Alexey Smirnov is a PhD student in the department of Computer Science at Stony Brook University. His is broadly interested in computer security, operating systems, and networks. He has been working on various systems research projects in the past such as Repairable Database Systems and DIRA. Alexey expects to complete his PhD within the next two or three years.
Alex Stamos is a founding partner of iSEC Partners, LLC, a strategic digital security organization, with several years experience in security and information technology. Alex is an experienced security engineer and consultant specializing in application security and securing large infrastructures, and has taught many classes in network and application security.
Before he helped form iSEC Partners, Alex spent two years as a Managing Security Architect with @stake. Alex performed as a technical leader on many complex and difficult assignments, including a thorough penetration test and architectural review of a 6 million line enterprise management system, a secure re-design of a multi-thousand host ASP network, and a thorough analysis and code review of a major commercial web server. He was also one of @stake's West Coast trainers, educating select technical audiences in advanced network and application attacks.
Before @stake, Alex had operational security responsibility over 50 Fortune-500 web applications. He has also worked at a DoE National Laboratory.He holds a BSEE from the University of California, Berkeley, where he participated in research projects related to distributed secure storage and automatic C code auditing.
I am a doctoral student in the sociology department at the University of Nevada, Las Vegas. The vast majority of my friends are "techies," and as a social scientist, I'm a bit of an outcast. I mitigate some of that by focusing my research attention on the effects of technology on and within society. While getting my master's degree in Criminal Justice at Grand Valley State University, I began to look at some of the laws protecting information and technology, and their social consequences. For my dissertation, I'd like to turn my attention specifically on hackers, hactivism, and global social movements. In my spare time I'm a big time gaming geek which I balance with my addiction to drag racing and canyon carving on my sport bike.
Andre Gold is currently Director of Information Security at Continental Airlines, one of the world's largest and most successful commercial and freight transportation providers. Before assuming his current role, Mr. Gold served as Technical Director of Internet Services, responsible for Continental's continental.com property, which contributes over a billion dollars a year in revenue for Continental. Prior to Continental Airlines, Inc. Mr. Gold worked as a consultant in the IT industry. Mr. Gold has a BBA in Computer Information Systems from the University of Houston-Downtown and received his commission in the Army from Wentworth Military Academy. In addition to his position at Continental, Mr. Gold servers on the Microsoft Chief Security Officer Council, the Skyteam Data Privacy and Security Subcommittee, as well as eEye Digital Security's Executive Advisory Council.
Annalee Newitz is EFF's Policy Analyst. She writes policy recommendations and white papers, including recent papers on the dangers of EULAs, the problems with anti-spam regimes, and how to blog anonymously. Her special areas of interest are free speech, anonymity, network regulation, and expanding the public domain. The recipient of a Knight Science Journalism Fellowship in 2002, she writes a syndicated weekly column called Techsploitation and is a contributing editor at Wired magazine.
Anthony currently works for Logic Library Inc as a software engineer developing static binary analysis software. He has been active in computer and network security since early highschool. His main interests lie in kernel development, binary reverse engineering, and embedded systems.
Ben Kurtz is a principal researcher and developer of threat generation and analysis technologies at Imperfect Networks. Earlier, he earned his Masters of Computer Science by applying language theory to the visual analysis of probe data under the DARPA DASADA program, but has since discovered that it's much easier to break something than to fix it. In other incarnations, he has worked on critical systems for power plants, passenger jets, and insurance companies. If you knew him better, this would make you nervous.
Phen has been doing social engineering since the late 1980's. Starting off by running a BBS and convincing the local ISP to give her free Internet usage to " working " at West Point Military Academy. She has used her skills to get into places such as the World Bank, Lockheed & Martin, AT&T, along with the Bank of England & other corporate and financial institutions. Although not a member, Her current affiliations are with The Ninja Strike Force on behalf of Cult of the Dead Cow, which whom she has been working on projects with for the past 4 years. She enjoy's red lipstick, black skirts and strong tequila.
Broward Horne is a software developer with a diverse background, including several years as an electronic technician at Litton and Teradyne and as a sysadmin at a major University. Broward also has a business background, doing contract work for the United States Department of Transportation on experimental pen-based systems, early wireless LANs and two-dimension barcoding.
Since 1999, he has been in java software development, mostly for sales and ordering systems in large corporations. Prior to 1991, he hacked internal networks at two major electronics companies out of curiosity, but never intentionally damaged or sabotaged any system or network.
For the past thirteen years, Broward has done business intelligence and analysis against various internet data sources, including the usenet newsgroups, Dice.com, Monster.com, Google and other search engines. This analysis kept him gainfully employed throughout the Dotcom Crash. More at http://www.realmeme.com
The Shmoo Group is a non-profit think-tank comprised of security professionals from around the world who donate their free time and energy to information security research and development. They get a kick out of sharing their ideas, code, and stickers at DefCon. Whether it's mercenary hacking for CTF teams, lock-picking, war-flying, or excessive drinking, TSG has become a friendly DefCon staple in recent years past. Visit www.shmoo.com for more info.
Cerebus has worked for 10 years for one of the world's largest Marketing Database companies. He has designed Identity detection schemes for some of the top credit agencies in the US.
Christian Grothoff is a Ph.D. Student in Computer Sciences at UCLA. His research areas are programming languages and security with focus on privacy enhancing technologies. He started and maintains the GNUnet, the GNU project for secure peer-to-peer networking with focus on anonymous file-sharing. Together with Krista Bennett he started the Lost in Translation (LiT) project, which explores new ideas in text steganography.
Chuck Willis received his M.S. in Computer Science from the University of Illinois at Urbana-Champaign in 1998. After graduation, he spent five years conducting computer forensics and network intrusion investigations as a U.S. Army Counterintelligence Special Agent. Following a brief foray into security software engineering, Chuck is now conducting Penetration Testing and Vulnerability Assessments as a security contractor. Chuck has previously spoken at the Black Hat Briefings USA and the IT Underground security conference in Europe. Chuck has contributed to several open source security software projects and is a member of the Open Web Application Security Project, a Certified Information Systems Security Professional, and a Certified Forensic Computer Examiner. Chuck's past presentations are available on his Web site at http://www.securityfoundry.com/
Daniel Burroughs is currently an Assistant Professor in the College of Engineering at the University of Central Florida. His current research involves the development of the Florida Department of Law Enforcement Data Sharing Consortium and the development of a undergraduate security engineering program at UCF. His past work at the Institute for Security Technology Studies at Dartmouth College focused on using target tracking techniques to correlate data from multiple IDS and other sensors spread over large scale networks.
Dan Kaminsky, also known as Effugas, is a Senior Security Consultant for Avaya's Enterprise Security Practice, where he works on large-scale security infrastructure. Dan's experience includes two years at Cisco Systems designing security infrastructure for large-scale network monitoring systems.
