This free class was about 4-hours long with hands-on labs. It’s the first half of the first day of the training class normally taught at Wild West Hackin’ Fest.
Active Defenses have been capturing a large amount of attention in the media lately. There are those who thirst for vengeance and want to directly attack the attackers. There are those who believe that any sort of active response directed at an attacker is wrong. We believe the answer is somewhere in between.
In this class, you will learn how to force an attacker to take more moves to attack your network. These moves may increase your ability to detect them. You will learn how to gain better attribution as to who is attacking you and why. You will also find out how to get access to a bad guy’s system. And most importantly, you will find out how to do the above legally.
The current threat landscape is shifting. Traditional defenses are failing us. We need to develop new strategies to defend ourselves. Even more importantly, we need to better understand who is attacking us and why. Some of the things we talk about you may implement immediately, others may take you a while to implement. Either way, consider what we discuss as a collection of tools at your disposal when you need them to annoy attackers, attribute who is attacking you and, finally, attack the attackers.
This class is based on the DARPA funded Active Defense Harbinger Distribution live Linux environment. This VM is built from the ground up for defenders to quickly implement Active Defenses in their environments. This class is also very heavy with hands-on labs. We will not just talk about Active Defenses. We will be doing hands-on labs and through them in a way that can be quickly and easily implemented in your environment.
You can find installation info for downloading and configuring the VMs you’ll need here: https://www.blackhillsinfosec.com/training/active-defense-cyber-deception-training/
Join the BHIS Discord Channel to discuss the training with our community:
https://discord.gg/aHHh3u5 – You can ask questions in the #training-prep-questions channel.
Also, you can download the slides for the training here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/04/Training_ActiveDefence_CyberDeception_April2020.pdf
00:00 – A Collection of Characters
10:35 – Jump Straight In
21:10 – What is Cyber Deception
49:04 – Legal Issues
00:00 – Caller Back Girl
06:03 – You’re Poison Running Through My Mains
07:41 – I Know You Are But What Am I?
18:06 – John’s Pirate Voice
20:45 – John Has a Walkabout
35:36 – Epilogue in the Lobby
00:00 – Watto’s Honeyports Boyu
23:37 – Honeytokens. Yea, Honeytokens.
44:03 – Dammit Jim, I’m a Word Doc, Not A Homing Beacon!
54:07 – That’s Not A Word Doc, That’s Three Kids In A Trench Coat.png
01:00:26 – Kerberoasting With Wine