ChicagoCon - Ethical Hacking Conference and Security Training - Oct 27 - Nov 2, 2008 - News Feeds

The Ethical Hacker Network

close

Partners

Training Camp

Digital Construction Company

InfoSec Institute

Sponsors

Coming Soon

For more info on all sponsors, click here.

For Sponsorship Opportunities, click here.

Top Panel

Sponsors

Top Panel

Friday, 05 September 2008

Register Now for ChicagoCon 2008f

2008f Registration Open!

For More Info:

Call Collin Walsh

800.698.5501 x1209

This e-mail address is being protected from spam bots, you need JavaScript enabled to view it

Site Login

News Feeds
The Ethical Hacker Network RSS News Feed
Most Recent Additions to The Ethical Hacker Network, the best, single source of educational content for forensics, pen testing and incident response. Hacker Challenges with prizes, free monthly giveaways, tutorials, articles, forums, certification info and more.

Spiceworks Redux: Review of v3 Last year I wrote up a review of Spiceworks v2. There were a few minor issues that I had with this application billed as Free IT Management Software, but overall I felt it was a solid product. Recently, I received an email notifying me that the latest iteration of Spiceworks was released. I thought it might be interesting to look over version 3, highlight the newest and best features, and see if the cons have been improved. Disclaimer: I am not nor have I ever been affiliated with or otherwise compensated by Spiceworks. Basic Install As with the... Aug 2008 Free Giveaway Sponsor - ChicagoCon Win Boot Camp Seat = $4100*!!InfoSec Institute (http://www.infosecinstitute.com/) Training Camp (http://www.trainingcamp.com/). Registration Is FREE! (index.php?option=com_smf Itemid=35 action=register) Maltego Part I - Intro and Personal Recon By Chris Gates, CISSP, GCIH, C\|EH, CPTS According to their web site, Paterva invents and sells unique data manipulation software. Paterva is headed by Roelof Temmingh who is leading a light and lethal team of talented software developers. On May 6 2008, they released a new version of a very kewl tool named Maltego. Maltego (http://www.paterva.com/maltego/), is an open source intelligence and forensics application. It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. Coupled with its graphing libraries, Maltego, allows you to identify key relationships... June 2008 Free Giveaway - Winner We Have A Winner!! Black Hat (http://www.blackhat.com) on us. Black Hat USA, August 2-7 in Las Vegas, is the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting including industry leaders Microsoft, Cisco, Google and new startups. Briefings tracks include many updated topics plus the always popular ones including Zero Day Attacks/Defenses, Bots, Application Security, Deep Knowledge and Turbo Talks. g00d_4sh wins a Passport Admission Ticket worth... DIY Career in Ethical Hacking The sub-title to my recent presentation at the SANS WhatWorks in Pen Testing Summit is Remodeling your career for little to no money down. Inside you'll find practical exercises in finding out who you are and what gets your blood flowing. And, although I do offer some advice on pushing your career in this growing field of ethical hacking with some inexpensive (and sometimes free) actions one can take, none of that seemed to be what struck a chord with the crowd. One of the bullet points paraphrases a quote from the movie, Risky Business (http://www.imdb.com/title/tt0086200/), when Joel's father says... LAN Switch Security: What Hackers Know About Your Switches Review by Chris Gates (content/category/7/32/24/), CISSP, GCIH, C\|EH, CPTS In addition to his regular column, Chris Gates does some great work on EH-Net including participating in our growing forums as well as doing various book reviews. He is back with a quick look at a recently released security title by Cisco Press that Chris describes as, Should be required reading for Pentesters.” So let's begin his review... LAN Switch Security: What Hackers Know About Your Switches provides enough information to leverage the most common layer 2 attacks a pentester would be interested in; MAC Flooding, VLAN Hopping, DTP attacks,... Interview: SANS Pen Test Summit Part 3 - HD Moore SANS WhatWorks in Penetration Testing Ethical Hacking Summit with Ed Skoudis (http://www.sans.org/info/25039) brings together a number of authors, researchers, and actual practitioners of