aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMurray Stokely <murray@FreeBSD.org>2010-02-06 21:26:56 +0000
committerMurray Stokely <murray@FreeBSD.org>2010-02-06 21:26:56 +0000
commitf2a3b4d0f318b994003eebaf796cb7df5fe9676e (patch)
treed06cd4bc43594adc6258315683a168e6293b59d7
parenta32dc778141bd3f0c3558abefc47b1acf041e2d4 (diff)
downloaddoc-f2a3b4d0f318b994003eebaf796cb7df5fe9676e.tar.gz
doc-f2a3b4d0f318b994003eebaf796cb7df5fe9676e.zip
Transcription improvements made for hire through Amazon Mechanical
Turk. Sponsored by: FreeBSD Foundation
Notes
Notes: svn path=/head/; revision=35337
-rw-r--r--en_US.ISO8859-1/captions/2009/dcbsdcon/bejtlich-networksecurity.sbv114
1 files changed, 57 insertions, 57 deletions
diff --git a/en_US.ISO8859-1/captions/2009/dcbsdcon/bejtlich-networksecurity.sbv b/en_US.ISO8859-1/captions/2009/dcbsdcon/bejtlich-networksecurity.sbv
index caa7460c7a..640efb4491 100644
--- a/en_US.ISO8859-1/captions/2009/dcbsdcon/bejtlich-networksecurity.sbv
+++ b/en_US.ISO8859-1/captions/2009/dcbsdcon/bejtlich-networksecurity.sbv
@@ -87,7 +87,7 @@ we’ve lost like three hundred billion in market cap over
the last year it’s been an exciting ride
0:01:22.110,0:01:25.230
-the ads general electric we get three hundred thousand users
+the ads General Electric we get three hundred thousand users
0:01:25.230,0:01:28.360
um just a few security issues as you might
@@ -137,11 +137,11 @@ please let me know
0:01:56.320,0:01:59.179
what I’m going to describe isn’t exactly what I do
-with general electric
+with General Electric
0:01:59.179,0:02:02.390
-or at least it's not officially what I do at general
-electric
+or at least it's not officially what I do at General
+Electric
0:02:02.390,0:02:06.950
but you can imagine that I just don’t come up with
@@ -234,7 +234,7 @@ if you think about health well you might say
how’s your blood pressure
0:03:25.719,0:03:27.940
-well it’s under one hundred and twenty over eighty
+well it’s under 120 over 80
0:03:27.940,0:03:29.659
that's sort of one data point
@@ -393,13 +393,13 @@ have an earnings report appear on the network share or
on a peer-to-peer network somewhere
0:05:22.669,0:05:25.949
-that's that's an ouput that means you had a failure somewhere
+that's an ouput that means you had a failure somewhere
0:05:25.949,0:05:28.069
do you have a system or network that’s unavailable
0:05:28.069,0:05:29.720
-due to a Ddos attack
+due to a DDoS attack
0:05:29.720,0:05:31.060
these are all outputs so
@@ -412,7 +412,7 @@ I really don't care so much about that I think
these can influence these
0:05:36.459,0:05:40.539
-these are the things that I I care about
+these are the things that I care about
0:05:40.539,0:05:44.129
and just to step a
@@ -442,8 +442,8 @@ developers here is that in the last talk there was
lots of discussions about
0:06:01.030,0:06:05.289
-you made this change and you get a five percent difference
-or you made this change and you get a ten percent difference
+you made this change and you get a 5% difference
+or you made this change and you get a 10% difference
0:06:05.289,0:06:07.019
none of that happens in security
@@ -606,7 +606,7 @@ and then you orient and you figure out well where am
I in relation to where the bad guys are
0:07:57.409,0:08:02.359
-then you make a decision like okay is there’s a bad guy
+then you make a decision like okay there’s a bad guy
I better roll over and shoot it down
0:08:02.359,0:08:04.269
@@ -663,7 +663,7 @@ so this is probably my favorite description
of security period
0:08:45.120,0:08:49.830
-my aplogies to my European friends this
+my apologies to my European friends this
is the football poll security
0:08:49.830,0:08:54.710
@@ -701,20 +701,20 @@ while meanwhile you could be completely all about
something different
0:09:15.680,0:09:19.650
-and I first started thinking about this in 2000 2001
+and I first started thinking about this in 2000-2001
0:09:19.650,0:09:21.800
where there were some guys in Finland
0:09:21.800,0:09:27.060
-who did this huge innumeration they were doing some of the
+who did this huge enumeration they were doing some of the
first fuzzing work against SMTP
0:09:27.060,0:09:27.849
-it was called the
+it was called
0:09:27.849,0:09:29.000
-protos toolkit
+The Protos Toolkit
0:09:29.000,0:09:32.140