He is best known for his work on the ultra-fast port scanner scanrand, part of the "Paketto Keiretsu", a collection of tools that use new and unusual strategies for manipulating TCP/IP networks. He authored the Spoofing and Tunneling chapters for "Hack Proofing Your Network: Second Edition", was a co-author of "Stealing The Network: How To Own The Box", and has delivered presentations at several major industry conferences, including Linuxworld, DefCon, and past Black Hat Briefings.
Dan was responsible for the Dynamic Forwarding patch to OpenSSH, integrating the majority of VPN-style functionality into the widely deployed cryptographic toolkit. Finally, he founded the cross-disciplinary DoxPara Research in 1997, seeking to integrate psychological and technological theory to create more effective systems for non-ideal but very real environments in the field. Dan is based in Silicon Valley.
David joined Bessemer Venture Partners in 1992. David has since made 43 early-stage investments for Bessemer, including 19 that have gone public, and 16 that have been acquired by public companies. David initially focused on communications technology companies like Ciena, P-Com, and PSI-Net, and then internet services such as Keynote, Flycast, Hotjobs and Blue Nile. In 1995 he cofounded Verisign as a Bessemer-funded spinout of RSA, serving as VeriSign's initial Chairman and CFO. His other data security investments have included Counterpane, Cyota, Determina, eEye, Elemental Security, Finjan, ON Technology (acquired by Symantec), Postini, Qualys, Tripwire, Tumbleweed, Valicert and Worldtalk (both of which Tumbleweed acquired). David also teaches computer science at the Keys Middle School in Palo Alto. He received both his A.B. in math and computer science and his M.B.A. degrees from Harvard University.
David Hulton is one of the founding members of Pico Computing, Inc., a manufacturer of compact embedded FPGA computers and dedicated to developing revolutionary open source applications for FPGA systems. He is also one of the founding members of Dachb0den Research Labs, a non-profit security research think-tank, is currently the Chairman of ToorCon Information Security Conference and has helped start many of the security and unix oriented meetings in San Diego, CA.
David Mortman, Chief Information Security Officer for Siebel Systems, Inc., and his team are responsible for Siebel Systems' worldwide IT security infrastructure, both internal and external. He also works closely with Siebel's product groups and the company's physical security team. Previously, Mr. Mortman was Manager of IT Security at Network Associates, where, in addition to managing data security, he deployed and tested all of NAI's security products before they were released to customers. Before that, Mortman was a Security Engineer for Swiss Bank. A CISSP, member of USENIX/SAGE and ISSA, and speaker at RSA 2002 and 2005 security conferences, Mr. Mortman has also been a panelist at InfoSecurity 2003 and Blackhat 2004. He holds a BS in Chemistry from the University of Chicago.
Both Dean and Brandon are undergraduates in computer science at Portland State University. Both have very strong interests in the fields of wireless communications, network security, and cryptanalysis. They are also active members of pdx2600.
Deral Heiland serves as a Network Security Analyst for a fortune 500 company. Mr. Heiland manages application and network vulnerability testing, Intrusion Detection Systems, controls firewall security and anti-virus efforts. With over a decade of work in the Information Technology field, Mr. Heiland has obtained several certifications including: CISSP, SSCP, CCNA, CWLSS, and CNE5. Prior positions held include: Network Administrator, Senior Network Analyst, Database Manager, and Financial Systems Manager.
While paying the bills as a network engineer, Deviant Ollam's first and strongest love has always been teaching. Employed periodically at schools in the greater Philadelphia area, he is presently a student at the New Jersey Institute of Technology in the hopes of tacking some actual letters to his name and doing the professor gig full time. A fanatical supporter of First Amendment rights who believes that the best way to increase security is to publicly disclose vulnerabilities, Deviant has given lockpick demonstrations at other con events and various schools.
Elizabeth Stark is the main law student of freeculture.org. She went to Brown University and is currently attending Harvard Law School, where she is involved with the Berkman Center for Internet and Society on such issues as the digital media project, internet filtering reports, and drafting an Internet and technology law casebook. She is also an editor of the Harvard Journal of Law Technology, soon to be a Teaching Assistant in Cyberlaw, and conducts research for Professor Jonathan Zittrain. Elizabeth has worked and studied in such places as Berlin, London, Paris, and Singapore, is highly interested in the impact of technology on digital culture, and is (semi-) obsessed with electronic music. She is spending the summer as a legal intern at the EFF, where she gets to think about such issues 24/7.
Fabio Ghioni is advisor to several Multinational Corporations as well as Governments. He is the leading expert in the field of information security, competitive intelligence and intrusion management in an asymmetric environment. As consultant to several different Government institutions he has been the key to the solution of several terrorism cases in the past. He has serviced leading international corporations involved in the military, telecommunications, banking and technology industries. His key fields of research range from mobile and wireless competitive security to the classification of information and forensics technologies applied to identity management and ambient intelligence.
The panel chairperson and organizer is Matthew L. Shuchman (Pilgrim,) who began as a hacker in the days of punch cards. Mr. Shuchman is a founder of WarDrivingWorld.com, a web-based retailer of WarDriving and extended range WiFi hardware and a published author on business and the need for data security, see: McGrawHill/AMACOM, "The Art of the Turnaround".
Mr. Shuchman has obtained commitments from two other panel members: Frank Thornton (Thorn,) who runs a wireless technology consulting firm, Blackthorn System.
Thorn is the co-author of "WarDriving; Drive, Detect, Defend", and a retired member of the law enforcement community.
Robert V. Hale II, San Francisco-based lawyer, author of the recent article"Wi-Fi Liability: Potential Legal Risks in Accessing and Operating Wireless Internet," and advisor to the Cyberspace Committee of the California Bar. We are waiting for commitments from at least one other potential panel member.
Fred Benenson graduated in May with honors from New York University's with a major in Philosophy and a minor in Computer Science. He founded the official NYU chapter of the national student organization freeculture.org. He has worked professionally as a graphic designer, web programmer, and IT technician and owns at least one DeCSS shirt. When he's not involving himself in the future of intellectual property rights (or lack thereof), he likes to take pictures for his photoblog http://fasinphotoblog.com, solve the cube, and listen to copious amounts of electronic music. He is working as a Free Culture intern this summer at Creative Commons.
Fyodor authored the popular Nmap Security Scanner, which was named security tool of the year by Linux Journal, Info World, and the Codetalker Digest. It was also featured in the hit movie "Matrix Reloaded" as well as by the BBC, CNet, Wired, Slashdot, Securityfocus, and others. He also maintains the Insecure.Org and Seclists.Org security resource sites and has authored seminal papers detailing techniques for stealth port scanning, remote operating system detection via TCP/IP stack fingerprinting, version detection, and the IPID Idle Scan. He is a member of the Honeynet project and a co-author of the books Know Your Enemy: Honeynets and Stealing the Network: How to Own a Continent.
