His experience is in the areas of IDS/IPS, digital forensics, next-gen firewall systems, log analysis and viz, secure messaging, security appliances, small caliber arms and right-wing rhetoric. Snort has become a standard component of many IT security environments. However, with such widespread deployment, enhancing Snort’s capabilities offers the potential for a large and immediate impact. Since then, Ben has worked designing and implementing security-related software and appliances at a series of since acquired or failed start-ups. Ben Feinstein is a researcher on the Counter Threat Unit (CTU) at SecureWorks, working behind the scenes to support Agent Jack Bauer and the GWOT. Instead of chasing the industry’s new-hotness of the day, it frequently makes more sense to add new capabilities to an existing security control. The author will introduce the Snort plug-in architecture and the relevant APIs used when implementing extensions to Snort. Ben has presented at Black Hat USA, DEFCON, ACSAC and others. Lessons learned and pitfalls to avoid when developing Snort plug-ins will be covered. Snort is mature and widely deployed, and is no longer viewed as new or exciting by the industry. Ideas for future work in the area of Snort extensions will be presented. He first became involved with information security in 2000 while working on a DARPA / USAF contract instead of going to his college classes. With this in mind, the author set out to implement new and innovative capabilities in the form of GPL-licensed Snort plug-ins. Some interesting code snippets will be discussed. In his spare time Ben authored RFC 4765 and RFC 4767.
Occasional hits get a network banned for an hour or less, subsequent hits get them banned a little longer, and then there’s a fine line where the function goes exponential, all the way up to 6-month-plus ban periods for really big nuisances. The secret sauce is a carefully tuned ban decay function that scales up with the number of abuses.
He maintains several academic affiliations and has previously spoken at conferences such as Shmoocon, CanSecWest, DC3 and HTCIA. He has been a speaker at conferences such as Black Hat, Toorcon, CodeCon, and Shmoocon and is the author of the upcoming “The IDA Pro Book”. His current primary research focuses around high assurance trusted computing, but interest also strays to digital forensics, reverse engineering, and the like. A computer engineer/scientist for 23+ years, his research interests include computer network operations, computer forensics and reverse/anti-reverse engineering. Numerous kludgy solutions exist from asynchronous use of the same data files to working on multiple copies of data files which quickly diverge leaving the differences to somehow be reconciled. Tim Vidas is a Research Associate in the Computer Science Department at the Naval Postgraduate School (NPS). Pedram Amini’s Ida Sync provided a first step towards automated collaboration among Ida users however Ida Sync suffers from several shortcomings including the fact that it has failed to keep pace with the evolution of Ida’s internal architecture. The design of a robust server component, responsible for managing projects and connected clients will also be discussed along with a number of capabilities beyond simple collaboration that are enabled via the collabREate architecture. The talk will include discussion of the IDA API and the ways in which it facilitates collaboration along with the ways in which it hinders collaboration. Chris Eagle is the Associate Chairman of the Computer Science Department at the Naval Postgraduate School (NPS) in Monterey, CA. A major drawback with the use of most reverse engineering tools is that they were not designed with collaboration in mind. In his spare time he heads up the Sk3wl of r00t CTF team and can be found pulling all-nighters at Defcon. In his free time he toys around with digital forensics competitions, CTF exercises, and any other interesting look challenges. In this presentation, the authors present a new tool titled collabREate designed to bring nearly effortless collaboration to Ida users.
Do you work at a school. Therefore, your personal/confidential information might be at risk. Michael Vieau is an independent security researcher located in United States where he conducts security assessments & penetration tests on new and existing technology for various customers (and sometimes just for fun). He comes from a wide technical background ranging from network infrastructure, to programming, instructing, & of course security. We will use known attacks to show new vulnerabilities in several typical educational software packages. How do you prove you went to a particular high school, college or university. Have you gone to school. Joe Cicero is currently a Network Specialist Instructor for Northeast Wisconsin Technical College, he specializes in teaching Linux, Network Security, and Computer Forensics Courses. His main focus is on *NIX security, mobile devices, and wireless security. He is originally from Green Bay and in 1985 he joined the Marines. FACT: Educational institutions MUST keep your personal/confidential information. His final duty assignment was as the Operations Chief for Tactical Warfare Simulations Evaluations Analyses Systems (TWSEAS) where he traveled the world conducting training through use of computer simulations. The presentation will focus on the vulnerabilities, what tools were used to find them, and why successfully exploiting a weak system will allow you to gain access to a secure system. Are you going to school. This presentation will be about typical software packages found at educational institutions and their vulnerabilities.
