Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,780 --> 00:00:06,480
This course takes you on a journey that starts with the basics and theory of security and then builds
2
00:00:06,480 --> 00:00:13,700
upon it with practical exercises and on to more advanced topics in the later sections and other volumes.
3
00:00:13,770 --> 00:00:19,350
You have to know the basics so that you can make your own informed choices about security.
4
00:00:19,530 --> 00:00:21,660
I don't want to give you just a to do list.
5
00:00:21,690 --> 00:00:25,130
I want you to understand both the why and the how.
6
00:00:25,140 --> 00:00:31,590
So we start with the theory and basics of security and then build on that later with practical exercises
7
00:00:31,920 --> 00:00:34,090
and onto more advanced topics.
8
00:00:34,110 --> 00:00:40,140
But before we start in the theory basics I want to give you a super easy quick security win that you
9
00:00:40,140 --> 00:00:43,770
can set up right now a small practical exercise.
10
00:00:43,770 --> 00:00:45,410
Before we dig into the theory.
11
00:00:45,510 --> 00:00:51,060
So you have an immediate security capability to detect malware and hackers that you can set up in about
12
00:00:51,060 --> 00:00:54,050
10 minutes and you don't even have to install anything.
13
00:00:54,210 --> 00:00:59,370
This way if you forget to do the rest of the course at least you have got some security capability out
14
00:00:59,370 --> 00:00:59,820
of it.
15
00:01:00,000 --> 00:01:01,140
So here goes.
16
00:01:01,140 --> 00:01:09,030
Wouldn't it be cool if we could set up security trip wires to tell is if someone or something was poking
17
00:01:09,030 --> 00:01:16,270
around in our files on a laptop on a phone tablet you know e-mail and or online accounts basically everywhere.
18
00:01:16,290 --> 00:01:21,270
Will it be good if we could have some trip wires alerted is when somebody was doing things that we don't
19
00:01:21,270 --> 00:01:22,180
want them to do.
20
00:01:22,320 --> 00:01:24,070
Well we can set those things up.
21
00:01:24,070 --> 00:01:30,010
So let me show you how to set the security tripwires using a service call canary tokens.
22
00:01:30,010 --> 00:01:35,760
They are made available just for you guys on this course so you can have some quick and easy security
23
00:01:35,760 --> 00:01:37,210
wins.
24
00:01:37,260 --> 00:01:44,070
So if you get your way to w w w Don't Station X don't net slash canary tokens slash you can follow along
25
00:01:44,070 --> 00:01:47,690
with what I'm doing and create your own tokens at the same time.
26
00:01:47,700 --> 00:01:53,550
So here we have our little canary friendly token we see a rather obvious red boat in here and this is
27
00:01:53,550 --> 00:01:58,960
what we need to click on to take us to the domain that will provide us with the tokens.
28
00:01:58,980 --> 00:02:01,740
So here we are this is a domain here that will rotate.
29
00:02:01,740 --> 00:02:04,840
So don't worry about what that is at the moment.
30
00:02:04,920 --> 00:02:08,100
So here we are this is the main thing that you need to interact with.
31
00:02:08,190 --> 00:02:13,890
And I'm going to show you five different ways of setting up traps these traps that are also called tokens
32
00:02:13,890 --> 00:02:15,660
or canary tokens.
33
00:02:15,660 --> 00:02:17,280
We're going to keep it simple.
34
00:02:17,310 --> 00:02:19,440
The early stages of this course.
35
00:02:19,470 --> 00:02:21,900
So first thing we do is really to put in an e-mail address.
36
00:02:21,900 --> 00:02:26,620
Now this is the e-mail address which you want to get send alerts to.
37
00:02:26,850 --> 00:02:29,210
So this needs to be an e-mail address that you monitor.
38
00:02:29,370 --> 00:02:34,530
I like the e-mail address that you have on your phone or something so that you get notified immediately
39
00:02:34,530 --> 00:02:38,130
when there's a security problem you don't want to set up a secondary e-mail address that you never look
40
00:02:38,130 --> 00:02:41,170
at as pointless as be an e-mail address that you monitor.
41
00:02:41,220 --> 00:02:44,720
Even if you set up a new e-mail address as long as it's one that you monitor.
42
00:02:44,730 --> 00:02:46,140
So let me put one in here.
