Simon Clow presents at CRESTCon
Modern computing systems implement a variety of remotely accessible, instrumented management interfaces. As professional penetration testers it is important to understand the native capabilities of such interfaces, the security consideration of offering access and the techniques used to interact with and exploit the interface.
This talk will review common remote management interfaces and identify their effect on a systems security posture. It will start by reviewing the most common technologies, then after establishing a common framework of understanding; will look at the security implications of each technology highlighting common "hidden features".
Within the final phase, this presentation will review typical testing actions.