Security and Privacy in Big Data 2017

I don’t know if I’ve told you that I’m one of the teachers of the Security and Privacy within Master in Big Data Analytics, Valencia Polytechnic University. It is a master’s degree that has been very well accepted from the beginning since there was no formal training in this respect. In fact, every year there is a waiting list of people who stay out and have to wait for the next call (and companies that ask for one of the students), a success.

As I was saying, I give one of the parts of the subject of Security and Privacy, so we started talking about Privacy on some social networks, how they use our information to do according to what things, what Big Data techniques they use to improve their service, etc.

Intrusion test

During the second part of the class, we see how to make a audit of our platform before we start working with it and check whether we have put in the necessary security measures or have to improve some weak point to prevent malets from accessing information. To do this, we talk about the different Linux distributions prepared for audit (we are based on Kali Linux for tests), we comment on some of the most common tools such as Nmap,

: / / www.metasploit.com / «target =» _ blank «rel =» noopener «> Metasploit u OpenVasthe various stages to be carried out for an audit, etc.

Getting to control all the applications included in Kali is practically impossible, in the end you always use the ones you know the most, you have personalized to your liking and you know what results they will give. I don’t think I use 20% of the tools Kali has, but it’s still a distribution I love. It is not to have it as a desktop as the updates of all the packages it contains sometimes make it a little unstable, but it is to have it on a virtual machine or on a USB that you can start with in case of need.

Even so, a few weeks ago I discovered a page about Kali where a small ‘chat sheet’ is included with all the applications distributed by areas, which is quite useful and interesting to test alternatives. In addition, it makes a small summary of some of the most popular applications, it has allowed me to discover some that I did not use. The specific article you can find in https: / / www.comparitech.com / net-admin / kali-linux-cheat-sheet /

The value of good students

Both parts of the course are made fun and enjoyable. The first one because it’s full of gossip, crackers and fortuitous failures in social media and the second because they learn basic hacking and system audit techniques. As Chema Alonso once said, ‘It’s okay to get paid to fix crystals, but it’s more fun to get paid to break them. ‘. Taking advantage that this part is more fun and practical, to complete the hours of the subject the students have to perform a task: auditioning a real machine in

Amazon AWS, so for a few days I publish a machine in Amazon with specific vulnerabilities that have to be discovered and investigated if any of them give access to the system.

The case is that a few days ago the time limit for the students to deliver the different jobs of the different subjects was over and I have already finished checking mine… and I would not know how to explain the mix between pride, satisfaction and various sensations that have produced the works. There are some really good, exceptional, in a couple of them have even found a vulnerability that I had not consciously put: D And, considering that most of them are young promises, It makes me have faith in the new partners who are going to help us. to the oldest of the place, whom we grew up with

Others, FTPs e IRC. It is possible that some of them have not known the IRC or not connected using a modem connected by the serial port to a BBS in text with the pppdor that they do not know what the 055 of Infoviabut they are able to think of forming no-conventional, of going one step further, of not keeping the first result and of generating their own scripts and algorithms to automate tasks. We’re on the right track..