Antonio Guzmán and Dr. This work shows a NEW POC Tool. He is a Microsoft frequent speaker in Security Conferences. Recently spoke at BH Europe 2008 about LDAP Injection & Blind LDAP Injection attacks. He writes monthly in several Spanish Technical Magazines as “Windows TI Magazine”, “PC Actual” or “Hackin9”. This article shows exploitation examples for some versions of Microsoft SQL Server, Oracle DB Engine,MySQL and Microsoft Access database engines, nevertheless the presented technique is applicable to any other database product in the market. He is a very famous speaker in Spanish conferences about IT Infrastructures, Microsoft Technologies and Security. He is currently working on his PhD thesis under the direction of Dr. The goal is to stress the importance of establishing secure development best practices for Web applications and not only to entrust the site security to the perimeter defenses. He has been working in the Microsoft Technet Program from 2005 delivering conferences, webcasts and technical information. Com/gp/mvpInsider_2006-08
José Parada is an IT Pro Evangelist in Microsoft. He has been working as security consultant last six years and had been awarded as Microsoft Most Valuable Professional from 2005 to present time. Chema Alonso is a Computer Engineer by the Rey Juan Carlos University and System Engineer by the Politécnica University of Madrid. This presentation describes how attackers could take advantage of SQL Injection vulnerabilities using time-based blind SQL injection.
BASTED is a free tool that acts as a honeypot for spammers, who use spambots to harvest email addresses from websites. BASTED has been designed to become a powerfull tool for system administrators willing to learn about the the spam process.
Angell has very radical and constructive views on his subject, and is very critical of what he calls the pseudo-science of academic Information Systems. The mixture of computers and human activity systems spawns bureaucracy and systemic risk, which can throw up singularities that defy any positivist/statistical analysis. Prior to that he researched and taught Computer Science at Royal Holloway College, and University College London. The belief system at the core of computerization is positivist and/or statistical, and that itself leads to risk. Using black humour, Angell discusses the thin line between the utility of computers and the hazard of chaotic feedback, and ends with some advice on how to survive and prosper amongst all this complexity. His main research work concentrates on organizational and national I. In this talk Professor Angell will take the devil’s advocate position, warning that computer technology is part of the problem as well as of the solution. Policies, on strategic information systems, and on computers and risk (both opportunities and hazards), particularly the systemic risks inherent in all socio-technical systems and the security threats posed to organisations by the rapidly diffusing international information infrastructure. He has gained a certain notoriety worldwide for his aggressive polemics against the inappropriate use of artificial intelligence and so-called knowledge management, and against the hyperbole surrounding e-commerce. Ian Angell has been Professor of Information Systems at the London School of Economics since 1986.
He specializes in penetration testing (over 40,000 machines assessed), reverse engineering and malware research. When penetration testing large environments, testers require the ability to maintain persistent access to systems they have exploited, leverage trusts to access other systems, and increase their foothold into the target. He currently works as a professional security researcher on problems for both the government and private sectors. Valsmith has been involved in the computer security community and industry for over ten years. Post exploitation activities are some of the most labor intensive aspects of pen testing. Most recently Valsmith founded Offensive Computing, a public, open source malware research project. Valsmith is a member of the Cult of the Dead Cow NSF. He also works on the Metasploit Project development team as well as other vulnerability development efforts. Penetration testers acquire hashes, crack them, keep track of which passwords go with which usernames / systems and finally reuse this information to penetrate further systems. He has spoken previously at RSA and other venues. Colin Ames is a security researcher with Offensive Computing LLC where he consults for both the private and public sectors. These include password management, persistent host access, privileged escalation, trust relationships, acquiring GUI access, etc. He’s currently focused on Pen testing, Reverse Engineering, Malware Analysis and Steganographic research.