43
00:02:48,410 --> 00:02:53,340
So that's the e-mail address I want to get sent alerts to and then I need to put in here some sort of
44
00:02:53,340 --> 00:02:58,370
comment that lets me know which token which trap has been triggered.
45
00:02:58,470 --> 00:03:03,380
So I'm going to put Word document in a password folder on the laptop.
46
00:03:03,450 --> 00:03:05,990
That's going to make more sense in a second.
47
00:03:06,000 --> 00:03:08,700
Ignore all this for now just have a DNS and hates it.
48
00:03:08,710 --> 00:03:12,120
Yes and generate token.
49
00:03:12,220 --> 00:03:20,280
And if we go down here the first one that I want you to look at is the M-S word token or trap.
50
00:03:20,290 --> 00:03:26,250
So what this has done is this has generated a unique word document for you that we can download.
51
00:03:26,260 --> 00:03:27,670
I'll give you a demo of it.
52
00:03:27,750 --> 00:03:29,310
It will download that now.
53
00:03:30,190 --> 00:03:34,910
And if you see this here this is the Word document that we've just downloaded.
54
00:03:34,930 --> 00:03:42,270
Now if I click on that and that's just opened up there you see what little time is going on there in
55
00:03:42,270 --> 00:03:43,210
the background.
56
00:03:44,270 --> 00:03:46,970
And you see there we've been alerted.
57
00:03:47,160 --> 00:03:54,060
Now any time anyone opens this document you're going to get alerted is a little trap and this little
58
00:03:54,060 --> 00:03:56,340
trap should work on most operating systems.
59
00:03:56,340 --> 00:03:57,640
Most versions of Word.
60
00:03:57,720 --> 00:04:02,600
There's no 100 percent guarantee that it's going to work on every system and with every version of Word.
61
00:04:02,670 --> 00:04:06,860
So if it doesn't work for you then try one of the other tokens that I'm going to show you in a second.
62
00:04:06,870 --> 00:04:09,970
Let me close that and create another example here.
63
00:04:10,110 --> 00:04:12,460
You can change the filename of this document by the way.
64
00:04:12,480 --> 00:04:16,420
Anything that you like make in time step is on to click on.
65
00:04:16,560 --> 00:04:17,900
I opened this one a second
66
00:04:20,550 --> 00:04:26,210
just opened this fully now and this one I put valuable and juicy information in it.
67
00:04:26,240 --> 00:04:34,050
The hacker or other type of threat would be interested in finding Pay-Pal usernames and passwords stock
68
00:04:34,110 --> 00:04:41,220
trading information social media accounts etc. etc. those are the sort of things the threat is going
69
00:04:41,220 --> 00:04:42,570
to be searching for.
70
00:04:42,630 --> 00:04:48,720
If he's on your laptop your device your phone with your e-mail is going to be searching for key words.
71
00:04:49,060 --> 00:04:54,210
And if you want an idea of the sort of things that you want to put in these traps and I put some examples
72
00:04:54,210 --> 00:04:59,260
here we can say personal information financial information file hosting accounts.
73
00:04:59,340 --> 00:05:03,910
And if we go further down here I provide an example file and we just copy this.
74
00:05:03,930 --> 00:05:09,300
We can use it as just an example the sort of information you can see social security numbers credit
75
00:05:09,300 --> 00:05:12,430
card details have put them in the right sorts of formats.
76
00:05:12,630 --> 00:05:14,460
Bitcoin wallet IDs.
77
00:05:14,610 --> 00:05:15,670
You get the idea.
78
00:05:16,890 --> 00:05:23,250
So we can imagine now a hacker was snooping around in an area that we specifically put aside just for
79
00:05:23,250 --> 00:05:26,650
the hackers to find and we've put in that word document.
80
00:05:26,850 --> 00:05:32,490
And he has now clicked on it and this is the alert we get so we know he's snooping around and we know
81
00:05:32,490 --> 00:05:37,860
he's sniffing around we know what he's doing because we set up that comment there and if we click here
82
00:05:38,700 --> 00:05:41,040
we can look to see where he's come from.
83
00:05:41,040 --> 00:05:47,930
We can track him down and it provides further information on how he triggered the alert.
84
00:05:47,940 --> 00:05:50,970
But what is important is that you react to the alert.
85
00:05:51,170 --> 00:05:56,330
And later during the course we're going to talk more about response and recovery strategies as you get
86
00:05:56,330 --> 00:05:58,450
through to the more advanced sections.
