De presentatie wordt gedownload. Even geduld aub

De presentatie wordt gedownload. Even geduld aub

Broodje Security 18 november 2014. Vroeger Security nog geen hot topic Inbraak bleef soms lang uit.

Verwante presentaties


Presentatie over: "Broodje Security 18 november 2014. Vroeger Security nog geen hot topic Inbraak bleef soms lang uit."— Transcript van de presentatie:

1 Broodje Security 18 november 2014

2 Vroeger Security nog geen hot topic Inbraak bleef soms lang uit

3 Tegenwoordig Iedereen kan hacken Tools beschikbaar Focus op veelgebruikte software Gaten soms binnen 15 min misbruikt

4 Inbraak 24/7 Uit een server log: [02/Nov/2014:09:56: ] "GET /phpmyadmin/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /phpMyAdmin/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /pma/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /mysql/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /sql/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /PMA/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /admin/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /dbadmin/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /myadmin/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /db/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /phpmyadmin/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /sqlmanager/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /phpMyAdmin/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /phpmyadmin2/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /pma/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /phpMyAdmin2/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /mysql/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /phpMyAdmin-2/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /sql/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /php-my-admin/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /PMA/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /phpMyAdmin rc1/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /admin/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /phpMyAdmin rc1/main.php HTTP/1.0" "-" "-" [02/Nov/2014:09:56: ] "GET /dbadmin/main.php HTTP/1.0" "-" "-"

5 Waarom inbreken? Aandacht van grote criminaliteit Bank / creditcard gegevens Verspreiding malware via besmetting site Verspreiding illegale software Bedrijfsgeheimen

6 Security is geen kinderspel!

7 OWASP Top 10

8 Live demo

9 Voorkomen OWASP heeft aanbevelingen Google naar: OWASP Cheat Sheet Series Bijvoorbeeld: XSS (Cross Site Scripting) Prevention Cheat Sheet SQL Injection Prevention Cheat Sheet XSS (Cross Site Scripting) Prevention Cheat Sheet SQL Injection Prevention Cheat Sheet

10 Discussie Wat doen we goed? Wat nog niet? Hoe kunnen we dit verbeteren? Andere punten?... Vragen?

11 Einde


Download ppt "Broodje Security 18 november 2014. Vroeger Security nog geen hot topic Inbraak bleef soms lang uit."

Verwante presentaties


Ads door Google