Marco Figueroa CEO & Senior Security Analyst, MAF Consulting, Inc. VLANs Layer 2 Attacks: Their Relevance and their Kryptonite
Kevin Figueroa CEO & Information Security Engineer, K&T International Consulting, Inc. Williams CEO & Information Security Architect, IRON::Guard Security, LLC.
There have been a number of exciting bugs and design flaws in Tor over the years, with effects ranging from complete anonymity compromise to remote code execution. In addition to all the hats he wears for Tor, Roger organizes academic conferences on anonymity and security, speaks at industry and hacker cons, and does tutorials on anonymity for national and foreign law enforcement. Some of them are our fault, and some are the fault of components (libraries, browsers, operating systems) that we trusted. Then he’ll outline the wide variety of current vulnerabilities we have, explain what they mean for our users, and talk about which ones we have a plan for and which ones will continue to be a pain for the coming years. — attacks against all anonymity designs, including Tor. Further, the academic research community has been coming up with increasingly esoteric — and increasingly effective. Roger Dingledine is project leader for The Tor Project. In the past few years The Tor Project has also gotten an increasingly diverse set of funders, become an official 501c3 nonprofit, and expanded its community of both volunteer and funded developers. The Tor network has grown to over 1500 relays handling traffic for hundreds of thousands of users daily. Last, we’ll speculate about categories and topics that are likely to introduce new problems in the future. Roger will walk through some of the most egregious bugs and design flaws we’ve had, and give some intuition about lessons learned building and deploying the largest distributed anonymity network ever.
Marcus Sachs is a member of the CSIS Commission on Cyber Security for the 44th Presidency and since 2003 has volunteered as the director of the SANS Internet Storm Center. In this role, Mr. He was selected as a finalist for Information Security Executive of the Year of the Midwest in 2005. Tom is a Certified Information Security Manager (CISM). He currently works at Verizon as an Executive Director of Government Affairs for National Security Policy. He currently serves as a member of the CSIS Cyber-Commission on Cyber-Security for the 44th President and a member of the Advisory Board for Debix, an Identity Theft Protection Company. Assante, a recognized security and infrastructure protection visionary and new product development leader, brings a powerful combination of leadership/domain experience, technological vision and strategy development to the Idaho National Lab (INL). Dixon was instrumental in creating US-CERT, which serves America as the 24x7x365 cyber watch, warning, and incident response center that protects the cyber infrastructure by coordinating defense against and response to cyber attacks. Dixon led the initial development of US-CERT’s capabilities for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities across federal, state, local government agencies, and private sector organizations, making it Homeland Security’s primary element of cyber preparedness and response. Tom Kellermann is responsible for building Core’s relationships with key industry and government partners, and helping further the acceptance of auditing security defenses to reduce organizations’ operational risk. Before joining NCSD, Mr. Assante was awarded best governance program “The Best of the Best – Best Governance Program,” Information Security Magazine, December 2003 for the establishment of an enterprise executive security committee. Prior to assuming a vice president’s position as Chief Security Officer at AEP, Mr. Dixon served as the Deputy Director of Operations for the U. Specifically, Tom is a Commissioner and Chair of the Threats Working Group on The Commission on Cyber Security for the 44th Presidency. Assante was named as a Naval Intelligence Officer of the Year. Tom was responsible for Cyber-intelligence and policy management within the World Bank Treasury. Tom Kellermann formerly held the position of Senior Data Risk Management Specialist the World Bank Treasury Security Team. The Center for Strategic and International Studies (CSIS) has established a Commission on Cyber Security for the 44th Presidency – the administration that will take office in January 2009. Tom is also the author of numerous World Bank white papers on cyber security: Mobile Risk Management, The Digital Insider, Phishing