Greg Conti is an Assistant Professor of Computer Science at the United States Military Academy. He holds a Masters Degree in Computer Science from Johns Hopkins University and a Bachelor of Science in Computer Science from the United States Military Academy. His areas of expertise include network security, information visualization and information warfare. Greg has worked at a variety of military intelligence assignments specializing in Signals Intelligence. Currently he is on a Department of Defense Fellowship and is working on his PhD in Computer Science at Georgia Tech. His work can be found at www.cc.gatech.edu/~conti and www.rumint.org.
hellNbak has been around the IT Security industry for 13 years and is the resident trouble maker of NMRC. In his spare time he is the founder and moderator of VulnWatch (www.vulnwatch.org) and a data mangler for OSVDB (www.osvdb.org).
Hernan Gips worked as security consultant for 6 years in a top security consulting company in Buenos Aires, Argentina. Doing both Pentesting and Code Auditing for local and international companies. He worked as developer and architect in many different technologies including C, C++, Java and .NET.
Gips has been a speaker at many local conferences and two international conferences last year, G-Con at Mexico City and the other in Colombia.
Gips has been participating in some projects like msyslog.
Ian Clarke is the architect and coordinator of The Freenet Project, and the Chief Executive Officer of Cematics Ltd, a company he founded to realise commercial applications for the Freenet technology. Ian is the co-founder and formerly the Chief Technology Officer of Uprizer Inc., which was successful in raising $4 million in A-round venture capital from investors including Intel Capital. In October 2003, Ian was selected as one of the top 100 innovators under the age of 35 by the Massachusetts Institute of Technology's Technology Review magazine . Ian holds a degree in Artificial Intelligence and Computer Science from Edinburgh University, Scotland. He has also worked as a consultant for a number of companies including 3Com, and Logica UK's Space Division. He is originally from County Meath, Ireland, and currently resides in Edinburgh, Scotland.
Jack C. Louis is a Senior Security Researcher for Dyad Labs. He has a background in core networking technologies, systems programming, and electronics. Jack is the lead programmer behind Unicornscan, a distributed data information engine for the the OSACE project. Jack is also the lead author of cruiser, a web application testing tool in the OSACE suite. Jack has given lectures on building secure software, offensive programming, and building miscellaneous electronic components to solve a wide variety of problems at hand. Jack is also an ISECOM OPST & OPSA Certified Instructor.
Jamie Butler is the Director of Engineering at HBGary, Inc. specializing in rootkits and other subversive technologies. He is the co-author and a teacher of "Aspects of Offensive Rootkit Technologies" and co-author of the upcoming book "Rootkits: Subverting the Windows Kernel" due out late July. Prior to accepting the position at HBGary, he was a senior developer on the Windows Host Sensor at Enterasys Networks, Inc. and a computer scientist at the NSA. He holds a MS in CS from UMBC and has published articles in the IEEE IA Workshop proceedings, Phrack, USENIX login, and Information Management and Computer Security. Over the past few years his focus has been on Windows servers concentrating in host based intrusion detection and prevention, buffer overflows, and reverse engineering. Jamie is also a contributor at rootkit.com.
Jason Scott has been full-bore collecting history of BBSes and computer culture for 20 years, with the last four being split equally between his BBS history site textfiles.com and his documentary on Dial-up Bulletin Boards, "BBS: The Documentary". With over 200 interviews and 250 hours of footage, this project overtook his life for a very long time and in a very large way. His hobbies include gardening and enjoying civil liberties.
Jay Beale is a information security specialist, well known for his work on mitigation technology, specifically in the form of operating system and application hardening. He's written two of the most popular tools in this space: Bastille Linux, a lockdown tool that introduced a vital security-training component, and the Center for Internet Security's Unix Scoring Tool. Both are used worldwide throughout private industry and government. Through Bastille and his work with the Center, Jay has provided leadership in the Linux system hardening space, participating in efforts to set, audit, and implement standards for Linux/Unix security within industry and government. He also focuses his energies on the OVAL project, where he works with government and industry to standardize and improve the field of vulnerability assessment. Jay is also a member of the Honeynet Project, working on tool development.
Jay has served as an invited speaker at a variety of conferences worldwide as well as government symposia. He's written for Information Security Magazine, SecurityFocus, and the now-defunct SecurityPortal.com. He has worked on four books in the Information Security space. Three of these make up his Open Source Security Series, while one is a technical work of fiction entitled <http://www.oreilly.com/catalog/1931836051/index.html>"Stealing the Network: How to Own a Continent."
Jay makes his living as a security consultant with the firm Intelguardians, which he co-founded with industry leaders Ed Skoudis, Eric Cole, Mike Poor, Bob Hillery and Jim Alderson, where his work in penetration testing allows him to focus on attack as well as defense. Prior to consulting, Jay served as the Security Team Director for MandrakeSoft, helping set company strategy, design security products, and pushing security into the third largest retail Linux distribution.
Jennifer Stisa Granick joined Stanford Law School in January 2001, as Lecturer in Law and Executive Direcstor of the Center for Internet and Society (CIS). She teaches, speaks and writes on the full spectrum of Internet law issues including computer crime and security, national security, constitutional rights, and electronic surveillance, areas in which her expertise is recognized nationally.
Granick came to Stanford after almost a decade practicing criminal defense law in California. Her experience includes stints at the Office of the State Public Defender and at a number of criminal defense boutiques, before founding the Law Offices of Jennifer S. Granick, where she focused on hacker defense and other computer law representations at the trial and appellate level in state and federal court. At Stanford, she currently teaches the Cyberlaw Clinic, one of the nation's few public interest law and technology litigation clinics.
Granick continues to consult on computer crime cases and serves on the Board of Directors of the Honeynet Project, which collects data on computer intrusions for the purposes of developing defensive tools and practices and the Hacker Foundation, a research and service organization promoting the creative use of technological resources.
She was selected by Information Security magazine in 2003 as one of 20 "Women of Vision" in the computer security field. She earned her law degree from University of California, Hastings College of the Law and her undergraduate degree from the New College of the University of South Florida.
Jesse Krembs is the Head Defcon Speaker goon, and has been involved with Defcon since 1998. He is co-founder of the Hacker Foundation and its current president. He travels widely doing radio survey work & wireless installation for Fortune 500 companies. He restores classic motorcycles and naps in his spare time.
Jim "FalconRed" Rennie is currently a law student in New York City. Previously, he spent several years as a Software Engineer at two Seattle-area companies. While in Seattle, he met up with the infamous GhettoHackers, which probably shortened his life expectancy by several years. Jim has been attending DefCon long enough to know who not to piss off.
Jives has been doing computer security at a major research university for over 5 years. After initially specializing in host security he has moved into network security. In this area he has written several evidence gathering scripts. Recently he has made a hobby out of using the network to answer questions about the host.
Johnny Long is a "clean-living" family guy who just so happens to like hacking stuff. Over the past two years, Johnny's most visible focus has been on this Google hacking "thing" which has served as yet another diversion to a serious (and bill-paying) job as a professional hacker and security researcher for Computer Sciences Corporation. In his spare time, Johnny enjoys making random pirate noises ("Yarrrrr!"), spending time with his wife and kids, convincing others that acting like a kid is part of his job as a parent, feigning artistic ability with programs like Bryce and Photoshop, pushing all the pretty shiny buttons on them new-fangled Mac computers, and making much-too-serious security types either look at him funny or start laughing uncontrollably. Johnny has written or contributed to several books, including "Google Hacking for Penetration Testers" from Syngress Publishing, which has secured rave reviews and has lots of pictures.
