diff options
Diffstat (limited to 'en_US.ISO8859-1/captions/2009')
| -rw-r--r-- | en_US.ISO8859-1/captions/2009/dcbsdcon/bejtlich-networksecurity.sbv | 114 |
1 files changed, 57 insertions, 57 deletions
diff --git a/en_US.ISO8859-1/captions/2009/dcbsdcon/bejtlich-networksecurity.sbv b/en_US.ISO8859-1/captions/2009/dcbsdcon/bejtlich-networksecurity.sbv index caa7460c7a..640efb4491 100644 --- a/en_US.ISO8859-1/captions/2009/dcbsdcon/bejtlich-networksecurity.sbv +++ b/en_US.ISO8859-1/captions/2009/dcbsdcon/bejtlich-networksecurity.sbv @@ -87,7 +87,7 @@ we’ve lost like three hundred billion in market cap over the last year it’s been an exciting ride 0:01:22.110,0:01:25.230 -the ads general electric we get three hundred thousand users +the ads General Electric we get three hundred thousand users 0:01:25.230,0:01:28.360 um just a few security issues as you might @@ -137,11 +137,11 @@ please let me know 0:01:56.320,0:01:59.179 what I’m going to describe isn’t exactly what I do -with general electric +with General Electric 0:01:59.179,0:02:02.390 -or at least it's not officially what I do at general -electric +or at least it's not officially what I do at General +Electric 0:02:02.390,0:02:06.950 but you can imagine that I just don’t come up with @@ -234,7 +234,7 @@ if you think about health well you might say how’s your blood pressure 0:03:25.719,0:03:27.940 -well it’s under one hundred and twenty over eighty +well it’s under 120 over 80 0:03:27.940,0:03:29.659 that's sort of one data point @@ -393,13 +393,13 @@ have an earnings report appear on the network share or on a peer-to-peer network somewhere 0:05:22.669,0:05:25.949 -that's that's an ouput that means you had a failure somewhere +that's an ouput that means you had a failure somewhere 0:05:25.949,0:05:28.069 do you have a system or network that’s unavailable 0:05:28.069,0:05:29.720 -due to a Ddos attack +due to a DDoS attack 0:05:29.720,0:05:31.060 these are all outputs so @@ -412,7 +412,7 @@ I really don't care so much about that I think these can influence these 0:05:36.459,0:05:40.539 -these are the things that I I care about +these are the things that I care about 0:05:40.539,0:05:44.129 and just to step a @@ -442,8 +442,8 @@ developers here is that in the last talk there was lots of discussions about 0:06:01.030,0:06:05.289 -you made this change and you get a five percent difference -or you made this change and you get a ten percent difference +you made this change and you get a 5% difference +or you made this change and you get a 10% difference 0:06:05.289,0:06:07.019 none of that happens in security @@ -606,7 +606,7 @@ and then you orient and you figure out well where am I in relation to where the bad guys are 0:07:57.409,0:08:02.359 -then you make a decision like okay is there’s a bad guy +then you make a decision like okay there’s a bad guy I better roll over and shoot it down 0:08:02.359,0:08:04.269 @@ -663,7 +663,7 @@ so this is probably my favorite description of security period 0:08:45.120,0:08:49.830 -my aplogies to my European friends this +my apologies to my European friends this is the football poll security 0:08:49.830,0:08:54.710 @@ -701,20 +701,20 @@ while meanwhile you could be completely all about something different 0:09:15.680,0:09:19.650 -and I first started thinking about this in 2000 2001 +and I first started thinking about this in 2000-2001 0:09:19.650,0:09:21.800 where there were some guys in Finland 0:09:21.800,0:09:27.060 -who did this huge innumeration they were doing some of the +who did this huge enumeration they were doing some of the first fuzzing work against SMTP 0:09:27.060,0:09:27.849 -it was called the +it was called 0:09:27.849,0:09:29.000 -protos toolkit +The Protos Toolkit 0:09:29.000,0:09:32.140 and they did all this work in and they found that @@ -779,7 +779,7 @@ paying attention to your own employees you’re violating their rights and their privacy 0:10:13.750,0:10:15.100 -and meanwhie you got like +and meanwhile you got like 0:10:15.100,0:10:16.899 Romanians and Russians and Chinese and @@ -893,7 +893,7 @@ maybe you just have robots or something right don't