(partial) Fwd: [aztech-events] [...] 2-day IP3 ISSA Security Conference Oct22-23

Lisa Kachold lisakachold at obnosis.com
Sat Oct 18 09:35:51 MST 2008 

That appears to be put on by IP3?  Here are more IP3 Podcasts for their Security Training (which is supported by Cisco for CCISP credits) $695.00 year. (Where the DoD sends their professionals?)

Here's a [free] discussion of BGP threats from Dan Kaminski  at DefCon 16 2008 (including information on what the HomeLand Security and NSA plan to do about it):
http://blog.wired.com/27bstroke6/2008/08/how-to-intercep.html

There's a good indepth discussion of the BGP exploit from the archives of Wired (November 2001 Umar Goldeli, A 30 minute crash-course on BGP 7 years after it was identified).

Here are the Actual SLIDES from the DefCon 16 2008 discussion of the BGP inherent flaw:
http://blog.wired.com/27bstroke6/files/edited-iphd-2.ppt

Patrick McDaniels' Trace of Current Internet BGP Exploits from 2005:
http://www.patrickmcdaniel.org/talks/deter-workshop-9-05.pdf

Here's the CERT proof of concept from 2004 for the script bgp-dosv2.pl:
http://www.us-cert.gov/cas/body/bulletins/SB2004_exploits.html

Here's the location of a BGP script from 2004 that runs the BGP Zero Window exploit of sequence numbers from the archives:
http://packetstormsecurity.org/0404-exploits/
http://packetstormsecurity.org/papers/protocols/SlippingInTheWindow_v1.0.doc

Other script examples exist in the DefCon and 2600 archives from 1995 forward.

Extra Credit: Here's the TCP Zero Window Reset exploit (3 way RST handshake exploit 1996 ) [also called "TCP TREASON"]:
http://articles.techrepublic.com.com/5100-10878_11-5201771.html

http://wapedia.mobi/en/Obnosis |  http://en.wiktionary.org/wiki/Citations:obnosis | Obnosis.com (503)754-4452
Date: Sat, 18 Oct 2008 01:55:31 -0700
From: schwartz at acm.org
To: plug-discuss at lists.plug.phoenix.az.us
Subject: (partial) Fwd: [aztech-events] [...] 2-day IP3 ISSA Security	Conference Oct22-23
CC: schwartz at acm.org

If you can't read the message here:    http://groups.yahoo.com/group/aztech-events/message/2813then you might have to "join" that "group" in order to do so.
Here are the first few lines:<< "

from
Debbie Christofferson<Debbiechristofferson at earthlink.net>

reply-to
Debbie Christofferson <debbiechristofferson at earthlink.net>


to
"aztech-events at yahoogroups.com" <aztech-events at yahoogroups.com>


date
Fri, Oct 17, 2008 at 3:24 PM

subject
[aztech-events] LAST CALL 2-day IP3 ISSA Security Conference Oct22-23

mailing list
<aztech-events.yahoogroups.com>

IP3 Security Conference: "Strategy to Reality: Don't Look Back"

Sponsored by University of Phoenix and Your Phoenix ISSA (Information Systems Security Association)

Date: October 22-23, 2008 (Wed-Thrs) 


Time: 8:00am-4:30pm 

Place: University of Phoenix, Bldg. 7, Riverpoint, Rooms 101-102, 1st Floor, 
Address: 4025 S. Riverpoint Parkway, Phoenix, AZ 85040

This is a must attend event for the serious IT security professional. The educational nature of this workshop will help prepare you for devising an effective and secure defensive strategy in architecting or securing your networks [...] " >>
-- 
Mike Schwartz    
Glendale  AZ 
schwartz at acm.org



_________________________________________________________________
You live life beyond your PC. So now Windows goes beyond your PC.
http://clk.atdmt.com/MRT/go/115298556/direct/01/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20081018/081b9a54/attachment.htm

More information about the PLUG-discuss mailing list