Jonathan Levin has been involved with Information Security since the mid '90's. He has consulted for over 8 years (mostly in Israel), and trained numerous IT and security related courses, in academic as well as technical fora.
Johnny is an independent security consultant and trainer, and has worked closely with many companies, e.g. Checkpoint, NDS and M-Systems. He has first encountered the Winsock SPI back in '98 (and got to know all too intimately by writing device driver hooks over it...), but is surprised to see that, even after almost 7 years, it has gotten little attention, despite its potent features.
Julian Grizzard is a Ph.D. candidate in the School of Electrical and Computer Engineering at the Georgia Institute of Technology. He received his B.S. in Computer Engineering from Clemson University and his M.S. in Electrical and Computer Engineering from the Georgia Institute of Technology. He has been studying rootkits for several years, written numerous related papers, and given many academic and research presentations. He is a member of the Honeynet Research Alliance and his research interests include kernel hacking, networking, and security.
Justin Somaini is Director of Information Security at VeriSign Inc. where he is responsible for managing all aspects of network and information security for VeriSign. With over 10 years of Information Security and Corporate Audit experience, Justin has leveraged his knowledge of audit and large organizations to remediate global infrastructure problems and create a full risk identification and remediation Information Security group. Previously, Justin was the Director of Information Security Services for Charles Schwab Inc., where he was responsible for all aspects of Information Security Operations. Before that he was a Manager with PricewaterhouseCoopers LLP where he spent several years developing their attack and penetration leadership and audit practice.
Kenneth Geers (M.A., University of Washington, 1997) is an accomplished computer security expert and Russian linguist. His career includes many years working as a translator, programmer, website developer and analyst. The oddest job he has had was working on the John F. Kennedy Assassination Review Board (don't ask). He also waited tables in Luxembourg, harvested flowers in the Middle East, climbed Mount Kilimanjaro, was bitten by a deadly spider in Zanzibar and made Trappist beer at 3 AM in the Rochefort monastery. He loves to read computer logfiles while playing chess and listening to the St. Louis Cardinals. He loves Russia, his wife Jeanne, and daughters Isabelle, Sophie, and Juliet. Kenneth drinks beer and feeds the empty cans to camels.
Ken Pfeil is CSO at Capital IQ, a web-based information service company headquartered in New York City. His experience spans over two decades with companies such as Microsoft, Dell, Avaya, Identix, and Merrill Lynch. Ken is coauthor of the books "Hack Proofing Your Network - 2nd Edition" and "Stealing the Network - How to Own the Box," and a contributing author of "Security Planning and Disaster Recovery" and "Network Security - The Complete Reference."
Kevin Bankston, an attorney specializing in free speech and privacy law, is the Electronic Frontier Foundation's Equal Justice Works/Bruce J. Ennis Fellow for 2003-05. His fellowship project focuses on the impact of post-9/11 anti-terrorism laws and surveillance initiatives on online privacy and free expression. Before joining EFF, Kevin was the Justice William J. Brennan First Amendment Fellow for the American Civil Liberties Union in New York City. At the ACLU, Kevin litigated Internet-related free speech cases, including First Amendment challenges to both the Digital Millennium Copyright Act (Edelman v. N2H2, Inc.) and a federal statute regulating Internet speech in public libraries (American Library Association v. U.S.).
Kevin McCarthy has worked as a system and network administrator 15 years. He is currently a network and security consultant. He teaches programming to elementary school children and encourages their natural tendencies to hack.
Kristofer Erickson is currently completing his PhD in Geography at the University of Washington in Seattle, where he teaches an undergraduate seminar on Law and Cyberspace. He is motivated by a desire to bridge the gap between academic scholarship and politics, which is one of the reasons he is thrilled to be able to present at Defcon. Recent notable accomplishments include attending the September Project, a nationwide effort to promote community discussion of democracy and freedom in local public libraries, legitimately playing a round of Final Fight on the jumbotron screen during an undergraduate college class, and standing up for the blogosphere in a roomful of old-guard Marxist academics in Denver Colorado.
Kurt Opsahl is a Staff Attorney with the Electronic Frontier Foundation focusing on civil liberties, free speech and privacy law. Before joining EFF, Opsahl worked at Perkins Coie, where he represented technology clients with respect to intellectual property, privacy, defamation, and other online liability matters, including working on Kelly v. Arribasoft, MGM v. Grokster and CoStar v. LoopNet. For his work responding to government subpoenas, Opsahl is proud to have been called a "rabid dog" by the Department of Justice.
Leonard Gallion, is the Vice President of Information Services for a Dallas Texas company and has over 20 years of experience in the I.T. and Security fields. Primarily focusing on the non-destructive (stealthy) compromise of physical security, he has publicly presented on such topics as lockpicking, safecracking and high security lock bypass. In addition, he published an article in the Summer 2004 issue of 2600 magazine on his hobby, creating "Impromptu Lock Picks" from common office supplies.
Major Malfunction is a security professional by day, and a White Hat hacker by night. He is a good example of what happens to TheGoodGuys(TM) when you force them to travel, eat junk food, drink too much coffee, and stay in cheap hotels. If your hotel has a hole in it, Major Mal will find it... He has been involved in DEFCON, as a Goon, since DC5, and the computer industry since the early Eighties. He was co-founder of the world's first full time Internet pirate radio station, InterFACE, and wrote the first ever CD ripper, 'CDGRAB', disproving the industry lie that computers could not read music CDs. In his spare time, he likes to play with guns. Big guns. Little guns. As long as it goes BANG, it will be his friend, and he will love it, care for it, and feed it plenty of ammo. Let him fondle your weapon, and you'll have a friend for life...
Marc Weber Tobias is an Investigative Attorney and polygraph examiner in the United States. He has written five law enforcement textbooks dealing with criminal law, security, and communications. Marc Tobias was employed for several years by the Office of Attorney General, State of South Dakota, as the Chief of the Organized Crime Unit. As such, he directed felony investigations involving frauds as well as violent crimes.
Mr. Tobias is the author of the 1400 page textbook and multimedia collection "Locks, Safes, and Security: An International Police Reference". He consults on lock security and his law firm handles investigations for government and private clients.
Survival Research Laboratories (SRL) was founded by Mark Pauline in November 1978. Since its inception, SRL has operated as an organization of creative technicians dedicated to re-directing the techniques, tools, and tenets of industry, science, and the military away from their typical manifestations in practicality, product or warfare. Since 1979, SRL has staged over 45 mechanized presentations in the United States and Europe. Each performance consists of a unique set of ritualized interactions between machines, robots, and special effects devices, employed in developing themes of socio-political satire. Humans are present only as audience or operators. More information can be found at www.srl.org
Mark Pauline passion is legal, but only in the places he has never been. Follow him through his history of causing the law.
