Fedora Osstmm Secspinv2
-
Upload
milton-torrez -
Category
Documents
-
view
234 -
download
0
Transcript of Fedora Osstmm Secspinv2
-
7/28/2019 Fedora Osstmm Secspinv2
1/33
and the OSSTMMSecurity Spin
Thorough, Safe and Secure
Joerg Simon
http://fedoraproject.org
mailto:[email protected]:[email protected] -
7/28/2019 Fedora Osstmm Secspinv2
2/33
The fedora project and theOSSTMM by ISECOM both areindependent non profit entities
Both are part of theFOSS ECO System!
Share good relationships
/me
[ indemnification ]
This presentation incl. Fedora Artwork
& all Backgrounds licensed cc-by-sa
by fedora
OSSTMM logos and schematics licensed by Open Methodology Licence
-
7/28/2019 Fedora Osstmm Secspinv2
3/33
[fedora security spin]
A open source
platform for
- security-auditing
- forensics
- penetration-testing
-
7/28/2019 Fedora Osstmm Secspinv2
4/33
[ features
]- a safe livecd-place for testing
- all fedora security features
- ability to install on HD and USB
- install software anytime
- clean, functional, fast
-
7/28/2019 Fedora Osstmm Secspinv2
5/33
[ developed by testers for testers ]
- collaborative developed
- community commercial benefits
- along our core values
-
7/28/2019 Fedora Osstmm Secspinv2
6/33
-
7/28/2019 Fedora Osstmm Secspinv2
7/33
[ test-tool all-stars ]
-
7/28/2019 Fedora Osstmm Secspinv2
8/33
[ security features ]
-
7/28/2019 Fedora Osstmm Secspinv2
9/33
[ little treasures ]
-
7/28/2019 Fedora Osstmm Secspinv2
10/33
[ know ]
- your tools
- your responsibility
- the ramification
- a way for proper testing!
-
7/28/2019 Fedora Osstmm Secspinv2
11/33
[ there is a way
]
-
7/28/2019 Fedora Osstmm Secspinv2
12/33
!= Checklist, solution based, best-practise
- Recommended by the german BSI
- Measurable and comparable results
- Looks into operational Security
- Metric based on Points of Risk
- Thinking Out of the Box
- ISECOM FOSS-Community - since January 2001 NPO
[ Open Source Security Testing Methodology Manual
]
-
7/28/2019 Fedora Osstmm Secspinv2
13/33
Usual testing synonymsBlind/Blackbox Pentest
Graybox/Chrystal/RedTeam
Social Engineering
WarDriving
WarDialing
Configuration-Reviews
Code Reviews
[common sence]
-
7/28/2019 Fedora Osstmm Secspinv2
14/33
-
7/28/2019 Fedora Osstmm Secspinv2
15/33
[ four points ]
-
7/28/2019 Fedora Osstmm Secspinv2
16/33
[testpath]
-
7/28/2019 Fedora Osstmm Secspinv2
17/33
[ how much security do you really need? ]
-
7/28/2019 Fedora Osstmm Secspinv2
18/33
[porosity]
- Visibility
- Access
- Trust
-
7/28/2019 Fedora Osstmm Secspinv2
19/33
[Authentication]
-
7/28/2019 Fedora Osstmm Secspinv2
20/33
[Indemnification]
-
7/28/2019 Fedora Osstmm Secspinv2
21/33
[Resistance]
-
7/28/2019 Fedora Osstmm Secspinv2
22/33
[Subjugation]
-
7/28/2019 Fedora Osstmm Secspinv2
23/33
[Continuity]
-
7/28/2019 Fedora Osstmm Secspinv2
24/33
[non-repudiation]
-
7/28/2019 Fedora Osstmm Secspinv2
25/33
[confidentiality]
[privacy]
[integrity]
-
7/28/2019 Fedora Osstmm Secspinv2
26/33
[Alarm]
[ i i i ]
-
7/28/2019 Fedora Osstmm Secspinv2
27/33
[ Limitations ]
[ ibl b fit ]
-
7/28/2019 Fedora Osstmm Secspinv2
28/33
OSSTMM-Security Labbased onfedora security spin
Packaging upstreamTools from the OSSTMM Team
A stable platformfor teaching the curriculum
...
[possible benefits]
[ R ]
-
7/28/2019 Fedora Osstmm Secspinv2
29/33
[ Ressources ]
www.osstmm.org
www.isecom.org
-
7/28/2019 Fedora Osstmm Secspinv2
30/33
[ possible benefits ]
- usecase for the Security Spin
- new cool upstreams
- better menu structure
- fedora get taught along the OSSTMM
-
7/28/2019 Fedora Osstmm Secspinv2
31/33
[ next ]
- move wishlist to fedorahosted
- implement new branding
- improve spin section content
- consider new menustructure along OSSTMM 4points- consider SLiM desktop manager
- consider LXDE as window manager
- implement OSSTMM upstreams like unicornscan
- become a official spin in Fedora 13
The fedora security spin team
-
7/28/2019 Fedora Osstmm Secspinv2
32/33
y pLuke MackenAdam Miller
Joerg Simon
Development Homehttps://fedorahosted.org/security-spin/
Help us on the Wishlist:https://fedoraproject.org/wiki/SecuritySpin
Your Contribution is welcome
https://fedorahosted.org/security-spin/https://fedoraproject.org/wiki/SecuritySpinhttps://fedoraproject.org/wiki/SecuritySpinhttps://fedorahosted.org/security-spin/ -
7/28/2019 Fedora Osstmm Secspinv2
33/33
Thanks!Any Contributions?