pen testing, the summit will not only give a view as to where we stand as a community right now but also where we are headed in the future. Joining Ed will be a number of celebrated hackers (the positive connotation of the term) including Google Hacking Expert (http://johnny.ihackstuff.com/), Johnny Long, and the man behind the Metasploit Project (http://www.metasploit.com/), HD Moore. I once had a conversation of Ed Skoudis regarding career choices and advice. He... Ed Skoudis and the Pen Testing Factory “Inside this [class]room, all of my dreams become realities; and some of my realities become dreams.” Student: Ed Skoudis's opening his factory. He's gonna let people in! Teacher: You sure? Student: It's all over the net, and he's giving truckloads of ethical hacking secrets away. Teacher: Class dismissed. Student: No, no. The first one's only for 25 people. Teacher: Class undismissed. Student: He's making available 25 golden tickets, and the people who buy them will win the big prize. Teacher: Where's he hidden the tickets? Student: They’re not really hidden. They’re inside SANS Events. You have to buy SANS courses to get them. Teacher: Class re-dismissed. The terms “Ethical... April 2008 Free Giveaway - Winner We Have A Winner!! Summit Brochure (http://www.sans.org/pentesting08_summit/brochure.pdf?portal=806f0a8d1188a3baf62c9a377b5e2c02). The lucky EH-Net member who will be given a complimentary summit pass worth $1745 has been chosen and it is vijay2. Congrats and keep up the good work. del.icio.us Discuss in Forums Participation on EH-Net is the ONLY way to win. Start a thread that sparks lots of interest; share thoughts and experiences; help a newbie... quality is more important than quantity. Only EH-Net members are eligible! Registration Is FREE! Interview: SANS Pen Test Summit Part 2 - Johnny Long SANS WhatWorks in Penetration Testing Ethical Hacking Summit with Ed Skoudis (http://www.sans.org/info/25039) brings together a number of authors, researchers, and actual practitioners of pen testing, the summit will not only give a view as to where we stand as a community right now but also where we are headed in the future. Joining Ed will be a number of celebrated hackers (the positive connotation of the term) including Google Hacking Expert (http://johnny.ihackstuff.com/), Johnny Long, and the man behind the Metasploit Project (http://www.metasploit.com/), HD Moore. I once had a conversation of Ed Skoudis regarding career choices and advice. He... Interview: SANS Pen Test Summit Part 1 - Ed Skoudis Intelguardians (http://www.intelguardians.com/) has been an author, instructor and professional penetration tester for the better part of 15 years. The SANS Institute has been a highly regarded organization extolling the virtues of security education, certification and research for quite some time as well. Together they have put together a summit specifically dealing with penetration testing as a profession. The SANS WhatWorks in Penetration Testing Ethical Hacking Summit with Ed Skoudis (http://www.sans.org/info/25039) brings together a number of authors, researchers, and actual practitioners of pen testing, the summit will not only give a view as to where we stand as a... Interview: EC-Council Offers Details and Insights on CEH v6 The latest version of the Certified Ethical Hacker (CEH) Courseware is due to be released and presented for the first time at Hacker Halted USA 2008 in June. Many small details of CEH Version 6 have been peppered on the Internet, as well as snippets of teaser copy on EC-Council’s own web site. “With a total of 28 new and never seen before modules, covering the latest concepts, featuring more real life cases, and showcasing the latest hacking and security tools, the Certified Ethical Hacker (Version 6) will be the most advanced course ever.” So I requested an interview with... It Happened One Friday Overview: Hello, challenge fans. Matt Carpenter and I have brewed up a new one for your analysis. The evidence is below. Analyze it and answer our questions. As always, we'll choose three winners: one technical champ, one creative victor whose answer is technically correct, and one lucky person chosen at random. As you work through this challenge, please observe this very important warning! As they say on TV, DO NOT TRY THIS AT HOME. We'll go even further by saying, DO NOT TRY IT AT WORK EITHER. The commands