Re: Black hat questions

Well, spell check is a good start... ;)

I just go to the briefings; though if you see a training session that would help add that on as well. Though, usually I have found the training sessions somewhere else cheaper.

Re: Black hat questions

I can't speak in relation to other training, but I can attest to what I've observed.

The briefings are what most folks attend at BH .. due to money contraints, work/time limits, etc. The briefings allow for your own custom track of a few hands worth of topics being discussed in training (plus more) and the ability to walk up and chat with some of the coolest folks in the industry amoung a crowd of industry norms that have their job because they needed a job.

The training is not to be scoffed at. If you can afford the forementioned hurdles... Training is more specialized.. generally limiting to one or two topic scopes within a single track that you attend at a time. The clincher? Think of it like attending high school with THE Internets Jay Beale, Joe Grand, Jamie Butler, etc as your teacher for the session. You're no longer in a mass presentation environment with 100-300 other people, but in a classroom with 10-30 others that are (at least theoretically) interested in the same subject that you're there to master by getting it from an authority on the subject.

Then there is Defcon, a funky loose bastardization of the two with higher emphasis on partying and enjoying the weekend; to my limited experience many of the same topics as the Briefings but in a more relaxed and broad presentation style.

Re: Black hat questions

haha...IrishMASMS



Might I suggest research, and opening a book, or two?

You might learn the names of a few fuzzers at the conference, but most of the info is only applicable to people who know what buffer overflows are, and at least know how to use windows group policy service(even loyal Linux, and BSD users know how to harden a windows box despite there prejudice.)

If it's critical I'm sure it's about time for some of these cert jockeys around here to get put out to pasture. Maybe your daddy can give them a box of saltines, and lock them in the server room.

Today will be the last day I can bless this community with my beholding opinions before I have to go back to the desert, and sit at a terminal every waking hour, so keep the post's coming. Quit ham n' eggin' with the conversing.

Re: Black hat questions

Yes, those are great suggestions compared to spending the $$$ for the Blackhat training... but sometimes individuals need a more 'hands-on' or more of a presentation/lecture style to graps the subject matter. Perhaps for this fellow those training sessions would help; hence his question.

Re: Black hat questions

Yeah I was gonna suggest just spend a night reading Exploiting Software: How to Break Code

It's hand down the best single reference to penetration testing. It has some illustration, but it's mostly easy to read material on tools, and architecture. Defiantly better than the majority of published books including most CS textbooks.

In the end it takes someone with assembly language skills to properly secure a network since they learn pretty much everything on the road to learning assembler language. They don't really teach practical software engineering in most university's like ITT tech. Fore example ~CS345 supposedly teaches cryptanalysis, but the information is often broadened, and generic.

It takes too much time to teach practical procedure of any kind in just a couple weeks.

Re: Black hat questions

wow, thnx guys. im a hardend defcon vet so since cash IS a factor i dont think ill be sprining for the traning but the breifings sound like fun :D

Re: Black hat questions

Hmmmm, not sure if a university can be compared to ITT Tech - One provides more of an education, while the other is a degree factory. YMMV, IANAL, etc - and you decide which is which. ;)

From what I have seen your statement is correct - neither present practical software engineering.

Re: Black hat questions

I disagree on this being the top reference for pentesting, even from a software perspective. While it's certainly good, I consider The Art of Software Security Assessment to be much more of a holy grail. It takes a look at security assessment as an integral part of the SDLC. Exploiting Software is most definitely an awesome book, but I found it to have less emphasis on the finding and more on the exploiting. While that's important, I think you need more of a basic understanding of not only how to find vulnerabilities but also why they exist in the first place.

On the topic of Black Hat, the trainings are top notch if a) it's in your budget for time and money and b) there is a training topic which fits your current security education needs and background. If it's over your head or doesn't apply to your company's focus, you're wasting not only your own time and money, but that of the others in the class as well.

Re: Black hat questions

Imo, the briefings + DEFCON is well worth the time and money. As for training, I've only had 1 "less than optimal" experience out of 6 classes. To be fair, "less than optimal" meant that the instructors and I seemed to be at a similar skill level rather than me learning at the feet of the Master. It was still a lot of fun.

Another thing about training is that if you also stay for DEFCON, it becomes an entire week in Vegas at Caesar's Palace - an experience I'm fond of. You'll also meet people from all over the world. Hint: don't try to keep up with the Brits if you go partying with 'em - missing a morning of the briefings to a hangover would suck ;-)

If you want to get one of the BH block of rooms at Caesar's (you do), don't screw around and wait until the last minute (or last 8 weeks) to book your room. The one time I fucked off until June, I ended up staying at freaking Bally's. It was Not the same, and it blows walking through the strip in a pre-coffee state.

Surreal

Re: Black hat questions

I wholeheartedly agree with the above information and Surreal is not kidding with the advice of not keeping up with the Brits, after one night a few years back I am almost sure the English are born with an extra liver, or they were playing George Clooney's prank by drinking water when I was drinking booze.

Another added bonus about attending Blackhat, everyone bathes!, there is no real gamey smell to the attendees (at least until the first day into DEFCON) Personally I think the access to the speakers is also a bit better at Blackhat, and there's a good chance of picking their brains over the catered Blackhat lunch at Caesars, or later at the Shadow Bar.

Also networking, networking, networking, and I mean really getting to know your fellow attendees, often without a sales pitch as I've gotten from over security conferences. An added bonus for those of you looking to for the coveted 'Spot the Fed' shirt, Blackhat gives you an excellent opportunity to scout the floor for prospects as they are wandering the halls with whatever agency they are working for printed on their nametag. Also allowing you to arrange a good time to meet with Priest privately @ Defcon as many Feds really like the "I am the Fed" shirt, but have orders not to get publicly outted on stage, or they'll be applying for a new job with the Border Patrol on Monday.

Re: Black hat questions

Im attending Defcon after never being able to go.. so I am thoroughly looking forward to it! Im not to sure on the training courses but like others have stated the briefings seem to be the best of both worlds!!

Im a Brit - but I cant drink that much so on the partying front I dont think im a subject matter expert :D

Re: Black hat questions

don't worry... there's a whole track dedicated to that subject at defcon. it's called "attacking and defending your liver" and consists of impromptu talks and hands-on trainings in multiple locations. events in this track are scheduled typically to run from ~13:00 to 05:00 each day, although impromptu unscheduled trainings have happened (with great frequency) outside these parameters.

Re: Black hat questions

I look forward to the training sessions ;)