Smuggling Plums - Using Active Defnse techniques to hide your web apps from your attackers and their scanners presented at CircleCityCon 2015

by John Stauffacher,

Summary : Its not everyday that you come across a LAMP machine that is running WordPress, Joomla!, Drupal, and Sharepoint -- but I have one. This talk will walk through simple things you can do to update your defense game. By altering the way our application servers (or ADCs) respond to certain requests we can fool our attackers and their scanners into thinking we are a totally different animal. We will dive into the theory of decoy and how it plays into Active Defense. We will cover why it may be beneficial to advertise to your adversary a totally different attack surface. Watch as we demonstrate certain scanners go crazy when it looks like the server has every CMS known to man, and its all vulnerable! By drawing your attackers attention off of your real infrastructure, they are not only wasting their time trying to attack a non vulnerable app -- but they won't be attacking anyone else.