Hi
user
Admin Login:
Username:
Password:
Name:
Advanced Linux Server-Side Threats: How they work and what you can do about them
--client
lca
--show
lca_2015
--room OGGB3 9454 --force
Next: 12 SL[AUO]B: Kernel memory allocator design and philosophy
show more...
Marks
Author(s):
Olivier Bilodeau
Location
OGGB3
Date
jan Fri 16
Days Raw Files
Start
13:20
First Raw Start
12:24
Duration
0:45:00
Offset
0:55:50
End
14:05
Last Raw End
14:16
Chapters
00:00
Total cuts_time
50 min.
http://lca2015.linux.org.au/schedule/30181/view_talk
raw-playlist
raw-mp4-playlist
encoded-files-playlist
host
public
tweet
mp4
svg
png
assets
release.pdf
Advanced_Linux_ServerSide_Threats_How_they_work_and_what_you_can_do_about_them.json
logs
Admin:
episode
episode list
cut list
raw files day
marks day
marks day
image_files
State:
---------
borked
edit
encode
push to queue
post
richard
review 1
email
review 2
make public
tweet
to-miror
conf
done
Locked:
clear this to unlock
Locked by:
user/process that locked.
Start:
initially scheduled time from master, adjusted to match reality
Duration:
length in hh:mm:ss
Name:
Video Title (shows in video search results)
Emails:
email(s) of the presenter(s)
Released:
has someone authorised pubication
Unknown
Yes
No
Normalise:
Channelcopy:
m=mono, 01=copy left to right, 10=right to left, 00=ignore.
Thumbnail:
filename.png
Description:
markdown
Server-side malware has evolved. Attackers used to be motivated by defacement or direct damage, using small-scale and targeted operations. Nowadays we are seeing an increase in organized crimeware campaigns leveraging compromised Linux servers for financial gain through website redirections infecting end-users and spam. Furthermore, malicious gangs base their operation's infrastructure on these same compromised servers, making takedown or law enforcement intervention complex since they run legitimate workloads. This presentation will cover the evolution of the financially motivated Linux malware and will describe the threats that were part of Operation Windigo which affects more than 25 000 servers. We will give in-depth technical details on the pieces of malware involved, show how they are deployed by the operators and how they are able to defeat current defensive technologies. More importantly, we will describe hands-on detection and incident response tricks to quickly assess one's servers and help in the fight.
Comment:
production notes
2015-01-16/12_24_10.dv
Apply:
12:24:10 - 13:26:16 ( 01:02:06 )
S:
12:24:10 -
E:
13:26:16
D:
01:02:06
show more...
vlc ~/Videos/veyepar/lca/lca_2015/dv/OGGB3/2015-01-16/12_24_10.dv :start-time=00.0 --audio-desync=0
Raw File
Cut List
12:24:10
seconds: 0.0
Wall: 12:24:10
Duration
01:02:06
13:26:16
seconds: 0.0
Wall: 12:24:10
Comments:
mp4
mp4.m3u
dv.m3u
Split:
Sequence:
:
delete
2015-01-16/13_26_16.dv
Apply:
13:26:16 - 14:16:30 ( 00:50:14 )
S:
13:26:16 -
E:
14:16:30
D:
00:50:14
show more...
vlc ~/Videos/veyepar/lca/lca_2015/dv/OGGB3/2015-01-16/13_26_16.dv :start-time=00.0 --audio-desync=0
Raw File
Cut List
13:26:16
seconds: 0.0
Wall: 13:26:16
Duration
00:50:14
14:16:30
seconds: 0.0
Wall: 13:26:16
Comments:
mp4
mp4.m3u
dv.m3u
Split:
Sequence:
:
delete
Rf filename:
root is .../show/dv/location/, example: 2013-03-13/13:13:30.dv
Sequence:
get this:
check and save to add this
2015-01-16/12_24_10.dv
2015-01-16/13_26_16.dv
Veyepar
Video Eyeball Processor and Review