October 25, 2013 at 08:47LinkMeUp. Issue 8. IB - Best Practices and Pentesting Labs
In the sixth issue, our guest Alexander Sinister talked about the most high-profile attacks on the IT infrastructure. It turned out to be the most popular in the 7 months of the podcast.
Listeners reasonably asked in the comments how this could be avoided.
Meet, as they say, Best Practices on Information Security in the field of networks. Alexander will talk about the most likely attack vectors and methods of preventive defense against them.
In addition, only here you will hear about the latest attack on OSPF, which allows you to change the routing table in the entire IGP domain. The vulnerability was discovered recently and only a month ago was closed by Cisco and Juniper patches. Such information is not yet in Runet and it is quite difficult to find in the global network.
But you know nothing about Information Security if you have never been attacked or attacked yourself. But everyone has the opportunity to consolidate the theory with practice and for this it is not necessary to go under the article. For these purposes, there are PenTest (Penetration Testing) laboratories.
The creator of one of these laboratories - pentestit.ru - Romanov Roman will tell about his experience, about what problems they had to solve, what opportunities the lab provides and what it means to be on the other side of the firewall and always be ready, ready for the attacker smarter than you.
Download the podcast file .
We intentionally did not consider DoS and other specific types of attacks, since protection against them is already beyond the scope of the configuration.
Background music is taken here .
Listeners reasonably asked in the comments how this could be avoided.
Meet, as they say, Best Practices on Information Security in the field of networks. Alexander will talk about the most likely attack vectors and methods of preventive defense against them.
In addition, only here you will hear about the latest attack on OSPF, which allows you to change the routing table in the entire IGP domain. The vulnerability was discovered recently and only a month ago was closed by Cisco and Juniper patches. Such information is not yet in Runet and it is quite difficult to find in the global network.
But you know nothing about Information Security if you have never been attacked or attacked yourself. But everyone has the opportunity to consolidate the theory with practice and for this it is not necessary to go under the article. For these purposes, there are PenTest (Penetration Testing) laboratories.
The creator of one of these laboratories - pentestit.ru - Romanov Roman will tell about his experience, about what problems they had to solve, what opportunities the lab provides and what it means to be on the other side of the firewall and always be ready, ready for the attacker smarter than you.
Download the podcast file .
We intentionally did not consider DoS and other specific types of attacks, since protection against them is already beyond the scope of the configuration.
Background music is taken here .