Enlightened過後：我想要打站 or 我不想努力了 by Sky Yu

# Enlightened過後：我想要打站 or 我不想努力了 by Sky Yu :::danger 請愛惜共筆，勿進行惡意刪減 ::: ## 現實要很多人一起 - 紅隊 - 鑑識 - 修補 - 維護 - 法規 - 顧問 - 還有好多 ## Course Target - Make you know more about security industry - Make the FJU hack enthusiasm pass down - Make you know how to approach targeting security jobs in the future - Make you know more about what you want to know - 未知帶來恐懼 > 有任何問題歡迎問我[name=sky yu] - Have to clarify something before we start... - In this class, you will not learn any ~~hacking~~ skill or get 100 points in final exam - You will learn - How to spend your points(time) on the skill tree - How to improve yourself on the right path > stay on the right path > 即便這條路是孤單的 - 選擇冷門的路 - 可以自由地做，可能不太會有人反駁 - 後人會拿你的成果做研究 - 選擇熱門的路 - 競爭激烈 - How to seamless connect to our first job - 做你喜歡的事情 - ~~如果不快樂，可能會連見到掃地阿姨你都生氣~~ - How to share/obtain knowledges to/from communities/groups - 回饋與討論 > NISRA since 2007 - 組織內衝突 - Ready to roll out ? - **專業**，就是不浪費大家的時間 ### Intrtroduction of Speaker - Sky yu, The Principal Security Consultant of Edgio - 20 yr+ Experience of Security Related Domain, Workedfor Internationl Security Vendors such as Acer, Verizon(美國電信商), NTT(日本電信商), Yahoo etc, Expertise Domain as Below: - Penetration testing & vulnerablility management - Incident response & forensic - 關聯性分析 - EX 打火機+汽油 =>是不是要做爆裂物 - EX2 0:AM 有LAVI log登入紀錄> 本人出差 >判定有異常攻擊紀錄 - SIEM ~關聯性分析~ Implementation, operation & maintenance - Security strategies, policies, guidelines, procedures > 自己踩過的雷不要再讓同事再犯，不要再讓錯誤的事情重蹈覆轍 [name= sky yu] - DDos Mitigation - 癱瘓的對手網站，吸引對手客戶到自家，進而本家現金流收益增加 - [DDoS—未知的恐懼：如何面對它、處理它、放下它](https://m.facebook.com/nt/screen/?params=%7B%22note_id%22%3A354020216042315%7D&path=%2Fnotes%2Fnote%2F&refsrc=deprecated) - WAF Security - Training in Security Domain > 不懂就問最多就是被笑五分鐘，不問被笑五年[name=MO MOnkey? 聽說是批踢踢 JAVA 版版主] > 不需要天生就是天才 ## Outline - Hello security World! - Mansion or Jail, that's the question > 不是住帝寶就是住監獄 [name=Sky Yu] > 原話：To be or not to be - zeroday 控制百萬台server - Ready to step into your career？ - 做自己喜歡的事還可以養活自己   - Keep fighting till the end - 持續奮鬥 - [分享成就世界？ OS Monitor](https://play.google.com/store/apps/details?id=com.ddm.activity&hl=en_US&gl=US) ### CTF is Only One? 1. Cisco 2. Microsoft 3. ... - 沒一個專注在 CTF/攻擊 #### what do they do - protect your electronic assets against evolving cybersecurity threats - 所有東西都電子化了 - EX 紙本病歷 - 以前只能實體偷，現在上網就可以偷 - 之所以資安為什麼熱門 ### What if you don't like any one of above? ### user side #### user side security functions - Executive level: Define security strategies , policies and procedures - Management level: following the security strategies and rules, give orders to operation roles to keep department security functions working - Operation level: following th department's functions and orders from management level to ensure security ... #### Advantages of User side - Stable IT environment - Stable relationship with colleagues - Stable promotion - Stable works - Less business travel  #### vendor side security functions - Security product company : Develop security product to users - FORTINET - JUNIPER NETWORKS - Sevurity service company:Provide security related servcices to users. - Deloitte. - DEVCORE - 沒有人這樣的人就不能提供這樣的服務 - 公司買貴設備，輕人員訓練 - 機器設備一直叫沒有人處理 - 買了M-2000 沒有人維護 #### advantages of Vendor side - Challenging IT environment - Business > Security - 要先有錢阿~ - Challenginh releationship with customers - Surprised promotion - Challenging and urgent works - 心臟要很大顆 - Freqeuntly and urent business travel - 適合喜歡嘗試新事物的人 - 你上頭不怕砸鍋，你怕什麼？ - Orange - 飛機上拿到(洞？) - RFC印下來K文件 - 飛lasvagas - 下飛機找到(洞？) - 技術底子要夠厚，才能10幾個小時內找到  #### The different security expertise - User-side - RD - oper - Asse - Audit - ETC - Vendor-side #### Actually, all of them should work as... 湘北高中籃球隊 #### This is the reason why - [Bucket effects](https://zh.m.wikipedia.org/zh-tw/%E6%9C%A8%E6%A1%B6%E7%90%86%E8%AB%96) - 水會從最低的那塊流出去 - 攻擊1000次，成功一次>成功的攻擊 - 防守1000次，失敗一次>失敗的防守 - 做得好應該，做不好要賠  - め組の大吾 - >原本以為是養老單位，結果是因為前輩防火預備做到滴水不漏，所以才沒有火災 - 預算也是補弱點 #### Mansion or jail ,it's question - You can do something other can't - Brave or Dragon? - 以後沒有人會知道我的名字，但是我做的東西會在這裡 - 如何使用你的技能幫助你想要幫助的(自己，人，世界) - There is an important line but obscure - Black or white? - Don't matter if you are, black or white - 跨越後影響會很大 - 刑事紀錄...etc(司法院會有裁判書可以查) - **Intentionally accesses a computer without authorization or exceeds authorized access** - 不屬於你應該要做的事情，不要做 - ex:pentest, dump db, not in report , but in record. - ~~打對岸要不要？~~ - 尤其澳洲不要惹，掃描太多也會被會文 - Active infomatiuon gathering - Nmap, SQLmap - 你會讓一個陌生人在你家門口一直換鑰匙試嗎？ - Don't try cross line - probably no way back - 一路黑到底  - ex: 悠遊卡 RFID 破解 - hitcon zeroday平台是適合的溝通管道 - 善意揭露 vs 惡意揭露 - 善意揭露：將所有技術細節給公司，得到一個 credit - 惡意掲露：僅透漏部分細節給公司，讓對方知道你可以駭，並要求對方將付錢解鎖漏洞（但這不違法，而是道德高度沒那麼高） - be good , one day you will > - 站著把錢掙了 ### Ready to step into your career? - 自己決定價碼選擇權在自己手上 #### Generally , you have to prepare your own resume #### but please DON'T do this - EX 履歷寫錯字 - 履歷即代表個人 #### nor this - 寫一些不著邊際的話 #### 提重點吸引面試官 - 面試可以 - 知道市場趨勢 - 價碼 - 熱門議題 - 市場方向 - 交朋友   - 認為是對的事情堅持下去,可能路不是很好走，但你會有機會找到好夥伴 - online resume builder - 1111 - 104 - live - https://zety.com/resume-builder - referred by friends (EX 學長姊)  #### HR banK? - slave bank? #### 實際上好工作不會在上面 #### The houses with high c/p sold out immediately - 高CP值馬上會被找掉 - 人力銀行不斷在找人，釋出>地雷 1. Ask your friends or ex-colleagues if they are intrested 2. Ask your friends or ex-colleagues if they have any reffrence 3. wait for response 4. Release this info to HR bank - According to this rule, the first job is always with lower C/P - Wanna grow up fast and leave novice village ASAP? - 技術與英文差不多強 - 去國外找 - Important: Before next chapter please try to get one English certification - The English Certification is 輔助 - It helps you save lot of time in interview - EX 5min 英文自我介紹 - 不講技術語言，要聊什麼？ - even more, it can lead you a way to worldwide ### Keep figing till dead #### how to grow fast - Participate - Share - Contribution #### Find out target in your group - copy it - 持續做100天 - one day you can be master - keeping extend your knowledge base and social connections - ex 健身，破壞與重建 - face every challenges and try to overcome - create your own brand and keep polishing it ### QA - Q1：接case 什麼客戶比較好合作 - A： - 一開始沒什麼選擇權，後面一直累積有招牌，可以分辨這個錢該不該賺 - 有些單位官僚主義，不尊重專業，沒有用到這個專業價值，就不要彼此折磨 - 需要時間累積路遙知馬力日久見人心假設妳是提供服務，要先知道對方知不知道他的需求是什麼，他都不知道建議就不要接 - Scope沒有定義好是前期都會犯的錯 - Q2：看技術以外，還會看什麼例如人格特質？請問會不會有性別天花板的刻板印象，比如產假 - A： - 1.最重看態度，技能可以再學 - ex: 數學系不懂 - 有問題馬上回報 - 沒問題回報進度 - 交談過程可以知道人格特質 - 2.女生在資工產業有優勢也有劣勢 - 男生偏多，女生被要求與苛責程度較輕 - 部分人對女生有刻板印象 - 起薪什麼的不會因為性別有差別 - 國外公司福利通常較好 - Q3：學歷要求？ - A：實力至上 - Q4：一年的什麼時候，資安工作招募 headcount 名額最多？ - A：資安職缺很多都缺人，並沒有釋出時間的問題，隨時都可以嘗試丟履歷 --- ###### tags: `Enlightened` `NISRA` `2022` <style> .navbar-brand:before { content: ' NISRA × '; padding-left: 1.7em; background-image: url(https://i.imgur.com/ue2XHqP.png); background-repeat: no-repeat; background-size: contain; } .navbar-brand > .fa-file-text { padding-left: 0.1em; display: none; } </style>