Reboot It! Episode 86 with Amanda Berlin

Audio Link:

https://audioboom.com/posts/6880172-reboot-it-episode-86-with-amanda-berlin

Upcoming Conferences

 

ShowMeCon

Conference Dates: June 7-8, 2018

Ameristar Casino & Resort

St. Charles, MO

Showmecon.com

 

AREA41

June 15-16, 2018

Zurich, Switzerland

Area41.io

 

Bsides Cleveland

June 22-23 2018

The Grog Shop

Cleveland, OH

https://www.bsidescleveland.com/

 

Black Hat USA 2018

August 4-9, 2018

Mandalay Bay

Las Vegas, NV

https://www.blackhat.com/us-18/

 

DEF CON 26

August 9 – August 12, 2018

Caesars Palace and Flamingo Hotels

Las Vegas, NV

https://defcon.org/

 

DerbyCon

October 5th – 7th, 2018

Louisville, KY

CFP is Open

https://derbycon.com

 

BSides Charleston

Saturday November 10th, 2018

College of Charleston

Wells Fargo Auditorium

Charleston, SC

CFP is Open

http://bsidescharleston.org/

 

SecureWV/Hack3rcon

Nov. 30 – Dec. 2, 2018

Holiday Inn Hotel & Suites Charleston West

South Charleston, WV

http://securewv.com/


 

The podcast RSS and iTunes Feed

RSS: https://audioboom.com/channels/4914568.rss

iTunes: pcast://audioboom.com/channels/4914568.rss

Patreon

https://www.patreon.com/rebootitpodcast

 

Interview - Amanda Berlin

Here are 50 FREE things you can do to improve the security of most environments:

 

Access control lists are your friend (deny all first)

AD delegation of rights

App Whitelisting

Best practice GPO (NIST GPO templates)

Block browsing from servers. Not all machines need internet access

Block Dns zone transfers

Change ilo settings/passwords

Close open mail relays

Diff. local admin passwords (LAPS)

Disable LLMNR/NetBios

Disable ports that are unused, & setup port security

Disable telnet & other insecure protocols or alert on use

DMZ behind separate firewall

DNS servers should not be openly recursive

Don't forget your printers (saved creds aren't good)

Egress Filtering (should be just as strict as Ingress)

EMET (when OSes prior to 10 are present)

Ensure web logins use HTTPS

Fail2ban

For the love of god implement TLS 1.2

Force advanced file auditing (ransomeware detection)

Geoblocking

Get rid of open shares

Incident Response drills

Incident Response Runbook & Bugout bag

Incident Response tabletops

Internal & OSINT honeypots

Least privileges EVERYWHERE

Locate and destroy plain text passwords

Log successful and unsuccessful logins - Windows/Linux logging cheatsheets

MITRE ATT&CK Matrix is your friend

Mod security

MSBSA

Network device backups

No open wi-fi, use WPA2 + AES

Password safes

Patch *nix boxes

Purple Team

Remove unneeded software

Restrict access to backups

Role based servers only! DNS servers/DCs are just that

Segment with Vlans

Separation of rights - Domain Admin use should be sparce & audited

Setup centralized logins for network devices. Use TACACS+ or radius

Upgrade firmware

URLscan

Use Bitlocker/encryption

User Education exercises

Vulnerability Scanner

WSUS

 

Story

Local 5th Graders 3D Print Leg for Chicken

http://www.wowktv.com/news/local-news/local-5th-graders-3d-print-leg-for-chicken/1211140031