Professional Documents
Culture Documents
Speaker:
Location:
Date:
2006-2012 WirelessConnect.eu
Training
Consultants
2006-2012 WirelessConnect.eu
Speaker Profile:
Studied BEng. Mechanical & Electronic Engineering,
DCU,Ireland
2006-2012 WirelessConnect.eu
OWASP http://owasp.org
Spamhaus.org http://spamhaus.org
nmap.org http://nmap.org
ha.ckers.org http://ha.ckers.org/
2006-2012 WirelessConnect.eu
Router OS
Highly Versatile
Highly Customisable
2006-2012 WirelessConnect.eu
It is a Web Proxy
It is a Socks Proxy
It is a Router
It is an IPSEC Concentrator
2006-2012 WirelessConnect.eu
Stateful Firewalls
Enhance security by monitoring requests and to enforce that only
legitimate responses to legitimate requests are allowed.
Every Stateful Firewall must have the the following 9 rules near the
top of firewall rule set
All New Requests ( non layer 7 ) will be filtered after the rules
above
See MUM 2010 & MUM 2011 Presentations for More information
2006-2012 WirelessConnect.eu
Web Proxy
Web Proxy is an Application Layer Gateway
DNS names
Urls
Filetypes
2006-2012 WirelessConnect.eu
2006-2012 WirelessConnect.eu
Open Proxies are often used by attackers to hide their true identity
also can be used in more serious illegal activity
Reverse Proxies that are open to the public should have a firewall
between your internal network and the Proxy.
10
2006-2012 WirelessConnect.eu
11
2006-2012 WirelessConnect.eu
12
2006-2012 WirelessConnect.eu
Operates at Layer 5
Firewall rules
13
2006-2012 WirelessConnect.eu
OpenDNS
URLblacklist
14
2006-2012 WirelessConnect.eu
15
2006-2012 WirelessConnect.eu
17
2006-2012 WirelessConnect.eu
18
2006-2012 WirelessConnect.eu
19
2006-2012 WirelessConnect.eu
20
2006-2012 WirelessConnect.eu
21
2006-2012 WirelessConnect.eu
Black Hole is most secure and incurrs the least load on the router
22
2006-2012 WirelessConnect.eu
23
2006-2012 WirelessConnect.eu
24
2006-2012 WirelessConnect.eu
25
2006-2012 WirelessConnect.eu
Dynamic Routing
OSPF... Not a good idea between external parties
26
2006-2012 WirelessConnect.eu
27
2006-2012 WirelessConnect.eu
28
2006-2012 WirelessConnect.eu
BGPv4 Basics
Stands for Border Gateway Protocol
29
2006-2012 WirelessConnect.eu
BGP Transport
Operates by exchanging NLRI (network layer reachability
information).
30
2006-2012 WirelessConnect.eu
Community
Attribute that groups destinations
Default groups:
31
2006-2012 WirelessConnect.eu
BGP Community
32-bit value written in format xx:yy Where
xx= AS Number:
AS prepending options
Geographic restrictions
Blackholing, etc.
32
2006-2012 WirelessConnect.eu
Communities In a nutshell
Route Advertiser and Route Reciever ( ISP Admins ) discuss
policies and exchange usefull information meaning of Policies
etc.
Various Communties are set and sent out with various routes...
.... BRILLIANT :)
33
2006-2012 WirelessConnect.eu
34
2006-2012 WirelessConnect.eu
They also have a free BGP Feed for IPv4 and IPv6 Bogons
35
2006-2012 WirelessConnect.eu
36
2006-2012 WirelessConnect.eu
37
2006-2012 WirelessConnect.eu
Cymru response
We received 5565 bogon
prefixes from CYMRU
E-mail contact:
noc@cymru.com
38
2006-2012 WirelessConnect.eu
39
2006-2012 WirelessConnect.eu
40
2006-2012 WirelessConnect.eu
41
2006-2012 WirelessConnect.eu
42
2006-2012 WirelessConnect.eu
Thank You
I hope you enjoyed the Presentation as much as I Did:)
43
2006-2012 WirelessConnect.eu