Adversarial Defenses: Beartrapping Linux Servers
Everything is a subscription with a cost now. Nothing is cheap, either. The services that were supposed to help us out are turning out to be lots of overhead. How do you defend yourself without logs? How can you even tell you're getting attacked? The ancient ways still work! You can do practically anything an appliance or cloud service can do using plain old linux. Want a typing indicator for a remote server? How about shielding an on-prem exchange server from the internet, or making it completely invisible? What about monitoring logs across multiple servers, and then changing firewalls based on the entries? Trapping attackers inside of dancing ascii art? It can all be done, and more! Using the power of all the stuff under the hood of all those expensive appliances people keep buying. You can do a lot with the right linux command line swordsmanship. Let me show you!
Presented at Security Fest 2024.
Speaker: Dan TentlerAbout Dan Tentler
Dan is the founder of Phobos Group, a boutique information security consulting and architecture firm, specializing in assessment work, security architecture, remediation efforts, advisory and simulation services. Dan's been at this a long time. Come talk to him about Phobos Airlock!