and they did all this work in and they found that
@@ -779,7 +779,7 @@ paying attention to your own employees you’re violating
their rights and their privacy
0:10:13.750,0:10:15.100
-and meanwhie you got like
+and meanwhile you got like
0:10:15.100,0:10:16.899
Romanians and Russians and Chinese and
@@ -893,7 +893,7 @@ maybe you just have robots or something right don't they
don’t complain
0:11:49.920,0:11:50.850
-So anwyay wow
+So anyway wow
0:11:50.850,0:11:51.909
that came out of nowhere
@@ -974,13 +974,13 @@ the general process is I identify my trust boundaries
I apply some instrumentation
0:12:41.280,0:12:43.620
-and then I collect analyse and escalate
+and then I collect analyze and escalate
0:12:43.620,0:12:46.000
%uh collect meaning I get the information
0:12:46.000,0:12:48.420
-analyse I look at it figure out what it means
+analyze I look at it figure out what it means
0:12:48.420,0:12:48.889
escalate
@@ -1125,7 +1125,7 @@ and it’s funny people have probably heard about building security in
0:14:38.570,0:14:42.620
that's like trying to make things more secure
-have been trying to do that for like twenty years
+have been trying to do that for like 20 years
0:14:42.620,0:14:44.240
it just doesn't work
@@ -1199,7 +1199,7 @@ closely with the guy does the cloudsecurity.org
blog
0:15:40.870,0:15:44.800
-and %uh he's he's a fellow employee with
+and %uh he's a fellow employee with
me is that we always considering this because
0:15:44.800,0:15:45.380
@@ -1218,7 +1218,7 @@ window to the cloud
is an SSL encrypted pipe
0:15:53.530,0:15:58.430
-%um it doesn't help me too much to inpsect it at the
+%um it doesn't help me too much to inspect it at the
network level right
0:15:58.430,0:16:00.129
@@ -1232,10 +1232,10 @@ oh boy that’s really happening
0:16:04.650,0:16:10.110
try getting good logs out of any of the cloud buyers
-it is absolutely horrible they they don't
+it is absolutely horrible they don't
0:16:10.110,0:16:14.150
-they don't want to store them they don't want
+want to store them they don't want
to provide you the data in any format that’s useful
0:16:14.150,0:16:17.710
@@ -1268,7 +1268,7 @@ and you know got control of some of our systems and
so forth
0:16:36.600,0:16:38.400
-virtualisation is obviously an issue
+virtualization is obviously an issue
0:16:38.400,0:16:40.100
%um if you think about
@@ -1318,7 +1318,7 @@ so
I mean it could be
0:17:09.490,0:17:11.390
-somewhere else in the united states obviously but for
+somewhere else in the United States obviously but for
0:17:11.390,0:17:14.449
the most part like if someone were to compromise
@@ -1512,10 +1512,10 @@ comes from
the first network based IDS that taught
0:19:33.490,0:19:35.400
-he wrote it in UC Davis in ‘89
+he wrote it in UC Davis in 1989
0:19:35.400,0:19:39.520
-so this is wow that’s twenty years I feel
+so this is wow that’s 20 years I feel
freaking old right now
0:19:39.520,0:19:39.979
@@ -1540,7 +1540,7 @@ is finally start to catch up with it
0:19:50.470,0:19:56.750
and they call them network forensic appliances
-and they charge you fifty thousand dollars
+and they charge you 50,000 dollars
0:19:56.750,0:20:02.110
for the enterprise that’s right
@@ -1578,7 +1578,7 @@ but we were doing this earlier
so I learned from people who invented this stuff
0:20:27.480,0:20:30.779
-you know wow that's like fifteen years ago
+you know wow that's like 15 years ago
0:20:30.779,0:20:35.279
alright so why network censors
@@ -1752,13 +1752,13 @@ because if you're a good admin
you're not surfing
0:23:03.019,0:23:06.370
-MySpace on your Windows server
+MySpace on your Windows Server
0:23:06.370,0:23:08.070
-right well you’re not on a Windows server
+right well you’re not on a Windows Server
0:23:08.070,0:23:13.590
-but well you can admin on a Windows server
+but well you can admin on a Windows Server
but you know what I mean
0:23:13.590,0:23:16.710
@@ -1872,7 +1872,7 @@ as opposed to
what a user platform is telling me
0:24:35.180,0:24:35.980
-so if I’m
+so
0:24:35.980,0:24:37.799
if I’m on a user platform
@@ -1897,7 +1897,7 @@ alright we have a problem here
so this is why I like
0:24:51.120,0:24:54.020
-to itroduce these sorts of devices
+to introduce these sorts of devices
0:24:54.020,0:24:55.070
let me talk a little bit
@@ -2075,7 +2075,7 @@ I don't run the one sytem I expose in my home lab
