PaulDotCom mailing list archives
How not to get pwned at Defcon
From: dninja at gmail.com (Robin Wood)
Date: Tue, 14 Jul 2009 21:31:22 +0100
2009/7/14 Nicholas B. <nberthaume at gmail.com>:
I an entirely read-only approach when on-site heres how I plan on approaching it: On my laptop if: Disable hard drives in bios, change bootorder to optical media first and only, set bios password, use my choice of live cd, disable wireless and tether to my evdo adaptor via usb. When accessing anything external from the laptop: SSH out via public key with key from a thumb-drive that's set to read only and has a pass-phrase protected key and tunnel to a trusted box only with a pre-accepted and verified host key from the thumb drive.
So after going to all this trouble, what are you going to actually use your laptop for? If you are disabling any mass storage then you can't download stuff so you are limited to browsing and reading mail, both of which I'd guess you can do on your evdo phone. I'd like to know how many people start with these good intentions then realise there is something they need from the hdd so mount it up then just leave it on. Robin
Current thread:
- How not to get pwned at Defcon Colin Vallance (Jul 14)
- How not to get pwned at Defcon Robin Wood (Jul 14)
- How not to get pwned at Defcon Adrian Crenshaw (Jul 14)
- How not to get pwned at Defcon Dmitry Nedospasov (Jul 14)
- How not to get pwned at Defcon Nicholas B. (Jul 14)
- How not to get pwned at Defcon Robin Wood (Jul 14)
- How not to get pwned at Defcon Robert Portvliet (Jul 14)
- How not to get pwned at Defcon Brian H (Jul 14)
- How not to get pwned at Defcon Jody & Jennifer McCluggage (Jul 14)
- How not to get pwned at Defcon Dmitry Nedospasov (Jul 14)
- How not to get pwned at Defcon Adrian Crenshaw (Jul 14)
- How not to get pwned at Defcon Bradley McMahon (Jul 14)
- How not to get pwned at Defcon Tom Brennan (Jul 14)
- How not to get pwned at Defcon Josh Olson (Jul 15)