87
00:05:58,730 --> 00:06:05,000
And if you look at the second type of token that we can create or trap a PTF so we can download this
88
00:06:05,000 --> 00:06:09,220
PTF version and it works pretty much exactly the same as the Word document.
89
00:06:09,380 --> 00:06:19,740
We opened this PTF document and we will get alerted that someone has opened it and boom there we go.
90
00:06:19,940 --> 00:06:22,160
I know there are PTF trap.
91
00:06:22,340 --> 00:06:28,220
So I think you get any idea and so you want to sprinkle as many of these tokens these traps throughout
92
00:06:28,250 --> 00:06:34,010
your laptop your phone or tablet in your e-mail on your online accounts.
93
00:06:34,010 --> 00:06:39,320
So for example you could put it in your Dropbox and maybe the staff at Dropbox are looking through your
94
00:06:39,350 --> 00:06:40,340
documents.
95
00:06:40,340 --> 00:06:42,010
They open the Word document boom.
96
00:06:42,050 --> 00:06:43,860
You know someone snooping in there.
97
00:06:44,030 --> 00:06:49,640
And as I say they need to be interesting enticing and valuable and he can get that sort of information
98
00:06:49,640 --> 00:06:50,870
from here.
99
00:06:50,870 --> 00:06:56,460
Now let me show you another sneaky way of setting up a trap fake e-mail of passwords.
100
00:06:56,480 --> 00:07:03,650
Number one oh by the way if you put it on that one you'll get more information in the alert about who
101
00:07:03,650 --> 00:07:04,640
the hacker was.
102
00:07:04,730 --> 00:07:09,040
With this type of traveling about set up now so choose that one.
103
00:07:09,050 --> 00:07:15,950
So generate if you pop down here we're going to go to Web books and we're going to use two Web books
104
00:07:15,950 --> 00:07:16,710
here.
105
00:07:16,980 --> 00:07:19,650
Let's just grab that you are real.
106
00:07:19,730 --> 00:07:21,400
So there is a clickable link.
107
00:07:21,460 --> 00:07:24,440
If the hacker clicks on you're going to be alerted.
108
00:07:25,450 --> 00:07:27,840
Let's open up our e-mail here.
109
00:07:27,960 --> 00:07:28,940
Right.
110
00:07:28,960 --> 00:07:31,150
Let's just pop that in there for now.
111
00:07:31,320 --> 00:07:34,380
Then we're going to send this to our self.
112
00:07:34,540 --> 00:07:39,730
We could send it from a different account but all that matters is that the two e-mail addresses the
113
00:07:39,730 --> 00:07:44,590
account that you're wanting to be monitored you wanting to know if a hacker is in there we need to create
114
00:07:44,590 --> 00:07:46,810
an enticing subject so
115
00:07:49,580 --> 00:07:51,230
and then just as an example.
116
00:07:51,340 --> 00:07:57,290
But this one I'm going to go here and I'm going to copy all of this stuff here into this e-mail
117
00:08:02,440 --> 00:08:07,880
obviously you're going to put your own sort of information in here and things related to you know I've
118
00:08:07,930 --> 00:08:10,620
just taken that link there.
119
00:08:11,450 --> 00:08:14,240
Now putting that link here.
120
00:08:17,020 --> 00:08:18,990
I can actually change this to anything I want.
121
00:08:18,990 --> 00:08:27,370
After this here can change this to whatever I want so I can put log in if I want to him now and see
122
00:08:27,370 --> 00:08:33,570
what I'm doing is I'm creating an enticement here by private files or back I put everything username
123
00:08:33,580 --> 00:08:34,900
and password.
124
00:08:34,900 --> 00:08:39,520
So if the person opens his email and then clicks on this link it will trigger the alert.
125
00:08:39,670 --> 00:08:42,800
Will get you something even more tricky here.
126
00:08:42,910 --> 00:08:47,030
We want to definitely catch this hacker within Thunderbird.
127
00:08:47,110 --> 00:08:52,030
There is a feature by which you can insert a link to an image.
128
00:08:52,030 --> 00:08:56,190
Now we don't want to attack an image we want to insert a link to an image.
129
00:08:56,220 --> 00:09:01,700
So if you're going to insert an image and we own click this.
130
00:09:01,760 --> 00:09:03,720
We don't want to attach.
131
00:09:03,720 --> 00:09:11,970
We go on there and then we can put image gif and see we're already alerted.