is not an Intel system
0:27:04.310,0:27:06.940
-it's a Mac mini
+it's a Mac Mini
0:27:06.940,0:27:08.550
and it’s running Debian on top
@@ -2348,7 +2348,7 @@ in fact there was one
0:31:06.470,0:31:11.210
he did a concert once actually he didn't
-do a concert he attended somebody else’s concert
+do a concert he attended somebody's else concert
0:31:11.210,0:31:15.190
and I don't know who it was like Johnny Cash or something
@@ -2419,8 +2419,8 @@ so that's the end of the line
right at this point he’s got two options he can either ignore it
0:32:05.940,0:32:10.240
-or he can satisfy his fifteen minute SOA that his customer
-pays three thousand dollars a month
+or he can satisfy his 15 minute SOA that his customer
+pays $3,000 a month
0:32:10.240,0:32:10.860
for
@@ -2543,10 +2543,10 @@ I’ll date myself but in 1998
intruders in China
0:33:39.509,0:33:41.049
-who had writtten their own
+who had written their own
0:33:41.049,0:33:44.010
-virtualisation platform on top of Solaris
+virtualization platform on top of Solaris
0:33:44.010,0:33:46.159
who were doing stuff we were like holy cow
@@ -2755,7 +2755,7 @@ my servers are in Maryland
0:36:20.819,0:36:23.099
yes I’m an ISP what happens when I get stuff from
-Massachussetts or California and they’re going you can’t do that
+Massachusetts or California and they’re going you can’t do that
0:36:27.329,0:36:28.269
yes okay so there’s two things
@@ -2855,7 +2855,7 @@ everything that I’ve shown here
you could literally walk out of here
0:37:48.249,0:37:50.619
-go into the freeBSD ports tree find a SGUIL ports
+go into the FreeBSD ports tree find a SGUIL ports
0:37:52.119,0:37:54.840
do your make I mean the ports are a little ugh
@@ -3029,7 +3029,7 @@ output of an ID command on Unix
where the result was
0:40:14.779,0:40:16.179
-UID zero
+UID 0
0:40:16.179,0:40:19.529
is that good or is that bad I mean you’d probably say that sounds bad
@@ -3271,7 +3271,7 @@ and secondly if he does
0:43:29.130,0:43:33.189
can we release so we're trying to work
-out those I think it'll be resolved postively
+out those I think it'll be resolved positively
0:43:33.189,0:43:35.119
because we're GE’s actually fairly pro-open-source
@@ -3456,10 +3456,10 @@ real Snort rules fades
so whereas
0:46:24.309,0:46:26.510
-five years ago it might have been like ninety percent
+five years ago it might have been like 90%
0:46:26.510,0:46:28.619
-these days it's like twenty five percent
+these days it's like 25%
0:46:28.619,0:46:35.619
so they probably can pull in a certain percentage
@@ -3496,8 +3496,8 @@ just what we can afford as far as hard drive spaces go
my last budget
0:47:11.769,0:47:15.319
-I could only spend about twenty five hundred
-to three grand per sensor
+I could only spend about 2,500
+to 3,000 per sensor
0:47:15.319,0:47:18.949
which limited me to about one to
@@ -3700,7 +3700,7 @@ and then you start investigating
and the reason I do this approach is because it’s cheap
0:50:10.190,0:50:14.099
-you know twenty five hundred dollar commodity hardware
+you know twenty $500 commodity hardware
open source software
0:50:14.099,0:50:15.820
@@ -3771,7 +3771,7 @@ put it that way
as far as FreeBSD goes specifically
0:51:10.930,0:51:14.229
-there’s som like minor things that make my
+there’s some like minor things that make my
life better
0:51:14.229,0:51:18.349
@@ -3814,7 +3814,7 @@ is opening up a BPF
you can track performance with the what was it
0:51:40.109,0:51:41.609
-net stat dash B
+netstat -B
0:51:41.609,0:51:42.400
capital B
@@ -4213,14 +4213,14 @@ and so finally I said this guy is all over the space he’s in
California he's using the UUnet
0:57:35.449,0:57:38.170
-the Uunet blocker however they’re signing they’re signing
+the UUnet blocker however they’re signing they’re signing
the IPs
0:57:38.170,0:57:41.390
-it's just all over the place we're blocking Uunet
+it's just all over the place we're blocking UUnet
0:57:41.390,0:57:43.799
-all of Uunet to the air force
+all of UUnet to the air force
0:57:43.799,0:57:44.790
so
@@ -4343,7 +4343,7 @@ honey pots are things that are good to run if
one you’re researcher or two you have a lot of time on your hands
0:59:32.119,0:59:36.039
-because I have like a network of three hundred thousand
+because I have like a network of 300,000
honey pots
0:59:36.039,0:59:38.479