Matt Cottam has a Bachelor of Fine Arts and Bachelor of Industrial Design degrees from Rhode Island School of Design (RISD). Matt's thesis work at RISD was to conduct human-factors research for the Habitability Design Division of NASA. Since 1998 Matt has been the core instructor of the Structured Multimedia Module of the International Certificate Program in New Media at the Fraunhofer Center for Research in Computer Graphics. Since 1999 he has been a member of the faculty at RISD; he teaches critical human-centered design and human-computer interaction design for the departments of Industrial Design, Graphic Design, Photography, and The Digital Media Graduate Program. Matt has lectured, published and led workshops internationally on topics including information design, human-computer interaction design, collaboration strategies for engineers and designers, and humanitarian applications of design. Matt cofounded Tellart and specializes in human-computer interface design technology, methodology, and pedagogy.
Matt Fiddler leads a Threat Management Team for a large Fortune 500 Company. Mr. Fiddler's research into lock bypass techniques have resulted in several public disclosures of critical lock design flaws. Mr. Fiddler began his career as an Intelligence Analyst with the United States Marine Corps. Since joining the commercial sector in 1992, he has spent the last 13 years enhancing his extensive expertise in the area of Unix and Network Engineering, Security Consulting, and Intrusion Analysis.
Metalstorm is a deathmetal listening linux hippy from New Zealand. When not furiously playing air-guitar, he works for linux integrator and managed security vendor Asterisk in Auckland, New Zealand. Previous work has placed him in ISP security, network engineering, linux systems programming, corporate whore security consultancy and a brief stint at the helm of a mighty installation of solaris tar. Amongst his preoccupations at the moment are the New Zealand Supercomputer Centre, wardriving-gps-visualization software that works in the southern hemisphere, and spreading debian and python bigotry. Oh, and his band 'Orafist' needs a drummer - must have own kit and transport to New Zealand.
Michael D. Glasser is a Security Consultant in the New York Tri-State Area. He is currently employed by one of the worlds largest security consulting firms. Though he consults primarily on physical security, other forms of security are often part of his scope of work.
Glasser has been in the security industry for more then 10 years. He started as a technician in the field installing electronic security, and broadened his technical knowledge to cover all electronic and conventional security methods. Glasser is Licensed by New York State and a Burglar and Fire Alarm Installer, Certified as a Locksmith, and has numerous electronic security certifications. He is an active member of many local, state and national associations. He teaches classes on electronic security in the New York Area.
Prior speaking engagements of this type have been at both the DefCon series of conferences and at the 2600 sponsored HOPE conferences.
Mystic is a strong believer that hacking at it's core has little to do with computers and more to do with how you chose to live your life. His interests go from electronic music to poetry to encryption to designing Texas Hold'em AIs. Once a resident of the San Francisco bay area, he traveled down south to find him self on the beaches of Santa Barbara and after two years is returning to finish school as a Psychology major at UC Santa Cruz.
Nick Farr spent the first decade of his career serving in non-profit management roles in academia, public radio, print journalism and computer recycling. While pursuing a new career in Public Accounting, he continues to serve in his role as Treasurer of the Hacker Foundation which he co-founded.
Nick is a security engineer at an innovative computer company in Cupertino, California. He holds a B.S. in Computer Science from the University of California, Santa Barbara and as far as I know, he is through with the school thing. He is currently unreachable in Antigua, so I suppose I could say anything here. I won't.
Nomad Mobile Research Centre (NMRC) is a hacker collective, and has been around since 1996. NMRC has released numerous papers, advisories, FAQs, and tools over the years, and believes that hackers have something good to give to society.Unfortunately most of the world doesn't believe in their definition of "good".
NMRC has distinguished itself in the realm of hackerdom in the following ways over other hacker groups: 1) They maintain friends of all hat colors; 2) They were the first hacker group to spell Centre with an "e" on the end; and 3) They live to hack and hack to live, unless of course they find free pr0n.
Ofir Arkin is the CTO and Co-founder of Insightix, which pioneers the next generation of IT infrastructure discovery, monitoring and auditing systems for enterprise networks. Ofir holds 10 years of experience in data security research and management. Prior to co-founding Insightix, Ofir served as a CISO of a leading Israeli international telephone carrier. In addition, Ofir has consulted and worked for multinational companies in the financial, pharmaceutical and telecommunication sectors.
Ofir conducts cutting edge research in the information security field and has published several research papers, advisories and articles in the fields of information warfare, VoIP security, and network discovery, and lectured in a number of computer security conferences about the research. Hi best known published papers are: "ICMP Usage in Scanning", "Security Risk Factors with IP Telephony based Networks", "Trace-Back", "Etherleak: Ethernet frame padding information leakage". He is a co-author of the remote active operating system fingerprinting tool Xprobe2.
Ofir is an active member with the Honeynet project and is co-author of the team's book, "Know Your Enemy" published by Addison-Wesley. Ofir is also the founder of Sys-Security Group (http://www.sys-security.com), a computer security research group.
Oskar Sandberg is a post graduate student at the Chalmers Technical University in Gothenburg, Sweden. He is working on a PhD about the mathematics of complex networks, especially with regard to the small world phenomenon. Besides this he has an active interest in distributed computer networks and network security, and has been an active contributor to The Freenet Project since 1999.
Pamela Fusco, CISSP, CISM, CHS-III, Chief Security Officer, Merck & Co., Inc.
Pamela Fusco is an Executive Global Information Security Professional, for Merck & CO., Inc. She has accumulated over 19 years of substantial experience within the Security Industry. Her extensive background and expertise expand globally encompassing all facets of security inclusive of logical, physical, personal, facilities, systems, networks, wireless, and forensic investigations. Presently she leads a talented team of Compliance, Systems and Information Security Engineers operating a world-wide 24X7X365 SIRT (security incident response team).
Patty L. Walsh has been a political junkie since she was a child. She currently attends UNLV as a Senior, and is majoring in Political Science with emphasis on International Relations; along with a minor in Communications. She has written for The Las Vegas Review-Journal, Las Vegas Mercury, Las Vegas Tribune, Las Vegas CityLife, The UNLV newspaper, and currently is a freelance journalist for Greenspun Media Group. She also is a Production Assistant and DJ for KUNV 91.5 FM in Las Vegas. Walsh intends to become an international correspondent, and has many qualms with the media (except for BBC and Reuters, most of the time). She speaks two different languages, and has attended DefCon since DC10, where she wrote about the media misconceptions of hackers as an intern for the Las Vegas Mercury.
Paul Graham is the author of On Lisp, Ansi Common Lisp, and Hackers & Painters; was co-founder of Viaweb (now Yahoo Store); developed a simple Bayesian spam filter that inspired many present filters; and is one of the partners in Y Combinator.
Paul Vixie has been contributing to Internet protocols and UNIX systems as a protocol designer and software architect since 1980. Early in his career, he developed and introduced sends, proxynet, rtty, cron and other lesser-known tools.