in Digital Streams, Bots: Cyber Parasites, Zero Day, and Money Laundering in Cyberspace. Prior to assuming his strategic leadership position at INL, Mr. Computer Emergency Readiness Team (US-CERT). Selected for outstanding contribution at the RSA 2005 Conference and awarded the outstanding achievement in the practice of security within an organization. Assante was a vice president and Chief Security Officer at American Electric Power, the largest generator of electric power in the US, serving 5 million customers in eleven states. He provided leadership, developed and implemented strategies to enhance security and business continuity for AEP; he was also responsible for protecting and maintaining corporate facilities, critical operating assets and property; and ensured the security and continued preservation of all corporate information and proprietary data and the technology that supports it. Selected by his peers as the winner of the Information Security Magazine’s 2007 security 7 leadership award for his efforts as a “strategic thinker”. Prior to being chosen to lead NCSD, Mr. Dixon was the founding director of the Internal Revenue Service’s (IRS) Computer Security Incident Response Capability. Org/finance/esecurity
Tom is an active member of the IP Governance Task Force, The National Consumer League’s Anti-Phishing Working Group, The New York Chapter of Infragard, the IPv6 Forum and is an active member of the American Bar Association’s working group on Cyber-crime. Additionally, Kellermann represents Core at US, international and industry security working groups, helping these organizations promote improved security practices and policies. Dixon led their operational cyber security capability for the IRS and developed their ability to detect and respond to protect American taxpayer’s private information from security attacks. During his time at Homeland, Jerry led the national effort to protect America’s cyber infrastructure and identify cyber threats. Jerry Dixon is currently the Director of Analysis for Team Cymru and serving as Infragard’s Vice President for Government Relations, and was the former Executive Director of the National Cyber Security Division (NCSD) & US-CERT, of the Department of Homeland Security. Tom also serves as the Chair of the Technology Working Group for the Financial Coalition Against Child Pornography. Tom regularly advised central banks around the world per their cyber-risk posture and layered security architectures. The goal of the nonpartisan Commission is to develop recommendations for a comprehensive strategy to improve cyber security in federal systems and in critical infrastructure. Dixon has also served as Director of Information Security for Marriott International, a global private sector company, where he led cyber security planning, security architecture, and security operations. He has been recognized by SC Magazine among all Chief Security Officers as one of two finalists for the global 2005 awards as CSO of the year. In 2002 Assante was selected as one of Columbus Ohio’s Top 40 people under 40. Prior to joining Verizon in 2007 he was the deputy director of SRI International’s Computer Science Laboratory. Assante as a reserve naval intelligence officer was filling a critical position at the National Infrastructure Protection Center. He is a retired US Army officer, a former Presidential appointee to the staff of the National Security Council, and was part of the original cadre of DHS’ National Cyber Security Division in 2003. Along with Thomas Glaessner and Valerie McNevin, he co-authored the book E-safety and Soundness: Securing Finance in a New Age and the White Paper, and E-security: Risk Mitigation in Financial Transactions. Hear what is going on with this Commission, ask questions, and provide input on what you think should be addressed at a Presidential level for the next administration.
Hackers : Loyd Blankenship (The Mentor) * John Draper (Captain Crunch) * Boris Floricic • Sven Jaschan • Jon Lech Johansen (DVD jon) • Gary McKinnon (Solo) • Kevin Mitnick (Condor) • Robert Tappan Morris • Mudge • Kevin Poulsen (Dark Dante) • Theo de Raadt
Cryptologues : Leonard Adleman • Charles H. Bennett • Gilles Brassard • Don Coppersmith • Whitfield Diffie • Hans Dobbertin • Taher Elgamal • Horst Feistel • Martin Hellman • Xuejia Lai • Arjen Lenstra • James Massey • Ralph Merkle • David Naccache • Phong Nguyen • Bart Preneel • Ronald Rivest • Bruce Schneier • Adi Shamir • Dmitry Sklyarov • Jacques Stern • Philip Zimmermann
Autres : Serdar Argic • Mafiaboy • Edward Snowden.