The Ethical Hacker Network
close

Partners

Training Camp

Digital Construction Company

InfoSec Institute

Gold Sponsor

EC-Council
LearnSecurityOnline
Security Certified Program

Silver Sponsor

CompTIA

Voltage Security

 

For more info on all sponsors, click here.

For Sponsorship Opportunities, click here.

Top Panel
Sponsors
Top Panel

Thank You - ChicagoCon 2008s

  
Thanks everyone for another successful event. See you in the Fall!

Presentation files and MP3s will soon be available in the Media Lab.

Friday, 04 July 2008

Site Login

Course Description: Cutting-Edge Hacking Techniques Print E-mail

Special 2-Day Workshop provided by the SANS Institute
Cutting-Edge Hacking Techniques - Hands On


Course taught by keynoter, Matthew Carpenter

Course written by Ed Skoudis


registerbutton.gif

  

As computer attackers ramp up their abilities, information security professionals must also keep our skills sharp in preventing, detecting, and responding to attacks. Based on the experiences of the SANS Internet Storm Center incident handling team, this session provides hands-on experience with attack and defense methodologies from the real-world released in the past twelve months. We'll also analyze emerging attack vectors that incident handlers are just starting to cope with in the wild. Each attack will be covered from an incident handlers' mindset, with a detailed and lively discussion of how to respond when an organization comes under fire. Also, numerous hands-on exercises will help incident handlers get into the mindset of attackers so they can counter the bad guys' moves.

 

Hands-on exercises throughout the session will build to a capture the flag event during the last half of the second day. In this engaging challenge, attendees will work in teams to apply what they have learned in a reality-based, hands-on attack scenario, with prizes awarded to the winning team.

 

  • Who Should Attend
    • Incident handlers charged with responding to computer and network attacks
    • Information security practitioners who need to understand and counter attacks
    • System administrators who need to fortify their systems to prevent attack
  • Pre-Requisite Knowledge
    • A fundamental knowledge of TCP/IP (three-way handshake, fragmentation, etc.)
    • An understanding of how the stack functions under buffer overflow conditions
    • Basic Linux and Windows navigation skills (logging in, running programs, etc.)
    • No software programming skills are required, but an understanding of computer architectures (e.g., stack, heap, boot sequence, etc.) is helpful
  • Tutorial Objectives
    • Analyze how recent attacks function from a hands-on perspective so that incident handlers can respond to them in their environment
    • Understand how to prevent these attacks from occurring
    • Evaluate how to detect attacks that bypass security controls
    • Gain hands-on experience with the attacks and defenses during the capture the flag challenge
  • A Sampling of Topics
    • Advanced Google searches to find vulnerable systems
    • Going beyond ARP cache poisoning and MAC flooding: new layer-2 attacks
    • IPS fingerprinting and locating, as well as the possibility of IPS/IDS kill packets
    • Browser exploitation through scripting and how it can lead to undermining an enterprise's infrastructure
    • Recent bot functionality and how to counter it, including the evolution of bot command-and-control, business models, and technical functionality
    • The latest rootkits, burrowing into firmware and virtual machines
    • The evolving spyware menace, and methodologies for thwarting it by leveraging infrastructure components such as DNS, web proxies, and Active Directory
    • Virtual machine attacks, including detection and the possibility of escaping from the Matrix into a host machine
 
< Prev   Next >
[ Back ]
Register Now for ChicagoCon 07
Registration Is Open for 2008s!

  

For Pre-Con ?s

This e-mail address is being protected from spam bots, you need JavaScript enabled to view it

ChicagoCon News