Today, Paul is considered the primary modern author and technical architect of BINDv8 the Berkeley Internet Name Domain Version 8, the open source reference implementation of the Domain Name System (DNS). He formed the Internet Software Consortium (ISC) in 1994, and now acts as Chairman of its Board of Directors. The ISC reflects Paul's commitment to developing and maintaining production quality open source reference implementations of core Internet protocols.
More recently, Paul cofounded MAPS LLC (Mail Abuse Prevention System), a California nonprofit company established in 1998 with the goal of hosting the RBL (Realtime Blackhole List) and stopping the Internet's email system from being abused by spammers. Vixie is currently the Chief Technology Officer of Metromedia Fiber Network Inc (MFNX.O).
Along with Frederick Avolio, Paul co-wrote "Sendmail: Theory and Practice" (Digital Press, 1995). He has authored or co-authored several RFCs, including a Best Current Practice document on "Classless IN-ADDR.ARPA Delegation" (BCP 20). He is also responsible for overseeing the operation of F.root-servers.net, one of the thirteen Internet root domain name servers.
Philip R. Zimmermann is the creator of Pretty Good Privacy. For that, he was the target of a three-year criminal investigation, because the government held that US export restrictions for cryptographic software were violated when PGP spread all around the world following its 1991 publication as freeware. Despite the lack of funding, the lack of any paid staff, the lack of a company to stand behind it, and despite government persecution, PGP nonetheless became the most widely used email encryption software in the world.
Raffael Marty is a senior security engineer with ArcSight, the global leader in Enterprise Security Management (ESM). He initiated the Content team, holding responsibility over all the content in ArcSight's product, ranging from correlation rules to categorizations, vulnerability mappings, to visualizations and dashboards. Before joining ArcSight, he was a member of the Global Security Analysis Lab at IBM Research, where he participated in various intrusion detection related projects. His Master's thesis focused on correlating events and testing intrusion detection systems. The resulting tool he created, Thor, can be used to generate correlation tables for multiple, heterogeneous IDS sensors. Raffael currently holds a CISSP and GCIA certification and was in January 2004 appointed to the MITRE OVAL (Open Vulnerability and Assessment Language) advisory board for his domain expertise.
Raven splits her time between network engineering and security testing, and often tries to fuse the two, to varying degrees of success. She is equally fond of building networks for ISPs and breaking them nicely. In her Copious Spare Time, she contributes to network security books, mangles for OSVDB, kicks other people's crypto implementations, and enjoys ill-advised adventures.
Richard Thieme (www.thiemeworks.com) is an author and professional speaker focused on the deeper implications of technology, religion, and science for twenty-first century life. He has spoken for Def Con for ten years and Black Hat for eight as well as for other venues ranging from ShmooCon, ToorCon, and AUSCERT to the Pentagon, the FBI, and the US Department of the Treasury. His internet columns, "Islands in the Clickstream," are widely read and were collected and published by Syngress Publishing in June 2004. Since then he has published a dozen short stories including "The Geometry of Near," a hacker tale published online by Phrack and included in the anthology CyberTales: Live Wire. A short story collection, More Than a Dream: Stories of Flesh and the Spirit is coming soon and he is writing a novel, The Necessity for Invention, which includes the adventures of Don Coyote and Pancho Sanchez, two wily hackers.
Robert E. Lee serves as Dyad Labs's Chief Executive Officer. Robert's primary roles include technology and software development, security research, and education program initiatives. Robert functions as the primary contact interfacing with clients for Dyad Labs. Robert also serves as the Director of Projects & Resources for the Institute for Security and pen Methodologies. Robert is a key contributor to the Open Source Security Testing Methodology Manual, Unicornscan, and Cruiser (no URL yet) projects. Robert maintains his OSSTMM Professional Security Tester (OPST) & OSSTMM Professional Security Analyst (OPSA) certifications from the Institute for Security and Open Methodologies (ISECOM).
Robert "hackajar" Imhoff-Dousharm has worked in computer security for over 6 years. He has spent 2-1/2 years in the merchant credit card security field. Last year he has started his own credit card security consulting firm to focus more on securing businesses one client at a time. He also works in a SOC for a large client, insuring data integrity, availability and confidentiality. Robert has spoken at Defcon 11 & 12 in both social security and network security of credit cards in merchant environments.
Robert Morris received a B.A. in Mathematics from Harvard University in 1957 and a M.A. in Mathematics from Harvard in 1958. He was a member of the technical staff in the research department of Bell Laboratories from 1960 until 1986. On his retirement from Bell Laboratories in 1986 he began work at the National Security Agency. From 1986 to his (second) retirement in 1994, he was a senior adviser in the portion of NSA responsible for the protection of sensitive U.S. information.
Roberto Preatoni (aka Sys64738): 37, is the founder of the defacement/cybercrime archive Zone-H (http://www.zone-h.org)as well as its key columnist. He's also CEO of an International ITsec company (Domina Security) which is active in European and former soviet countries. He has been globetrotting, lecturing in several ITsec security conferences, including Defcon in the US. He has been interviewed by several print and online newspapers where he shares his experiences relating to cyberwar and cybercrimes. A man with different opinions than the usual.
RS investigates financial fraud within medical environments. Duties include participating in the execution of search warrants to recover computer base evidence. Because of the sensitivity of the medical data to be seized and liability issues involved, forensic images of suspect systems must be made quickly, on-site, in production medical environments, with minimal disruption to patient care.
San is a security researcher, who has been working in the Research Department of NSFocus Information Technology (Beijing) Co., Ltd for more than three years. He's also the key member of XFocus Team.
His focus is on researching and analysing application security, and he's also the main author of "Network Penetration Technology" (Chinese version book).
Scott Blake is Chief Information Security Officer for Liberty Mutual Insurance Group and is responsible for information security strategy and policy. Prior to joining Liberty, Scott was Vice President of Information Security for BindView Corporation where he founded the RAZOR security research team and directed security technology, market, and public affairs strategy. Scott has delivered many lectures on all aspects of information security and is frequently sought by the press for expert commentary. Since 1993, Scott has also worked as a security consultant, IT director, and network engineer. He holds an MA in Sociology from Brandeis University, a BA in Social Sciences from Simon's Rock College, and holds the CISM and CISSP security certifications.
Scott Dunlop is a father, software developer, security researcher and short order cook, in that order; other public projects by Scott include Cloud Wiki, IPAF Packet Analysis Framework, and the Sickle Communication Language.
Scott Stender is a founding partner of iSEC Partners, LLC, a strategic digital security organization. Scott brings with him several years of experience in large-scale software development and security consulting. Prior to iSEC, Scott worked as an application security analyst with @stake where he led and delivered on many of @stake's highest priority clients.
Before @stake, Scott worked for Microsoft, where he was responsible for security and reliability analysis for one of Microsoft's distributed enterprise applications. In this role, Scott drew on his technical expertise in platform internals, server infrastructure, and application security, combined with his understanding of effective software development processes to concurrently improve the reliability, performance, and security of a product running on millions of computers worldwide.