132
00:09:12,070 --> 00:09:20,140
That's our quick services and we do not want to use any alternative text out there and you'll see you
133
00:09:20,140 --> 00:09:25,000
can't see the image because that is a one by one pixel invisible gif.
134
00:09:25,000 --> 00:09:28,570
Now let me show you how this works so when can send that to ourselves.
135
00:09:32,420 --> 00:09:33,370
So there we go.
136
00:09:33,370 --> 00:09:36,370
That's our little trap there that we can choose to open it.
137
00:09:36,370 --> 00:09:42,640
Leave it as an open e-mail or we can leave it as an open e-mail but no matter what if someone's in e-mail
138
00:09:42,670 --> 00:09:46,560
and they're searching for whatever it is that they want to be searching for maybe they're interested
139
00:09:46,560 --> 00:09:48,110
in PayPal accounts.
140
00:09:48,340 --> 00:09:48,960
Well there we go.
141
00:09:48,960 --> 00:09:54,730
That comes up searching for bank information credit card information that's going to come up and all
142
00:09:54,730 --> 00:09:57,440
they need to do is just open it.
143
00:09:57,530 --> 00:10:01,310
They want me to click on a link to them.
144
00:10:01,330 --> 00:10:03,200
No they're poking around in there.
145
00:10:03,260 --> 00:10:08,710
So let's say that doesn't work for whatever reason it should then there's still things like that to
146
00:10:08,710 --> 00:10:12,630
entice them like on that boom caught him again.
147
00:10:12,640 --> 00:10:17,370
Now in order for us to have inserted that image I went on this insert image.
148
00:10:17,410 --> 00:10:22,150
Now you may not have this functionality available in the e-mail client that you use.
149
00:10:22,210 --> 00:10:25,720
It may not even be available to do this but it doesn't matter.
150
00:10:25,720 --> 00:10:28,750
You can still download Thunderbird if you like.
151
00:10:28,780 --> 00:10:29,650
It's FREE.
152
00:10:29,710 --> 00:10:36,190
And just send an e-mail or e-mails using Thunderbird just for this one task if you can't work out how
153
00:10:36,190 --> 00:10:40,010
to embed that invisible web book into your email.
154
00:10:40,510 --> 00:10:45,490
So as I said you want to sprinkle these tokens throughout your laptop on your laptop phone tablet in
155
00:10:45,490 --> 00:10:49,210
your e-mail in your accounts make them enticing make them valuable.
156
00:10:49,210 --> 00:10:55,250
And then when you get an alert respond to that and respond in the ways I recommend throughout this course.
157
00:10:55,390 --> 00:11:00,110
Changing your password and all this sort of thing is disconnecting from the network.
158
00:11:00,400 --> 00:11:03,090
So there you go that's your security quick win.
159
00:11:03,130 --> 00:11:05,260
Go ahead and set those up right now.
160
00:11:05,440 --> 00:11:07,690
You will have after you set this up.
161
00:11:07,750 --> 00:11:11,610
Better security detection capabilities than most companies do.
162
00:11:11,620 --> 00:11:16,960
You might not believe that if you're not in the security industry but that is a sad and true analysis
163
00:11:16,990 --> 00:11:20,510
of the state of most organizations detection capabilities.
164
00:11:20,510 --> 00:11:21,720
Just think of Edward Snowden.
165
00:11:21,760 --> 00:11:27,050
He was poking around in the NSA for months as an insider threat and nothing like this.
166
00:11:27,130 --> 00:11:28,500
Alerted the NSA.
167
00:11:28,600 --> 00:11:29,550
Pretty crazy.
168
00:11:29,740 --> 00:11:34,020
Later on in the course we will discuss canary tokens a more advanced level.
169
00:11:34,060 --> 00:11:38,920
When you get there you'll understand more about how they work and will understand about the importance
170
00:11:38,920 --> 00:11:45,250
of detection controls which these are versus preventative controls which are used to stop a hacker getting
171
00:11:45,250 --> 00:11:46,420
in in the first place.
172
00:11:46,450 --> 00:11:48,520
The preventative controls are very important.
173
00:11:48,520 --> 00:11:50,260
We use a defense in depth approach.
174
00:11:50,260 --> 00:11:51,580
All of which we're going to go into.
175
00:11:51,610 --> 00:11:53,640
So that was form.
176
00:11:53,740 --> 00:11:59,130
Now let's dig into the theory and the basics and start our journey into cybersecurity.
17985
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.