Who: Registered Attendees (see below) / "The First 50 Who Show Up"
When: Saturday - Aug, 9th 2008
Where: SKYBOX 206 "The 303 Suite"
Remember when going to a security conference meant that you were going to sit around in a large room with 30 or so people watching presentations about subjects that contained highly sensitive information that usually was presented with some type of a legal disclosure? We do, and we want to share that experience with you. Skytalks are quick (30-45 min) presentations that are designed to overclock you brain with cutting edge information about sensitive topics that you might not be able to freely discuss or research from the privacy of your own home or workplace.
To register please send an email to: email@example.com and include the following:
YOUR NAME: "Your name here"
SPEECH: "Your Selection(s)"
You will then receive a confirmation email that contains the directions and the additional information you will need to attend the speech.
1. If you register you are expected to show up.
2. If your not checked in at the top of the hour your reservation will be given away.
3. If you don't show up for your reservation, a representative of 303 will come and take a beer/shoe/girlfriend/etc. tax
SLACK "Simplified Log Analysis, Calculation and Knowledge"
Far too often people talk about statistical analysis of network traffic in terms of complex mathematical concepts, formulas or standards named after people who name concepts and formulas after themselves. More often than not people present analysis of network traffic with the intent of bringing forward buzzwords, colorful charts, and with a predetermined goal in mind. while this impresses most management types, on the front lines of digital defense this way of thinking is useless. Utilizing scripting the languages PERL and PHP along with GNUPLOT a simple to understand and easy to implement system of reports and charts can be made that give a timely overview of traffic and trends that can be applied in real time towards defending a network. While not a panacea for all networks, the concept of SLACK can provide a cost effective custom solution for basic network traffic policing. Examples taken from real world use will be presented, as well as discussion of identifying and isolating useful data from various log sources.
Delchi has been involved in computers and computer security for over 15 years. He currently works doing real time incident response protecting sensitive data. He specializes in data mining, log corelation, IDS signature creation and is a member of the Cult of the Dead Cow's NSF and most recently has contributed his skills as a both a computer security analyst and spiritual advisor to the Offensive Computing project.
Pyr0 (Luke McOmie)
The Art Of Espionage (Tactics, Defense, and you Corporation)
We have all heard the stories about looted laptops, misplaced media, and stupid user mistakes that have lead to losses in the millions. But what about the incidents that don't get published or noticed? This upbeat presentation will discuss the role that espionage plays in today's corporate world and will introduce many new attack and defense techniques. Previously unpublished case studies, live demonstration, and audience participation will be used to help arm the audience with the basic knowledge needed to implement a multilayered security program that will help defend against these dangerous threats.
Luke McOmie is a Security Consultant for British Telecommunications EHCOE. Luke has help protect and defend hundreds of the world's largest companies and organizations. He specializes in Risk Analysis and Incident Response but is well versed in everything from Corporate Espionage to Physical Security. Formerly a senior consultant at the Department of the Interior (Bureau of Communications and Technology), he managed a national CSIRT responsible for Active Threat Defense, Risk Mitigation, and Incident Response. Luke is also a senior staff member (goon) at DEFCON and contributes to several computer security organizations including the r00tcellar Security Team, 303, Security Tribe, and OSVDB. Luke is also the coauthor of Aggressive Network Self Defense of Syngress Publishing and a featured member of TruTV's Tiger Team, a reality television program.
DaKahuna & THEPREZ98
Pen Testing The Web With Firefox
Hacking the Web has never been easier. Whether you're using Firefox as a stand-alone tool for information gathering, modifying your browser with innovative extensions, or using Firefox as a web front-end for other penetration testing tools, you can hack all within the potentially anonymous cozy confines of your customized browser. Putting it all together brings your hack-foo one step further. DNS lookups, uptime reports, hosted hash crakers and online scanners are at your browser's fingertips. With Firefox's innovative add-on feature, a number of powerful extensions have been developed for security scanning, ethical hacking, penetration testing and general security auditing. Finally, a number of penetration testing applications are built specifically with web-based front-ends. Add in a few recommendations for your setup and a few places to test your hacking skills, and your recipe for hack soup is complete.
John Fulmer "DaKahuna" is the Director of IT Security for a major Aerospace and Defense Contractor with headquarters in the Washington, DC metropolitan area. He is responsible for IT security risk management, security architecture, development of policies and standards and stewardship of the organization's information assets. DaKahuna has over 35 years experience in the management and operation of networks and security, including 24 years of active military service with the U.S. Navy. He is an amateur radio operator and active member of the online security community.
Michael Schearer "theprez98" Recently separated from 8+ years of active duty in the U.S. Navy, theprez98 is a government contractor working in central Maryland. He is a contributor to several Syngress books, including Penetration Tester's Open Source Toolkit (Volume 2) and Netcat Power Tools. theprez98 is an amateur radio operator and active member of the Netstumbler, DEFCON, and Remote Exploit forums, a football coach, and father of three.
Videoman (David Bryan)
Reducing he Risks to VOIP
Voice over Internet Protocol (VoIP) systems are not a new technology, and have been around in some form since the late 90's. It's been a technology that has been adopted very quickly due to the reduced costs of deployment, management, and maintenance. In many cases people ignore the risks based on the reduced operating costs. This can be true for some organizations, as VoIP solutions allow for a reduced office deployment times, and reduced costs based on using existing, or shared infrastructures. These cost savings also extend to remote offices, as voice trunks can now be routed over existing WAN/MAN connectivity. In this talk I will present threats and known vulnerabilities to VoIP systems, and ways to mitigate these risks. I will also cover areas of concerns around quality of service, voice and signaling privacy issues, and what can be used to protect such sensitive information. I will also talk about ways that organizations can deploy some of these technologies with security in mind. Time permitting; I will attempt a quick demo showing attack methods against these systems in an unprotected environment.