they don’t complain 0:11:49.920,0:11:50.850 -So anwyay wow +So anyway wow 0:11:50.850,0:11:51.909 that came out of nowhere @@ -974,13 +974,13 @@ the general process is I identify my trust boundaries I apply some instrumentation 0:12:41.280,0:12:43.620 -and then I collect analyse and escalate +and then I collect analyze and escalate 0:12:43.620,0:12:46.000 %uh collect meaning I get the information 0:12:46.000,0:12:48.420 -analyse I look at it figure out what it means +analyze I look at it figure out what it means 0:12:48.420,0:12:48.889 escalate @@ -1125,7 +1125,7 @@ and it’s funny people have probably heard about building security in 0:14:38.570,0:14:42.620 that's like trying to make things more secure -have been trying to do that for like twenty years +have been trying to do that for like 20 years 0:14:42.620,0:14:44.240 it just doesn't work @@ -1199,7 +1199,7 @@ closely with the guy does the cloudsecurity.org blog 0:15:40.870,0:15:44.800 -and %uh he's he's a fellow employee with +and %uh he's a fellow employee with me is that we always considering this because 0:15:44.800,0:15:45.380 @@ -1218,7 +1218,7 @@ window to the cloud is an SSL encrypted pipe 0:15:53.530,0:15:58.430 -%um it doesn't help me too much to inpsect it at the +%um it doesn't help me too much to inspect it at the network level right 0:15:58.430,0:16:00.129 @@ -1232,10 +1232,10 @@ oh boy that’s really happening 0:16:04.650,0:16:10.110 try getting good logs out of any of the cloud buyers -it is absolutely horrible they they don't +it is absolutely horrible they don't 0:16:10.110,0:16:14.150 -they don't want to store them they don't want +want to store them they don't want to provide you the data in any format that’s useful 0:16:14.150,0:16:17.710 @@ -1268,7 +1268,7 @@ and you know got control of some of our systems and so forth 0:16:36.600,0:16:38.400 -virtualisation is obviously an issue +virtualization is obviously an issue 0:16:38.400,0:16:40.100 %um if you think about @@ -1318,7 +1318,7 @@ so I mean it could be 0:17:09.490,0:17:11.390 -somewhere else in the united states obviously but for +somewhere else in the United States obviously but for 0:17:11.390,0:17:14.449 the most part like if someone were to compromise @@ -1512,10 +1512,10 @@ comes from the first network based IDS that taught 0:19:33.490,0:19:35.400 -he wrote it in UC Davis in ‘89 +he wrote it in UC Davis in 1989 0:19:35.400,0:19:39.520 -so this is wow that’s twenty years I feel +so this is wow that’s 20 years I feel freaking old right now 0:19:39.520,0:19:39.979 @@ -1540,7 +1540,7 @@ is finally start to catch up with it 0:19:50.470,0:19:56.750 and they call them network forensic appliances -and they charge you fifty thousand dollars +and they charge you 50,000 dollars 0:19:56.750,0:20:02.110 for the enterprise that’s right @@ -1578,7 +1578,7 @@ but we were doing this earlier so I learned from people who invented this stuff 0:20:27.480,0:20:30.779 -you know wow that's like fifteen years ago +you know wow that's like 15 years ago 0:20:30.779,0:20:35.279 alright so why network censors @@ -1752,13 +1752,13 @@ because if you're a good admin you're not surfing 0:23:03.019,0:23:06.370 -MySpace on your Windows server +MySpace on your Windows Server 0:23:06.370,0:23:08.070 -right well you’re not on a Windows server +right well you’re not on a Windows Server 0:23:08.070,0:23:13.590 -but well you can admin on a Windows server +but well you can admin on a Windows Server but you know what I mean 0:23:13.590,0:23:16.710 @@ -1872,7 +1872,7 @@ as opposed to what a user platform is telling me 0:24:35.180,0:24:35.980 -so if I’m +so 0:24:35.980,0:24:37.799 if I’m on a user platform @@ -1897,7 +1897,7 @@ alright we have a problem here so this is why I like 0:24:51.120,0:24:54.020 -to itroduce these sorts of devices +to introduce these sorts of devices 0:24:54.020,0:24:55.070 let me talk a little bit @@ -2075,7 +2075,7 @@ I don't run the one sytem I expose in my home lab is not an Intel system 0:27:04.310,0:27:06.940 -it's a Mac mini +it's a Mac Mini 0:27:06.940,0:27:08.550 and it’s running Debian on top @@ -2348,7 +2348,7 @@ in fact there was