Hi
user
Admin Login:
Username:
Password:
Name:
Let me secure that for you
--client
lca
--show
lca2018
--room collab 13548 --force
Next: 14 Modernising firmware testing on POWER with Python and pre-release everything
show more...
Marks
Author(s):
Kirk Jackson
Location
Collaborative Lecture Theatre CB11.00.405
Date
jan Fri 26
Days Raw Files
Start
10:45
First Raw Start
10:19
Duration
0:45:0
Offset
0:25:26
End
11:30
Last Raw End
11:49
Chapters
00:00
0:04:25
0:34:24
Total cuts_time
44 min.
http://lca2018.linux.org.au/schedule/presentation/82/
raw-playlist
raw-mp4-playlist
encoded-files-playlist
host
archive
public
tweet
mp4
svg
png
assets
release.pdf
Let_me_secure_that_for_you.json
logs
Admin:
episode
episode list
cut list
raw files day
marks day
marks day
image_files
State:
---------
borked
edit
encode
push to queue
post
richard
review 1
email
review 2
make public
tweet
to-miror
conf
done
Locked:
clear this to unlock
Locked by:
user/process that locked.
Start:
initially scheduled time from master, adjusted to match reality
Duration:
length in hh:mm:ss
Name:
Video Title (shows in video search results)
Emails:
email(s) of the presenter(s)
Released:
has someone authorised pubication
Unknown
Yes
No
Normalise:
Channelcopy:
m=mono, 01=copy left to right, 10=right to left, 00=ignore.
Thumbnail:
filename.png
Description:
markdown
Writing secure applications is hard, and often vulnerabilities are found after your application has already been released to production. But what happens if you’re not able to fix the vulnerabilities quickly? If you don’t have the source code? Or if the vulnerable application is “Enterprise Software”, and you aren’t ever going to be able to fix it? Wouldn’t it be great if the someone else could secure your website for you? In this talk we describe the approach we use to shield customer’s websites when all other avenues have failed, or when urgency requires a fix as soon as possible. This process of virtual patching works well in the real world, and allows people to have comfort that all their known vulnerabilities are fixed and their applications are as secure as can be. This talk demonstrates the process of virtual patching using a suite of open source tooling that you can go back to your company and use straight away - tools like ModSecurity and node.js. Our approach is different to the typical approach of WAF vendors, and avoids false-positives by only patching exact, known vulnerabilities discovered in a penetration test, and so we avoid the risk of affecting legitimate users. We will show how ModSecurity works, including patching some OWASP Top 10 vulnerabilities using ModSecurity rules. We will then discuss how to fix more complex business logic flaws by writing javascript code running in node.js. This allows you to rewrite traffic to and from your website, track the state of users, sessions and requests, and fix complex issues that cannot be done using a WAF on it’s own. Prior knowledge: This talk assumes understanding of the HTTP protocol, and common OWASP Top 10 vulnerabilities. Some experience reading Javascript would be useful, however the examples presented should be explained in a way that makes sense to non-coders.
Comment:
production notes
2018-01-26/10_19_34.ts
Apply:
10:19:34 - 10:45:09 ( 00:25:35 )
S:
10:19:34 -
E:
10:49:34
D:
00:30:00
(
End:
1535.0)
show more...
vlc ~/Videos/veyepar/lca/lca2018/dv/collab/2018-01-26/10_19_34.ts :start-time=00.0 --audio-desync=0
Raw File
Cut List
10:19:34
seconds: 0.0
Wall: 10:19:34
Duration
00:30:00
10:49:34
seconds: 1535.0
Wall: 10:45:09
Comments:
mp4
mp4.m3u
dv.m3u
Split:
Sequence:
:
delete
2018-01-26/10_19_34.ts
Apply:
10:45:09 - 10:49:34 ( 00:04:25 )
S:
10:19:34 -
E:
10:49:34
D:
00:30:00
(
Start:
1535.0)
show more...
vlc ~/Videos/veyepar/lca/lca2018/dv/collab/2018-01-26/10_19_34.ts :start-time=01535.0 --audio-desync=0
Raw File
Cut List
10:19:34
seconds: 1535.0
Wall: 10:45:09
Duration
00:30:00
10:49:34
seconds: 0.0
Wall: 10:19:34
Comments:
mp4
mp4.m3u
dv.m3u
Split:
Sequence:
:
delete
2018-01-26/10_49_34.ts
Apply:
10:49:34 - 11:19:33 ( 00:29:59 )
S:
10:49:34 -
E:
11:19:33
D:
00:29:59
show more...
vlc ~/Videos/veyepar/lca/lca2018/dv/collab/2018-01-26/10_49_34.ts :start-time=00.0 --audio-desync=0
Raw File
Cut List
10:49:34
seconds: 0.0
Wall: 10:49:34
Duration
00:29:59
11:19:33
seconds: 0.0
Wall: 10:49:34
Comments:
mp4
mp4.m3u
dv.m3u
Split:
Sequence:
:
delete
2018-01-26/11_19_34.ts
Apply:
11:19:34 - 11:29:38 ( 00:10:04 )
S:
11:19:34 -
E:
11:49:33
D:
00:29:59
(
End:
604.0)
show more...
vlc ~/Videos/veyepar/lca/lca2018/dv/collab/2018-01-26/11_19_34.ts :start-time=00.0 --audio-desync=0
Raw File
Cut List
11:19:34
seconds: 0.0
Wall: 11:19:34
Duration
00:29:59
11:49:33
seconds: 604.0
Wall: 11:29:38
Comments:
mp4
mp4.m3u
dv.m3u
Split:
Sequence:
:
delete
2018-01-26/11_19_34.ts
Apply:
11:29:38 - 11:40:04 ( 00:10:26 )
S:
11:19:34 -
E:
11:49:33
D:
00:29:59
(
Start:
604.0) (
End:
1230.0)
show more...
vlc ~/Videos/veyepar/lca/lca2018/dv/collab/2018-01-26/11_19_34.ts :start-time=0604.0 --audio-desync=0
Raw File
Cut List
11:19:34
seconds: 604.0
Wall: 11:29:38
Duration
00:29:59
11:49:33
seconds: 1230.0
Wall: 11:40:04
Comments:
mp4
mp4.m3u
dv.m3u
Split:
Sequence:
:
delete
2018-01-26/11_19_34.ts
Apply:
11:40:04 - 11:49:33 ( 00:09:29 )
S:
11:19:34 -
E:
11:49:33
D:
00:29:59
(
Start:
1230.0)
show more...
vlc ~/Videos/veyepar/lca/lca2018/dv/collab/2018-01-26/11_19_34.ts :start-time=01230.0 --audio-desync=0
Raw File
Cut List
11:19:34
seconds: 1230.0
Wall: 11:40:04
Duration
00:29:59
11:49:33
seconds: 0.0
Wall: 11:19:34
Comments:
mp4
mp4.m3u
dv.m3u
Split:
Sequence:
:
delete
Rf filename:
root is .../show/dv/location/, example: 2013-03-13/13:13:30.dv
Sequence:
get this:
check and save to add this
2018-01-26/10_19_34.ts
2018-01-26/10_49_34.ts
2018-01-26/11_19_34.ts
Veyepar
Video Eyeball Processor and Review