In his research, Scott focuses on secure software engineering methodology and security analysis of core technologies. Most recently, Scott was published in the January-February 2005 issue of IEEE Security & Privacy, where he co-authored a paper entitled "Software Penetration Testing". He holds a BS in Computer Engineering from the University of Notre Dame.
Roelof Temmingh is the Technical Director of SensePost where his primary function is that of external penetration specialist. Roelof is internationally recognized for his skills in the assessment of web servers. He has written various pieces of PERL code as proof of concept for known vulnerabilities, and coded the world-first anti-IDS web proxy "Pudding". He has spoken at many International Conferences and in the past year alone has been a keynote speaker at SummerCon (Holland) and a speaker at The Black Hat Briefings. Roelof drinks tea and smokes Camels.
Haroon Meer is currently SensePost's Director of Development (and coffee drinking). He specializes in the research and development of new tools and techniques for network penetration and has released several tools, utilities and white-papers to the security community. He has been a guest speaker at many Security forums including the Black Hat Briefings. Haroon doesnt drink tea or smoke camels.
Charl van der Walt is a founder member of SensePost. He studied Computer Science at UNISA, Mathematics at the University of Heidelberg in Germany and has a Diploma in Information Security from the Rand Afrikaans University. He is an accredited BS7799 Lead Auditor with the British Institute of Standards in London. Charl has a number of years experience in Information Security and has been involved in a number of prestigious security projects in Africa, Asia and Europe. He is a regular speaker at seminars and conferences nationwide and is regularly published on internationally recognized forums like SecurityFocus. Charl has a dog called Fish.
Seth Schoen created the position of EFF Staff Technologist, helping other technologists understand the civil liberties implications of their work, EFF staff better understand the underlying technology related to EFF's legal work, and the public understand what the technology products they use really do. Schoen comes to EFF from Linuxcare, where he worked for two years as a senior consultant. While at Linuxcare, Schoen helped create the Linuxcare Bootable Business Card CD-ROM.
Sherri Sparks is a PhD student at the University of Central Florida. She received her undergraduate degree in Computer Engineering and subsequently switched to Computer Science after developing an interest in reverse code engineering and computer security. She also holds a graduate certificate in Computer Forensics. Currently, her research interests include offensive / defensive malicious code technologies and related issues in digital forensic applications.
StankDawg is a senior programmer/analyst who has worked for Fortune 500 companies and large universities. He is a staff writer for 2600 Magazine, blacklisted411, and numerous websites. He has given presentations at HOPE, Interz0ne, and other local venues and has also appeared on television. He is founder of "The Digital Dawg Pound" (the DDP) which is a group of white-hat/gray-hat hackers who produce their own magazine, radio shows, TV show, and numerous other projects at http://www.binrev.com/
Steve Dunker is a Professor of Criminal Justice at Northeastern State University. He is a former Major Case Squad Detective who worked as a planner and supervisor of an anti-crime and decoy unit. He is a licensed attorney in the State of Missouri.
Strom Carlson is the organizer of DC213 and has been playing with telephones for years now; he has an intense interest in the structure and history of the telephone network and will start yammering away for hours about it if you're not careful. He collects all things related to telephony (including recordings), and although he is rapidly running out of space in which to store his many cubic meters of telephone equipment, he will eagerly and compulsively snap up anything made or published by Western Electric if given the chance. He encourages all phone phreaks and interested parties to play extensively with the phone network and learn everything they can; he also encourages you to listen to everything on http://www.phonetrips.com/ and to poke around http://www.stromcarlson.com/
Black Ratchet is just another phone phreak from Boston. He enjoys computers, radios, and, of course, anything remotely related to the Public Switched Telephone network. He has been playing with telephones since he was eleven, and after a somewhat lengthy sabbatical in college, had a relapse and returned to his old ways in late 2003. He is the organizer and webmaster of Yet Another Payphone List at http://www.yapl.org and is an active member of the Digital Dawg Pound at http://www.binrev.com. He can be found at http://www.blackratchet.org, and on http://forums.binrev.com.
Tom Holt is completing his Ph. D. in Criminology and Criminal Justice at the University of Missouri-Saint Louis. He is also an Assistant Professor in the Department of Criminal Justice at the University of North Carolina-Charlotte specializing in crime and technology. Much of his graduate career has been spent examining computer crime and cybercrime, especially hackers and hacking. His dissertation research examines the elements that compose the hacker subculture, as well as its' social organization through multiple data sources. Tom has collected various materials to that end, including interviews with active hackers. His primary goal is to understand various social aspects of hacking and the computer underground from the hacker's perspective.
Tom has made multiple presentations on these issues in a variety of settings and has a strong interest in moving academic research on computer crime forward in new ways. This includes developing quality statistics on computer crimes to better document these phenomena. He is working with other academic disciplines such as computer science and MIS to gain a more thorough understanding of all manner of computer crime and critical infrastructure protection. Tom also enjoys a good cup of coffee, o.k. cigars, and cheap beer.
Tony Howlett is President of Network Security Services, Inc. He was previously founder and CTO of InfoHighway Communications Corp., a leading ISP and CLEC. He is a frequent speaker and writer on security, the Internet and technology. His articles have appears in SysAdmin, Security Administrator, Windows Web Solutions, Windows IT Pro, Texas Computing and Computer Currents magazines. He is also author of "Open Source Security Tools" published by Addison Westley in 2004. Type "Tony Howlett" into Google to get additional references.
Dr. Tzi-cker Chiueh is a Professor in the Computer Science Department of Stony Brook University, and the Chief Scientist of Rether Networks Inc. He received his B.S. in EE from National Taiwan University, M.S. in CS from Stanford University, and Ph.D. in CS from University of California at Berkeley in 1984, 1988, and 1992, respectively. He received an NSF CAREER award in 1995, and has published over 130 technical papers in refereed conferences and journals in the areas of operating systems, networking, and computer security. He has developed several innovative security systems/products in the past several years, including SEES (Secure Mobile Code Execution Service), PAID (Program Semantics-Aware Intrusion Detection), DOFS (Display-Only File Server), and CASH.
Wendy Seltzer is Special Projects Coordinator with the Electronic Frontier Foundation, specializing in intellectual property and free speech issues. As a Fellow with Harvard's Berkman Center for Internet & Society, Wendy founded and leads the Chilling Effects Clearinghouse, helping Internet users to understand their rights in response to cease-and-desist threats. Prior to joining EFF, Wendy taught Internet Law as an Adjunct Professor at St. John's University School of Law and practiced intellectual property and technology litigation with Kramer Levin Naftalis & Frankel in New York.
Wes Brown is a senior security consultant, security researcher, having started working in the field almost a decade ago. He specializes in penetration testing, and tools writing, but is greatly interested in conducting security research as well. He has written numerous in-house tools for Internet Security System's X-Force Consulting team, of whom he is a member of.
Wes is a systems engineer at a software-defined radio company in San Diego, California. He holds a B.S. in Electrical Engineering from Rensselaer Polytechnic Institute and is thinking of returning to school to formally study communication systems.
