Infrasec/Compute SecConf: Difference between revisions
No edit summary |
|||
| Line 5: | Line 5: | ||
== Recommendations == | == Recommendations == | ||
These are all here if you '''MUST''' use your computer during a conference. Ideally you shouldn't need to and/or you are using a MiFi directly connected to your | These are all here if you '''MUST''' use your computer during a conference. Ideally you shouldn't need to and/or you are using a MiFi directly connected to your system. You might also want to consider what you are going to do and if it is worth the risk. So if you '''MUST''' compute, here are some recommendations. | ||
# Don't use your regular system. | # Don't use your regular system. | ||
| Line 17: | Line 17: | ||
## This does two things, you can ensure that if you do have passwords flying around in plain text they won't be seen and if you have established this connection priory to the conference, you can ensure there isn't any tampering with your traffic. | ## This does two things, you can ensure that if you do have passwords flying around in plain text they won't be seen and if you have established this connection priory to the conference, you can ensure there isn't any tampering with your traffic. | ||
# Accepting untrusted SSL/HTTPS certificates or even SSH keys | # Accepting untrusted SSL/HTTPS certificates or even SSH keys | ||
## If you are making a connection to a site and it asks you to accept a key or certificate, you better know what you are doing. If this is something you have used in the past, don't accept it. | ## If you are making a connection to a site and it asks you to accept a key or certificate, you better know what you are doing. If this is something you have used in the past, don't accept it. | ||
Revision as of 00:24, 23 July 2010
Summary
Security Conferences in general can be a hostile place for using your computer and it is important to know what is going on around you. So to set the scene, I am talking about the networks within the conference halls and even in your hotel room. While all the conferences have a varied level of scary, using caution with everything you are doing on your computer is best.
Note: If any of the terms in the "recommendation" section mean nothing or you have no idea what I am talking about, you probably shouldn't use your computer or wireless device at these conferences. You should also make sure you turn off Bluetooth and Wifi on all your devices.
Recommendations
These are all here if you MUST use your computer during a conference. Ideally you shouldn't need to and/or you are using a MiFi directly connected to your system. You might also want to consider what you are going to do and if it is worth the risk. So if you MUST compute, here are some recommendations.
- Don't use your regular system.
- At least for me, I have a lot on my system and I wouldn't want anything to happen to it. So instead, I have a security conference system.
- Have some password diversity
- Don't use the same password for everything. Break them up into different levels such as company, personal, social network and banking.
- Rouge Access Points
- This one is a tough one, at Blackhat typically there are people spoofing the conference access points, so beware of what you are using. If you can verify the MAC address of the access point, that is best, if not use a MiFi or your phone's data connection.
- Tunnel and proxy out of the conference
- Depending upon your host OS, it is best to use a secure connection such as IPSec, SSH or an SSL VPN to an outside host and proxy all of your traffic to that host. This would also require you to configure your host OS to proxy everything out. (Keep in mind, this isn't 100% depending upon what you are doing.)
- This does two things, you can ensure that if you do have passwords flying around in plain text they won't be seen and if you have established this connection priory to the conference, you can ensure there isn't any tampering with your traffic.
- Accepting untrusted SSL/HTTPS certificates or even SSH keys
- If you are making a connection to a site and it asks you to accept a key or certificate, you better know what you are doing. If this is something you have used in the past, don't accept it.