Security Presentation

[joker5893]

So i have a list of things i can do for a security presentatation for college. What things do you guys think i should do and maybe could post some links to where i can find some information.

Topics:

Access Controls

Hacking Satillite TV

War Dialing

File sharing and security

Software Cracking

Security Audits

Kerberos

Intrusion Dectection Systems

All comments will be much appriciated

[tabath]

Am awful lot there just for one presentation - or is that just a list of possibles?

[joker5893]

Just a list of possibles, i have to choose 2 one for a presentation in October and one for in December

[tabath]

For starters I'd say head over to the hak5 wiki and irongeeks site. Presentations can be so dry so I would try to include something where you can do a demo.

[joker5893]

Thats exactly what im looking for, a demo, something to grab the classes attention.

[rFayjW98ciLoNQLDZmFRKD]

Hey! Welcome to the forums.

many of thoes could have an entire presitation on only one aspect of the hack.

<constructive_criticism> your avitar is too "flashy" <constructive_criticism>

[tabath]

Show them Hak5 with darren breaking his finger - that should grab their attention, it certainly grabbed mne. OUCH! No seriusly rewatch the hak5 shows , plenty of demos there. Watch the vids at www.irongeek.com etc

[joker5893]

Haha yes, that grabbed my attention too, i feel outta my chair, hit the floor and was laughing my ass off. But mad props to Darren, he's the shit. Anyways, sorry bout the flashy aviatar, just temporary till i find me a good one. Thanx alot guys for all your support and welcoming.

[moonlit]

Joker, dude, can you change that avatar as soon as you see this message please...

[cooper]

The Arp Cache Poisoning attack tends to be sufficiently quick and easy for people to grasp, and sufficiently severe to make people think about what they're doing.

[Darren Kitchen]

Sup joker, welcome to the forums. Hey look *sees flashy avatar* ZoMG! *falls our of chair* MY EYES!!! *tries to dial 911 but since 9 only gets an outside line on asterisk realises just dialed "11"* WTFOMGBBQ!

but seriously, welcome. try hitting them over the head with a demo, scare em a little, get em paranoid, then slowly sooth them with your hacker knowledge, ending with mitigation, workarounds, protection, etc... It's a good format.

*eyes start to twitch out again*

[Sparda]

I recommend demonstrating a old vunrability in IE :D

Then explain how these kind of vunrabilitys occoure and how to avoid them.

[joker5893]

Ok, since so many people have been asking me to change my avatar i have, i mainly did it for Darren, i don't want him hurting himself again (Trying to punch Wess). Haha but no, well all this info is great, and i'm sure i'll settle on something and maybe film my presentation and send it off to HAK5 for the boys to see.

[Guest]

I recommend demonstrating a old vunrability in IE :D

Then explain how these kind of vunrabilitys occoure and how to avoid them.

Why must it be an old one? The latest IE bug would be better. Im sure alot of people still havent patched against it which will also deminstrat why its a good idea to stay upto date on patch's

[PoyBoy]

Software cracking and IDS

[Sparda]

Why must it be an old one? The latest IE bug would be better. Im sure alot of people still havent patched against it which will also deminstrat why its a good idea to stay upto date on patch's

There are legal problems with demonstrating unpatched vunrabilitys, but more of a concern is that schools and colleges alike realy do not like you teaching people how to abuse there computers. As such, demonstrating an old vunrability avoids such problems. You will, of course, have to setup a VM running a vunarable version of the browser.

[armadaender]

I'd show off the switchblade if you have the equipment (ie extra flash drive and laptop). Also, I'll go with Cooper here and agree on ARP cache poisoning. It's realitivily easy to show off and understand.

[joker5893]

Yeah i was thinking about doing the switchblade and incorporating that into the presentation about Access Controls. But i want to be able to step up to my laptop, and also show how to elevate Admin privlages. I heard there's a way, not quite sure how though.

[PoyBoy]

Didnt think of that. THe ARP cache poisoning is really easy to grasp. Do that