David M. N. Bryan - CISSP - (AKA: VideoMan)
David has 8+ years of experience doing computer security. He started by working at several ISPs, and then transitioned into working for large enterprise financial institutions to secure their networks. In more recent years he has been a computer security consultant, and enjoys working with NetSPI's clients to help them reduce their risks. In his spare time he and his wife run the local DefCon Group (DC612), and has been a goon at DEFCON since 6 . He also likes to brew beer, and bike the miles of pathways in Minnesota.
Cyber Terrorism (The Non-Tempest In A Non-Teapot)
From frightening innuendo about what imprisoned hackers might whistle into a payphone, to the Big Scary Letter (tm) that so many "concerned scientists" wrote to President Bush in 2002, there has been a mountain of hype about the vulnerability of the United States to "cyber-terrorist attack." What are the real risk analyses behind these warnings? How vulnerable are we? Details and follow-ups to little-known infrastructure attacks, unpublicized natural disasters, and many other data will be brought together to outline what the threat to our critical infrastructure really looks like and where it comes from.
Tim Skorick is of course another goddamned security consultant currentlyresiding in Dallas, TX. He has spent the last two decades in ITenvironments as diverse as retail, petroleum, broadcasting, medical, food service, and mass communications, not to mention the obligatory government and military contracts. He has served on various university advisory boards, delivered lectures on a number of information security topics to universities and professional associations, and is a member of several infosec associations whose initials look really good on his resume.
Roamer (Chris Hurley)
Don't Take Candy From Strangers
In 2007 I was contracted by a US Government Agency (they won't let me tell you which one) to perform an unannounced penetration test (red team) against their Enterprise. This presentation details the methods used to prepare for this engagement, and how a Government agency can be completely compromised with a Snickers bar. Details of the red team as well as steps that could have been taken to prevent this type of compromise are presented.
Chris Hurley, known in some circles as Roamer, is a professional penetration tester working in the Washington, DC area. He the author or co-author of 10 books dealing with Information Security and penetration testing including Wardriving For Penetration Testers, The Penetration Testers Open Source Toolkit, and Stealing the Network: How to Own and Identity. He has spoken at several Black Hats and DEF CONs and has been a DEF CON Goon for 10 Years.
Packing & the Friendly Skies (Firearms May Be The Best Way To Safeguard Your Tech When You Fly)
Many of us attend cons and other events which involve the transportation of computers, photography equipment, or other expensive tech in our bags. If our destination if far-flung, often air travel is involved... this almost always means being separated from our luggage for extended periods of time and entrusting its care to a litany of individuals with questionable ethics and training. After a particularly horrible episode of baggage pilferage and tool theft, I made the decision to never again fly with an unlocked bag. However, all "TSA compliant" locks tend to be rather awful and provide little to no real security. It was for this reason that I now choose to fly with firearms all the time. Federal law allows me (in fact, it REQUIRES me) to lock my luggage with proper padlocks and does not permit any airport staffer to open my bags once they have left my possession. In this talk, I will summarize the relevant laws and policies concerning travel with weapons. It's easier than you think, often adds little to no extra time to your schedule (indeed, it can EXPEDITE the check-in process sometimes), and is in my opinion the best way to prevent tampering and theft of bags during air travel.
CIRE (Eric Smith)
Hacking Outside of the Box
In today's IT market, Information Security assessments are a dime a dozen. Each week, more and more consulting firms are promoting security assessments as a service offering. Despite the variety of assessments that are being conducted none of them are effective in identifying the true risks to your business. Too many organizations are still requesting legacy style security assessments and ignoring areas where real damage is occurring. Hackers aren't wasting time just focusing on network and application level vulnerabilities. Instead they are hanging out in your smoking areas and digging through your trash dumpsters. This discussion will focus on areas where these common assessments are lacking which results in unnecessary gaps in your organization's security posture. Case studies will be presented and recommendations will be discussed to begin shifting the tides in the assessment world.
Eric Smith is presently working for Alternative Technology as an Information Security consultant. Also referred to as an Ethical Hacker, he regularly performs full risk assessments, network vulnerability and application security assessments, wireless audits, and in-depth penetration testing. Prior to working with Alternative Technology, he worked for companies such as Equifax where he helped design and implement an application assessment practice; International Network Services as a Senior Security consultant; Bellsouth and GE Power Systems as a security analyst. Eric has over 14 years in the Information Technology field, with a steady focus on Information Security for the last 8 years. Eric holds a Bachelors degree in Information Systems Security and maintains active CISSP and CISA certifications.
Introduction to MCU Firmware Analysis and Modification with MSP430static
The Texas Instruments MSP430 is a low-power, 16-bit microcontroller which is rapidly gaining popularity in the embedded world. MSP430static is a tool for reverse engineering the MSP430's firmware. This lecture will demonstrate how to analyze, modify, and reflash the black-box firmware image of an 802.15.4/Zigbee wireless sensor node.
Travis Goodspeed works at the Extreme Measurement Communications Center of the DOE's Oak Ridge National Laboratory. He has spoken at ToorCon 9 and the Texas Instruments Developer's Conference regarding stack overflow exploits for the MSP430-based Wireless Sensor Networks. For the past year, his hobby has been translating <<Voyage au centre de la HP28 c/s>>, a fascinating work of francophone reverse engineering, into English.