: A simple measure is always best, Policy and Procedure implemented via education is your first line of defense, backed up with the other layers in your ‘Defense in Depth’ plan like anti-virus, firewall, traffic filtering and the all important IDS.
You: In general, how relevant are these hacking methods to big corporate networks, in which contemporary protection technologies are integrated and all kinds of security policies are used?
Sean: One of the biggest risks is complacency. Without keeping abreast of the latest risk, it would be impossible to test and ensure the validity of the current measures.
You: The best secure devices – hardware or software?
Sean: Saying that all software runs on hardware and that all hardware requires software, I don’t see any difference. It all depends on the way software and hardware has been configured.
You: Which distribution of Linux would you use for web server?
Sean: I’m sorry, but that is outside my areas of specialism.
You: What do you think about MySQL and the blind sql injection which compromised them?
Sean: I’m a big fan of open source including MySQL, but DBMS is not one of my areas of specialism. All platforms have had and will continue to have vulnerabilities found. I just think it’s great that the community effort is no worse than the big players in the same space.
You: Which technology provides better Internet security – Java, PHP or .NET?
Sean: All security requirement have different solutions, but Java is the only one that security designed architecturally into the system.
You: What are the best hacking frameworks?
Sean: I’m a big fan of Metasploit, but only for learning and education. It should never be run against a live network. From the pro tools, Core Impact is my number one. But what a price they charge!!
You: How can you describe your personal vision about the Social Engineering five years from now?
Sean: Well, my hope would be that though education and software advancement, we should be able to get on top of it. Social Engineering is taking advantage of the general publics lacks of knowledge. This was also the case with Visa card fraud and we have managed to reduce in a very short time frame.