セキュリティオペレーション: みんなどんなのつかってるの? @ janog38 沖縄
Post on 14-Apr-2017
541 Views
Preview:
TRANSCRIPT
:
:
2016/07/06 JANOG38 @
Twitter @sbg Facebook ymomoiHR/HM
NIRVANAhttps://www.nict.go.jp/press/2016/06/07-1.html
()
(?)FW, IPS, Proxy, ,
UNIX tools: grep, awk, cut, sort, uniqQ: Windows A:
Windows CygwinBabunBash on Ubuntu on Windows UNIX tools?
SIEM Splunk
WiresharkFiddler
Fiddler Proxy
top, stat , lsof , Windows Sysinternals
MRTG, Nagios, Cacti, MuninFluentd, EmbulknxlogElasticsearch, Kibana, LogstashBeats (Winlogbeat, Packetbeat)
Ten Strategies of a World-Class Cybersecurity Operations Centerhttps://www.mitre.org/publications/all/ten-strategies-of-a-world-class-cybersecurity-operations-center
MITRE CVE DB tradecraft
SOC
Yahoo
http://detail.chiebukuro.yahoo.co.jp/qa/question_detail/q12158290662
Powering Prevention: Building a Global Security Response Teamhttps://speakerdeck.com/xen0ph0n/powering-prevention-building-a-global-security-response-team
JANOG34 http://www.janog.gr.jp/meeting/janog34/program/nwedu.html
sandbox, fakenet, HoneypotVirusTotal, Deepviz, Malwr
VM Honeypot
Vuls: VULnerability Scanner BoF Metasploit, Nessus, Nmap, OpenVAS
IDA Pro, OllyDbg, x64dbgX-Ways forensics, EnCase
diff, winmerge, rekisashell, Python, Perl, awkChrome
-> Chrome/web
IIJ
JS + plugin detecthttp://www.pinlady.net/PluginDetect/version -> -
NTP
Trac, Redmine
/
DNS, whoisGoogleaguse.jpDomainToolsVirusTotal
TwitterRSS FeedGoogle Alerts
watch
JPCERT, IPA, JVN, NVD, CVE
OWASPThe Open Web Application Security ProjectOSS Top10, ZAP Proxy, Cheat Sheet OWASP Japan http://www.owasp.org/
Hardening Project EC MINI Hardening
CTF Hardening Day Softening Day 2
Q&A
Q: Netflow v9 Cisco NBAR Q: VirusTotal, , , Q: WebiGooglehttp://www.itmedia.co.jp/bizid/articles/0910/13/news074.html
VirusTotalhttp://blog.macnica.net/blog/2016/03/virustotal-7ab2.htmlVirusTotalVirusTotal Intelligence
Q&A BoF
JANOG34 LT
JANOG34 (Light) LThttp://www.slideshare.net/ymomoi/201407-janogltsecurityop
ntsuji anan
[anan No.1999 P46]http://xbrand.yahoo.co.jp/category/lifestyle/19275/1.html
top related