Simon Clow presents at CRESTCon

19 Mar 2014

Modern computing systems implement a variety of remotelyaccessible, instrumented management interfaces. As professional penetrationtesters it is important to understand the native capabilities of suchinterfaces, the security consideration of offering access and the techniquesused to interact with and exploit the interface.

This talk reviews common remote management interfacesand identify their effect on a systems security posture. It starts byreviewing the most common technologies, then after establishing a commonframework of understanding; looks at the security implications of eachtechnology highlighting common "hidden features".

Within the final phase, this presentation reviewstypical testing actions.

To download a copy of the presentation please click here.

CHECK IT Health Check Service
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor
NCSC CCSC - Assured Service Provider
ASSURE Cyber Supplier - CAA