At 05:21 PM 3/12/2009, you wrote:
>Join us at UAT in room 128, as we discuss the
>wonderful world of buffer overflow exploits in Linux Security:
>
>Agenda:
>
>Noon until 12:30 Greet, boot and rummage for last minute items.
>12:30 to 12:45 Download presentation materials, get machines going.
>12:45 Start Presentation - Lisa Kachold
>
> OverView History of Buffer Overflows
> Simplified Stack Architecture
> Code disassembly and build tools
> Stack overflow demonstration
> Layer Up or Stack above TCP
> Layer Down or Stack through to Application Layer
> Proof of Exploit on Production Systems
> Layer 8 or Mitigating the Risks
>
>2:00 Break
>2:15 Hack to Learn Labs
>
>We have desktops limited by UAT for web proxy
>and DNS/DHCP [Microsoft/Cisco MAC Address
>hammered down] running Win XP; we can boot Live
>CD's - but complete Internal DNS is also limited
>by MSDNS (external DNS is filtered) - so if you
>can port forward to your own DNS cache server
>for external DNS you have a fully featured Linux.
>
>UAT Wireless works, so if you bring your own
>Notebooks and LiveCD's you can easily hack using
>both systems, referring to reference materials via your own equipment.
>
>Alternately during the lab portion, we can
>successfully work in teams (to obtain escalated
>privs via buffer overflow) from one UAT Desktop
>running LiveCD while researching lab materials
>and accessing online sources from the other XP.
>
>These are basic skills for everyone to grasp, so come on over.
Uh, it's that basic stuff that has me
worried.... Heck, I don't even know what UAT is, let alone MSDNS.......<G>
>Everyone attending HackFests agree to interact
>as ethical professionals, target only the
>systems that are clearly designated, and announce all flags.
>
>
><http://en.wikipedia.org/wiki/Lisa_Kachold>Nosis|
><http://www.obnosis.com/>Obnosis | (503)754-4452
><http://http//plug.phoenix.az.us>PLUG
><http://uat.edu/>Linux Security Labs 2nd Saturday Each Month@Noon - 3PM
>
>
>
>
>----------
>Windows Live Groups: Create an online spot for
>your favorite groups to meet.
><http://windowslive.com/online/groups?ocid=TXT_TAGLM_WL_groups_032009>Check
>it out.
>---------------------------------------------------
>PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>To subscribe, unsubscribe, or to change your mail settings:
>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)