included in this challenge are _highly_ destructive, and some of them... Intro to XPath Injection By Chris Gates, CISSP, CPTS, CEH WTF is XPath Injection? Data can be stored in a XML file instead of an SQL Database. To sort through complex XML documents, developers created the XPath language. http://www.w3.org/TR/xpath (http://www.w3.org/TR/xpath) XPath is a query language for XML documents, much like SQL is a query language for databases. Instead of tables, columns, and rows XML files have nodes in a tree. And like SQL, XPATH also had the potential for injection issues if queries are not properly sanitized. Why is XPath Injection so dangerous? XPath 1.0 is a standard... Video: Man-in-the-Middle Attack on MySpace with Cain By Brian Wilson, CISSP, CCNA, CCSE, CCAI, MCP, Network+, Security+, JNCIA Last year at ChicagoCon 2007, Brian Wilson gave a great talk entitled Cain Abel: Windows Can Hack, Too! Although the presentation and audio recording of the talk can be downloaded from the ChicagoCon site at Library Media Lab 2007 Evening Presentation Files, I had totally forgotten to publish his videos. Just in case things didn't go as planned during the live event or his laptop crapped out on him, Brian made a video of the MITM attack he demonstrated using Cain. They made... ChicagoCon 2008s - World Class Security Training & Ethical Hacking Conference ChicagoCon 2008s from May 12 - 18, 2008 features all new keynoters, additional security boot camps, exams on-site followed by two days of ethical hacking presentations and breakout sessions. And without an exhibit hall full of sales pitches, you're free to learn from the pros, network with peers and advance your infosec career. Westchester, IL (PRWEB) January 29, 2008 -- Presented by the Ethical Hacker Network (EH-Net) and its parent company, The Digital Construction Company (TDCC), ChicagoCon is positioned to become the premier security event in the industry by bringing together the biggest names in education and certification under one... Luck, Career Goals and a CISSP Boot Camp Editor's Note: This article was written in 2005 and was originally published on CSP Magazine. Due to numerous requests, it is being republished on EH-Net. It is said that luck seems to find those prepared for it. And, as difficult as it is to admit, stuff happens. We may find that our current job doesn't satisfy our financial or intellectual goals, a natural disaster may strike or, the unthinkable, we may be deemed expendable! If you had to hit the pavement tomorrow, do you have the knowledge and experience to determine your own destiny? If not, what is lacking in... Insider's View of Certified Expert Penetration Tester (CEPT) When approaching security industry luminaries over the course of the last year about the CEPT certification, the typical first response I have received is usually quite blunt: Oh great , YET ANOTHER CERTIFICATION. Just what the security industry needs . And, to this point, I do have to agree, the security industry does not need another certification that: Tests a basic level of knowledge of INFOSEC subjects (ala the CISSP, SECURITY+, SCNP, ad infinitum.) Only tests the ability to regurgitate memorized information over a 2-6 hour time period Is easily compromised by cheaters downloading actual exam questions for $59.90... Frosty the Snow Crash The Clock Has Struck 12 Like it or not, it's that time of year again. At least we have the continuing EH-Net tradition of an Ed Skoudis Holiday Challenge to get you through those days of brain freeze... and maybe even system freezes. Dive into the head of Ed Skoudis as he takes you into the cyberpunk world of Neal Stephenson with a little twist as only Ed can deliver. Remember Challenge Fans, as always, we’ll award three prizes: One for the best technical answer, one for the most creative answer that is technically correct, and one awarded to a... Review: EnGarde Secure Linux (LiveCD) EnGarde Secure Community 3.0.18 (http://www.engardelinux.org/modules/index/releases/3.0.18.cgi) (Version 3.0, Release 18) on Dec 4, 2007. This release includes many updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, and a few new features. This review was done with a prior release.

Register Now for ChicagoCon 07

Registration for 2008f Now Open!

For Pre-Con ?s

This e-mail address is being protected from spam bots, you need JavaScript enabled to view it

ChicagoCon News