one 0:31:06.470,0:31:11.210 he did a concert once actually he didn't -do a concert he attended somebody else’s concert +do a concert he attended somebody's else concert 0:31:11.210,0:31:15.190 and I don't know who it was like Johnny Cash or something @@ -2419,8 +2419,8 @@ so that's the end of the line right at this point he’s got two options he can either ignore it 0:32:05.940,0:32:10.240 -or he can satisfy his fifteen minute SOA that his customer -pays three thousand dollars a month +or he can satisfy his 15 minute SOA that his customer +pays $3,000 a month 0:32:10.240,0:32:10.860 for @@ -2543,10 +2543,10 @@ I’ll date myself but in 1998 intruders in China 0:33:39.509,0:33:41.049 -who had writtten their own +who had written their own 0:33:41.049,0:33:44.010 -virtualisation platform on top of Solaris +virtualization platform on top of Solaris 0:33:44.010,0:33:46.159 who were doing stuff we were like holy cow @@ -2755,7 +2755,7 @@ my servers are in Maryland 0:36:20.819,0:36:23.099 yes I’m an ISP what happens when I get stuff from -Massachussetts or California and they’re going you can’t do that +Massachusetts or California and they’re going you can’t do that 0:36:27.329,0:36:28.269 yes okay so there’s two things @@ -2855,7 +2855,7 @@ everything that I’ve shown here you could literally walk out of here 0:37:48.249,0:37:50.619 -go into the freeBSD ports tree find a SGUIL ports +go into the FreeBSD ports tree find a SGUIL ports 0:37:52.119,0:37:54.840 do your make I mean the ports are a little ugh @@ -3029,7 +3029,7 @@ output of an ID command on Unix where the result was 0:40:14.779,0:40:16.179 -UID zero +UID 0 0:40:16.179,0:40:19.529 is that good or is that bad I mean you’d probably say that sounds bad @@ -3271,7 +3271,7 @@ and secondly if he does 0:43:29.130,0:43:33.189 can we release so we're trying to work -out those I think it'll be resolved postively +out those I think it'll be resolved positively 0:43:33.189,0:43:35.119 because we're GE’s actually fairly pro-open-source @@ -3456,10 +3456,10 @@ real Snort rules fades so whereas 0:46:24.309,0:46:26.510 -five years ago it might have been like ninety percent +five years ago it might have been like 90% 0:46:26.510,0:46:28.619 -these days it's like twenty five percent +these days it's like 25% 0:46:28.619,0:46:35.619 so they probably can pull in a certain percentage @@ -3496,8 +3496,8 @@ just what we can afford as far as hard drive spaces go my last budget 0:47:11.769,0:47:15.319 -I could only spend about twenty five hundred -to three grand per sensor +I could only spend about 2,500 +to 3,000 per sensor 0:47:15.319,0:47:18.949 which limited me to about one to @@ -3700,7 +3700,7 @@ and then you start investigating and the reason I do this approach is because it’s cheap 0:50:10.190,0:50:14.099 -you know twenty five hundred dollar commodity hardware +you know twenty $500 commodity hardware open source software 0:50:14.099,0:50:15.820 @@ -3771,7 +3771,7 @@ put it that way as far as FreeBSD goes specifically 0:51:10.930,0:51:14.229 -there’s som like minor things that make my +there’s some like minor things that make my life better 0:51:14.229,0:51:18.349 @@ -3814,7 +3814,7 @@ is opening up a BPF you can track performance with the what was it 0:51:40.109,0:51:41.609 -net stat dash B +netstat -B 0:51:41.609,0:51:42.400 capital B @@ -4213,14 +4213,14 @@ and so finally I said this guy is all over the space he’s in California he's using the UUnet 0:57:35.449,0:57:38.170 -the Uunet blocker however they’re signing they’re signing +the UUnet blocker however they’re signing they’re signing the IPs 0:57:38.170,0:57:41.390 -it's just all over the place we're blocking Uunet +it's just all over the place we're blocking UUnet 0:57:41.390,0:57:43.799 -all of Uunet to the air force +all of UUnet to the air force 0:57:43.799,0:57:44.790 so @@ -4343,7 +4343,7 @@ honey pots are things that are good to run if one you’re researcher or two you have a lot of time on your hands 0:59:32.119,0:59:36.039 -because I have like a network of three hundred thousand +because I have like a network of 300,000 honey pots 0:59:36.039,0:59:38.479 |