DeepSec 2018 Talk: Open Source Network Monitoring – Paula de la Hoz Garrido
“I’d like to offer an introduction into Network System Monitoring using different open tools available in Linux.”, says Paula. “The talk is a technical approach to identify the best sniffing points in a network and how to orchestrate a full analysis of the content to secure the network, as well as showing ideas of collaborative and distributed hacking. Also, for a better performance, the talk includes a brief guide into configuring a Raspberry Pi for creating a simple Network Capture Probe. The main point of the talk is to show how open source tools are a nice option for this kind of security assessment.”
We asked Paula a few more questions about her topic of expertise:
Please tell us the top 5 facts about your talk.
First of all, this talk is not solely technical. I like to give context to every technical fact I throw, and so it’s not just useful, but it makes sense. Second, I really like hardware so there are also some maker tips! Third, the most important fact of my talk, apart from security of course, is open culture. Fourth, hey do you like CTF’s? Some of the details told in the talk can be used to solve these puzzles! And, last but not least, I’d like to show how hacking can be collaborative.
How did you come up with it? Was there something like an initial spark that set your mind on creating this talk?
I’m into open culture and I tried to make my way on security, my passion, using open resources. I had the luck to find security jobs where I was allowed to choose my own tools, also I was asked to guide a group of telecommunications students into collaborative network hacking, and it was an amazing experience.
Why do you think this is an important topic?
Because both security and open software are becoming more and more important in the tech industry, and I think it’s important to show how they can both match and at the same time don’t perpetuate the “lone wolf” hacking stereotype.
Is there something you want everybody to know – some good advice for our readers maybe?
Maybe that I would love to hear about their own advises regarding the main topics of the talk, any time! Guess I’m not wise enough to throw an epic sentence. Oh wait yes, may the force be with you?
A prediction for the future – what do you think will be the next innovations or future downfalls when it comes to your field of expertise / the topic of your talk in particular?
I think we are heading towards ubiquitous computing, and that our way of thinking about security needs to update to fit that! Distributed tech requires distributed security, probably not -completely- based on the hardware (as open hardware and low cost resources are becoming more and more important in IoT and related) but based in its network.
Paula de la Hoz Garrido is a 22 years old computer engineering student. So far, she’s worked as a systems analyst, as a robotics teacher in Switzerland and Arduino monitor at a summer camp for girls at the University of Granada.
She has a Columbia University certificate in Investigative Journalism and recently founded a digital rights and privacy awareness association in Spain called “Interferencias”, which already has around 500 members. Paula is into Network security, and is training a group of telecommunications students who passed a CTF test in the kind of security assessment Paula introduces us to in her talk.