Loading...

ssl certificate massive analysis..and medical applications fingerprinting

244 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Jan 15, 2016

We have developed an internet search engine. We call it NetDB, the Network Database Project. We are an independent group, not funded by the government or any other specific entity. However, the relevant authorities have been informed of our project and related activities. Our technology is developed entirely in Costa Rica by: Bertin Bervis Bonilla -Networking Engineer -Software developer Python/C -NOSQL Databases -Security Researcher James Jara -Software Developer -NOSQL Databases -Security Researcher -Web Developer. Our system has been developed from scratch. The algorithm randomly monitors the Internet 24 hours a day. We take TCP/UDP/SNMP responses as the base and continue to implement new ports as our infrastructure grows. At this moment we consult a battery of +50 ports, every public IP of every autonomous system in the world, we index banners from every response such as HTTP header files, telenet banners and SSH. With SSH we index de digital fingerprint and corresponding certificate. In addition to all this information, we use the geospatial location to find what we term the "Internet cadaster". In the HTML-based ports, we index the entirety of the content: the HTML, banner, type of response... 401,503,200, etc. We use HTTPS and Port 443 to request the certificate, store it and convert the PEM to plaintext. This way we can consult the information contained in the PEM such as the issue, organization... We employ Python, C and NOSQL databases such as Mongo and Haddop to store our Big Data. Currently we have 18 million results from around the world and expect to increase that number with the funding of more servers so that it can be released to the public. Our presentation is focused in how easy it is to identify medical devices and application by consulting our database, looking at the information contained in the SSL certificates from around the world as well as the autonomous system and HTML code. We managed to identify many such devices like stethoscopes, PACS servers, IMPAX serves, etc. Of course our search engine contains other interesting details such as industrial devices, cameras, printers, wind turbines, etc. But we focus primarily on medical devices in order to bring attention to the importance of protecting these types of machines in the internet's public infrastructure. We will quickly go over some developing techniques used to exploit IMPAX servers, as well as the techniques used to consult SSL certificates and other parameters in our database. We will also present other curious cases of medical applications we have run into. We develop systems like those of Google. Searching for the "medical" string in the information of the autonomous system: as:medical. Searching for the "medical" string in all certificates: cert:medical. Searching for the "PACS" string in the HTML: html:PACS. For example, searching Heartbleed: server:ssl/1.0 cert:2012 the mixture of operators searches for these chains of text in the HTTP "server" banner and the certificate number 2012 corresponding to the date of the certificate.

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...