Anatomy of a Chinese Infiltration into a Research EDU presented at InfoSec SouthWest 2013

by Joshua "kernelsmith" Smith,

Tags: Security

Summary : In 2009 I was asked to assist in the investigation of an intrusion at an unnamed educational institution due to alarming outbound network behavior. This presentation will detail what the investigation uncovered including discussion of attacker tools and techniques as well as a blow-by-blow chronological account of what we believe happened. Although some of the facts are somewhat comical, the presentation will delve into some of the challenges facing edu network defenders and their administrators.