1 Intelligent Application Switching Security Training I – The environment Renaud BIDOU Security Consultant EMEA 2 Intelligent Application Switching • Who are the hackers ? • Mythical Texts • Sociological Approach • Reality • Security • Corporate security • Security professionals Agenda 3 Intelligent Application Switching Who are the hackers ? 4 Intelligent Application Switching Mythical Texts 5 Intelligent Application Switching “Mentor’s Last Words” • aka « hacker’s manifesto », « conscience of a hacker » • THE mythical text • Written by a hacker in a period of large busting 1. Justified a posteriori the behavior of hackers • We explore We seek after knowledge • My crime is that of curiosity 2. Shows a very high self-esteem • I'm smarter than most of the other kids • My crime is that of outsmarting you TEXTS 6 Intelligent Application Switching • Anger underneath • We've been dominated by sadists • Yes, I am a criminal • Looking for an “elsewhere” • This is it this is where I belong • Wide range rebellion • You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals • We make use of a service already existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons • your three-piece psychology and 1950's technobrain “Mentor’s Last Words” TEXTS 7 Intelligent Application Switching • Subjective text • Written to justify hacker’s acts and provide them with respectability • Must not be analyzed “as is” • No real theory or philosophy behind the text • Still a reference • Each and every hacker knows this text • Mostly found on lamers web sites • Flame wars have proved that real hackers know and respect this text “Mentor’s Last Words” TEXTS 8 Intelligent Application Switching • One of the very few state of the art written document • Written to explain who hackers are • Dissident says he is not a hacker 1. Distinguishes 2 categories of hackers • And the idiotic schmucks of the world … • True hackers … 2. Defines the rules • A true hacker DOESN'T get into the system to kill everything • True hackers are curious and patient “The ethics of hacking” (Dissident) TEXTS 9 Intelligent Application Switching • Text for newbies • And to those wanna-be's out there who like the label of HACKER" being tacked onto them, grow up, would ya? • Clear real hackers • maybe someone somewhere will read it, and know the truth about hackers. Not the lies that the ignorant spread • High esteem of what hackers are • True hackers are intelligent “The ethics of hacking” TEXTS 10 Intelligent Application Switching • Quite objective text • Written with less anger than “mentor’s last words” • Dissident gives an external view of the phenomenon • First definition of real hackers • Includes technical skills AND behavior • Gives the rule for hacker’s survival • Hackers’ meaning of life is information. If they destroy it when they get access, they kill themselves. “The ethics of hacking” TEXTS [...]... SOCIAL Uninstitutionalized Collectivity • Obvious • No ministry of hacking  • No schools or universities  Underground community • Leveraging factors • Lack of understanding by the public • Misc laws increases marginality  Even security specialists have to go underground Intelligent Application Switching 16 SOCIAL Uninstitutionalized Collectivity But, even as I type this, I begin to realize just... Corporate Security Intelligent Application Switching 31 Corporate Challenges • Protect the information • 4 criteria (AICAE) • • Availability : obvious… • Integrity : make sure data are not modified • Confidentiality : restrict access • Auditability: ability to know who has done what • Evidence : = non-repudiation From anywhere • Internal & external • While stored or in transit • Logical & Physical Intelligent... related • Curious, need to understand things • Patient and discreet Find ways around • Test special cases • Always aware of potential misbehaviors • No stereotypes • • Age, position, diplomas, dress code are not a criteria Not 200 IQ… Intelligent Application Switching 28 Reality Ok, but who ? ANYBODY And this is the problem Intelligent Application Switching 29 Security Intelligent Application Switching 30... I have money to spend” • I read about worms in a magazine” • I don’t want to get fired” Try to find a tool • No need has been exactly defined • Random tests on different products • Lack of ability to integrate new functionalities in a global plan No security Intelligent Application Switching 34 Security Professionals Intelligent Application Switching 35 Security Ok, but who ? ANYBODY And this is... change your life for the better Intelligent Application Switching 11 Sociological Approach Intelligent Application Switching 12 SOCIAL Social movement requirements 1 A social movement has at least minimal organization 2 A social movement is an uninstitutionalized collectivity 3 A social movement proposes or opposes a program for change in societal norms, values, or both 4 A social movement is countered... of physically destroying buildings and governmental establishments This is a very drastic, yet vital part of this "techno-revolution." "Doctor Crash", 1986) Intelligent Application Switching 24 Reality Intelligent Application Switching 25 Reality • Categories of “hackers” Technical ranking 1 Newbies : New to security Usually they don’t have a clue and very few technical skills 2 Lamers : Newbies who... usually think they are hackers Annoying 3 Script kiddies : Some skills Are able to replay and automate attacks Dangerous when up-to-date 4 Hackers : Quite Skillful Create attacks based on existing technologies Very dangerous when leaving full-disclosure spirit 5 Gurus : Find new intrusion technologies Deadly Intelligent Application Switching 26 Reality • Categories of “hackers” Field of activity 1 Hacking... lie to us and try to make us believe it's for our own good, yet we're the criminals “The Mentor“, 1986 Intelligent Application Switching 21 SOCIAL Size • Hard to evaluate • • • Different categories • security professionals, students, professional hackers etc Different level of expertise • newbies, lamers, script kiddies, gurus etc Different mind • True hackers vs ROW • Some figures • Security mailing-lists... Application Switching 32 Corporate The state of the art • Start from the top •  • Identify assets • Define risk exposure, tolerance and cost • Create an AICAE matrix Match to IT infrastructure • Identify application chains • Define security zones • Write security policy Then (and only then) choose the tools Intelligent Application Switching 33 Corporate The reality • Start from a problem •  • I have... established order 5 A social movement must be significantly large in scope 6 Persuasion is the essence of social movements Stewart, Smith, and Denton (1984) Intelligent Application Switching 13 SOCIAL Organization • Electronic community • • • Hacking groups, started with BBS (the inner circle, l0pht heavy industry, hack4girlz, Theso …) Magazines (especially phrack + dozens of ephemeral …) Mailing Lists . 1 Intelligent Application Switching Security Training I – The environment Renaud BIDOU Security Consultant EMEA 2 Intelligent Application Switching • Who. 1989 16 Intelligent Application Switching Uninstitutionalized Collectivity SOCIAL • Obvious • No ministry of hacking  • No schools or universities  Underground