(partial) Fwd: [aztech-events] [...] 2-day IP3 ISSA Security Conference Oct22-23
Lisa Kachold
lisakachold at obnosis.com
Sat Oct 18 09:35:51 MST 2008
That appears to be put on by IP3? Here are more IP3 Podcasts for their Security Training (which is supported by Cisco for CCISP credits) $695.00 year. (Where the DoD sends their professionals?)
Here's a [free] discussion of BGP threats from Dan Kaminski at DefCon 16 2008 (including information on what the HomeLand Security and NSA plan to do about it):
http://blog.wired.com/27bstroke6/2008/08/how-to-intercep.html
There's a good indepth discussion of the BGP exploit from the archives of Wired (November 2001 Umar Goldeli, A 30 minute crash-course on BGP 7 years after it was identified).
Here are the Actual SLIDES from the DefCon 16 2008 discussion of the BGP inherent flaw:
http://blog.wired.com/27bstroke6/files/edited-iphd-2.ppt
Patrick McDaniels' Trace of Current Internet BGP Exploits from 2005:
http://www.patrickmcdaniel.org/talks/deter-workshop-9-05.pdf
Here's the CERT proof of concept from 2004 for the script bgp-dosv2.pl:
http://www.us-cert.gov/cas/body/bulletins/SB2004_exploits.html
Here's the location of a BGP script from 2004 that runs the BGP Zero Window exploit of sequence numbers from the archives:
http://packetstormsecurity.org/0404-exploits/
http://packetstormsecurity.org/papers/protocols/SlippingInTheWindow_v1.0.doc
Other script examples exist in the DefCon and 2600 archives from 1995 forward.
Extra Credit: Here's the TCP Zero Window Reset exploit (3 way RST handshake exploit 1996 ) [also called "TCP TREASON"]:
http://articles.techrepublic.com.com/5100-10878_11-5201771.html
http://wapedia.mobi/en/Obnosis | http://en.wiktionary.org/wiki/Citations:obnosis | Obnosis.com (503)754-4452
Date: Sat, 18 Oct 2008 01:55:31 -0700
From: schwartz at acm.org
To: plug-discuss at lists.plug.phoenix.az.us
Subject: (partial) Fwd: [aztech-events] [...] 2-day IP3 ISSA Security Conference Oct22-23
CC: schwartz at acm.org
If you can't read the message here: http://groups.yahoo.com/group/aztech-events/message/2813then you might have to "join" that "group" in order to do so.
Here are the first few lines:<< "
from
Debbie Christofferson<Debbiechristofferson at earthlink.net>
reply-to
Debbie Christofferson <debbiechristofferson at earthlink.net>
to
"aztech-events at yahoogroups.com" <aztech-events at yahoogroups.com>
date
Fri, Oct 17, 2008 at 3:24 PM
subject
[aztech-events] LAST CALL 2-day IP3 ISSA Security Conference Oct22-23
mailing list
<aztech-events.yahoogroups.com>
IP3 Security Conference: "Strategy to Reality: Don't Look Back"
Sponsored by University of Phoenix and Your Phoenix ISSA (Information Systems Security Association)
Date: October 22-23, 2008 (Wed-Thrs)
Time: 8:00am-4:30pm
Place: University of Phoenix, Bldg. 7, Riverpoint, Rooms 101-102, 1st Floor,
Address: 4025 S. Riverpoint Parkway, Phoenix, AZ 85040
This is a must attend event for the serious IT security professional. The educational nature of this workshop will help prepare you for devising an effective and secure defensive strategy in architecting or securing your networks [...] " >>
--
Mike Schwartz
Glendale AZ
schwartz at acm.org
_________________________________________________________________
You live life beyond your PC. So now Windows goes beyond your PC.
http://clk.atdmt.com/MRT/go/115298556/direct/01/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20081018/081b9a54/attachment.htm
More information about the PLUG-discuss
mailing list