Securing Vendor Webapps - A Vulnerability Assessment on HELK

Name: Securing Vendor Webapps - A Vulnerability Assessment on HELK
Uploaded: 2019-04-14T14:00:01Z
Channel: IppSec
Description: More detailed notes: https://gist.github.com/IppSec/137a9f8870bed2763048072f321073e5 00:50 - My Vulnerability Assessment methodology 03:00 - Starting a ...

IppSec · Intermediate ·🔐 Cybersecurity ·6y ago

More detailed notes: https://gist.github.com/IppSec/137a9f8870bed2763048072f321073e5 00:50 - My Vulnerability Assessment methodology 03:00 - Starting a Nessus Scan to see what it thinks 04:20 - Running nmap and deciding what ports are needed 09:35 - Reviewing the Nessus Scan 12:02 - Examining what leaving KSQL/Kafka (8088) open can do 13:58 - Using iptables to block ports that don't need to be routable 15:53 - Preventing NMAP from detecting the port as filtered, doing REJECT --reject-with tcp-reset 18:30 - Using Draw.io to explain what we are doing with a Reverse Proxy 20:40 - Installing Apach…

Watch on YouTube ↗ (saves to browser)

Chapters (25)

0:50 My Vulnerability Assessment methodology

3:00 Starting a Nessus Scan to see what it thinks

4:20 Running nmap and deciding what ports are needed

9:35 Reviewing the Nessus Scan

12:02 Examining what leaving KSQL/Kafka (8088) open can do

13:58 Using iptables to block ports that don't need to be routable

15:53 Preventing NMAP from detecting the port as filtered, doing REJECT --reject-wit

18:30 Using Draw.io to explain what we are doing with a Reverse Proxy

20:40 Installing Apache2

21:33 Creating the reverse proxy HTTPS Configuration, then enabling modules ssl, pro

25:10 Our Apache Server doesn't like self-signed certificate of remote server adding

28:44 Enabling Universe Repo then installing mod-security

29:50 Briefly going over the mod-security configuration file

32:35 Setting ModSecurity to blocking mode then modifying the rules to allow Kibana

36:25 ModSecurity doesn't like "application/x-ndjson", adding this to the allowed co

40:13 Beginning of creating a Certificate Authority to handle Mutual SSL Authenticat

42:20 Creating the CA Private/Public Keys with OpenSSL

44:11 Creating the WebServer's private key with OpenSSL, then signing

46:00 Creating the users private key with OpenSSL, then signing

47:20 Copying the Webserver's keys to the reverse proxy, then updating Apache2 to us

49:50 Showing the SSL is working by adding the CA to firefox and checking if cert wa

51:10 Configuring Apache to force SSL Client Authentication which requires user cert

52:00 Creating the PFX File in order to allow Firefox to import our user certificate

53:00 Demonstrating SSL Mutual Authentication is working

53:30 Modifying iptables on HELK to only allow HTTP/HTTPS Connections from the

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →