HackFest This Saturday at UAT Noon until 3ISH BUFFER OVERFLOWs In Linux

Lyle Tuttle L.tuttle at cox.net
Thu Mar 12 18:16:09 MST 2009 

At 05:21 PM 3/12/2009, you wrote:
>Join us at UAT in room 128, as we discuss the 
>wonderful world of buffer overflow exploits in Linux Security:
>
>Agenda:
>
>Noon until 12:30 Greet, boot and rummage for last minute items.
>12:30 to 12:45 Download presentation materials, get machines going.
>12:45 Start Presentation - Lisa Kachold
>
>             OverView History of Buffer Overflows
>             Simplified Stack Architecture
>             Code disassembly and build tools
>             Stack overflow demonstration
>             Layer Up or Stack above TCP
>             Layer Down or Stack through to Application Layer
>             Proof of Exploit on Production Systems
>             Layer 8 or Mitigating the Risks
>
>2:00 Break
>2:15 Hack to Learn Labs
>
>We have desktops limited by UAT for web proxy 
>and DNS/DHCP [Microsoft/Cisco MAC Address 
>hammered down] running Win XP; we can boot Live 
>CD's - but complete Internal DNS is also limited 
>by MSDNS (external DNS is filtered) - so if you 
>can port forward to your own DNS cache server 
>for external DNS you have a fully featured Linux.
>
>UAT Wireless works, so if you bring your own 
>Notebooks and LiveCD's you can easily hack using 
>both systems, referring to reference materials via your own equipment.
>
>Alternately during the lab portion, we can 
>successfully work in teams (to obtain escalated 
>privs via buffer overflow) from one UAT Desktop 
>running LiveCD while researching lab materials 
>and accessing online sources from the other XP.
>
>These are basic skills for everyone to grasp, so come on over.

Uh, it's that basic stuff that has me 
worried....  Heck, I don't even know what UAT is, let alone MSDNS.......<G>

>Everyone attending HackFests agree to interact 
>as ethical professionals, target only the 
>systems that are clearly designated, and announce all flags.
>
>
><http://en.wikipedia.org/wiki/Lisa_Kachold>Nosis| 
><http://www.obnosis.com/>Obnosis | (503)754-4452
><http://http//plug.phoenix.az.us>PLUG 
><http://uat.edu/>Linux Security Labs 2nd Saturday Each Month at Noon - 3PM
>
>
>
>
>----------
>Windows Live™ Groups: Create an online spot for 
>your favorite groups to meet. 
><http://windowslive.com/online/groups?ocid=TXT_TAGLM_WL_groups_032009>Check 
>it out.
>---------------------------------------------------
>PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>To subscribe, unsubscribe, or to change your mail settings:
>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20090312/e1ded2f7/attachment.htm

More information about the PLUG-discuss mailing list