"The great Zamboni" has been in the security industry for over 6 years, most recently working at a Fortune 500 company. His work has covered many areas including penetration testing, assessing the security of systems and engineering computer security systems. Recently his job has focused on integrating physical and logical security systems. Outside of work Zamboni is a founding member of Miskatonic Research Labs, a non-profit security research group located in Northeastern Ohio. Some of his many interests include penetration testing techniques, wireless security, lock picking and the convergence of physical and computer security. He is also a core member of the Notacon planning committee.
An enterprise IT infrastructure is a complex and a dynamic environment that is generally described as a black hole by its IT managers. The knowledge about an enterprise network's layout (topology), resources (availability and
usage), elements residing on the network (devices, applications, their properties and the interdependencies among them) as well as the ability to maintain this knowledge up-to-date, are all of critical for managing and securing IT assets and resources.
Unfortunately, the current available network discovery technologies (active network discovery and passive network discovery) suffer from numerous technological weaknesses which prevent them from providing with complete and accurate information about an enterprise IT infrastructure. Their ability to keep track of changes is unsatisfactory at best.
The inability to "know" the network directly results with the inability to manage and secure the network in an appropriate manner. This is since it is impossible to manage or to defend something, or against something, its existence is unknown or that only partial information about it exists.
The first part of the talk presents the current available network discovery technologies, active network discovery and passive network discovery, and explains their strengths and weaknesses. The talk highlights technological barriers, which cannot be overcome, with open source and commercial applications using these technologies.
The second part of the talk presents a new hybrid approach for infrastructure discovery, monitoring and control. This agent-less approach provides with real-time, complete, granular and accurate information about an enterprise infrastructure. The underlying technology of the solution enables maintaining the information in real-time, and ensures the availability of accurate, complete and granular network context for other network and security applications.
During the talk new technological advancements in the fields of infrastructure discovery, monitoring and auditing will be presented.
Active operating system fingerprinting is a technology, which uses stimulus (sends packets) in order to provoke a reaction from network elements. The implementations of active scanning will monitor the network for a response to be, or not, received from probed targeted network elements, and according to the type of response, and the conclusions following (part of an implementation's intelligence), knowledge will be gathered about the underlying operating system.
This talk examines the current state of remote active OS fingerprinting technology and tools: the different methods used today, the issues associated with them, the limitations, where the current technology is, what can and cannot be accomplished, and what should be done in the future.
The talk also highlights the accuracy aspects of several active operating system fingerprinting tools, analyzes them and compare between them.
During the talk a new version of Xprobe2, a remote active OS fingerprinting tool will be released.
Bastille has been re-released as an assessment and hardening tool. With the help of the US Government's TSWG, we've added full hardening assessment capabilities, complete with scoring. This allows Bastille to measure and score an individual system's security settings against user-provided guidelines, possibly before allowing a system onto the network. Security or system administrators can use this to assess the relative state of a given system compared to Best Practices, to other systems in the organization, or to an organization-supplied minimum standards file. They can also use it to learn what hardening steps would be helpful for the given system. Bastille's new mode can even help in verifying compliance with new legislation, including Sarbanes Oxley, GLBA and HIPAA. It can also help in lowering insurance premiums - AIG, the largest provider of cybersecurity insurance, decreases premiums by 15% for organizations following best practices in proactive defense.
Open source tools have hardened systems in the past (Bastille, Titan, YASSP), while free or open source tools have measured security settings in the past (COPS, CIS Unix Scoring Tool). No popular open source tool besides Bastille can do both, using the weaknesses found in an audit to harden systems. This functionality would normally be found only in a separate tool and thus warrants the re-release of Bastille.
We originally released Bastille Linux/Unix in 1999 as a host hardening tool, built to tighten security settings on a system, set stronger policies on that system and educate system administrators. Bastille has been extremely popular and has since been ported to seven Linux distributions, OS X and HP-UX. Support for FreeBSD and Solaris is underway. Bastille ships by default with Gentoo, Debian(apt-get) and HP-UX, the latter of which has made it part of the installer and contributes two developers to the project.
Mosquito is a lightweight framework to deploy and run code remotely and securely in the context of penetration tests. It makes a best effort to ensure that the communications are secure. Special care is taken to ensure that deployed code is not stored outside of process memory space, making it difficult for an eavesdropper to obtain the code. It protects the confidentiality and trade secrets of code that is deployed and run on the target, whether an exploit methodology, or a tool. The proof of concept deployable binary weights in at 120K. The framework makes use of Lua as the scripting language, and is freely available with a BSD license.
At the University of Central Florida, an undergraduate program in security is currently being developed. This program will offer students a bachelor's degree through the College of Engineering. It is intended to be an interdisciplinary degree combining coursework from the School of Engineering and Computer Science, College of Health and Public Affairs, and the National Center for Forensic Studies.
The purpose of this talk is to present the program being developed and to receive feedback regarding what material and what areas such a program should cover. The department that it is being offered through (Engineering Technology) is an applied engineering department, taking a very hands-on approach to learning. As such it is necessary to develop our courses of study based on feedback from industry and the community.
Intrusion detection systems and firewalls generally follow one of two methods of attack detection, signature or anomaly. Signature detection detects known attacks and anomaly detection covers unusual activity (with the hope that it will discover new attacks). Often what is detected by the IDS or firewall is not the original attack, but rather the communication that occurs afterwards. Known methods are easily picked up by signature detection, new methods are either picked up by anomaly detection or have a limited lifespan (signatures are created to detect them). That leads us to the dilemma of trying to create a covert communication scheme with no (easily) detectable pattern and one that does not cause statistical anomalies.
The key to solving this dilemma is to use a scheme that is not consistent in its appearance and adapts itself to match its current surroundings. The traffic on one network will very from that on another network. This means that what will look unusual or out of place on one network might not look so strange on another. By analyzing the conditions that exist on a network and then adapting the communication scheme to fit in with those conditions, a well camouflaged communication channel can be created.
This talk covers the concepts for such a communication system. It will cover the development and research being performed currently as well as providing a moderately technical discussion of the background concepts for such a system.
Since the invention of the step-by-step switching office by Almon B. Strowger in 1889, telephone switching technology has constantly become more efficient, more complex and easier to manage. Today, anyone with a computer, a telephone and some spare time can assemble a homebrew telephone switching system and become their own miniature telephone company with the aid of a program called Asterisk.
This presentation will give a brief overview of Asterisk, how to set it up, what it can do, and how to integrate it with your existing network. Furthermore, you will be introduced to a whole world of features and capabilities you didn't even know existed but which you will find yourself inexplicably compelled to set up and play with. Covered topics will include hardware, trunking, PSTN termination, integration with the Web and customization.
A Q&A session will follow the talk, accompanied by giveaways of selections from Strom's massive pile of vintage telephone equipment. If you can't make it to the talk itself, you will still be able to participate; a call-in Q&A queue will be provided for those watching the talk on TV in the hotel.
Have you wondered exactly how personal information is being used to help in the detection of Identity Creation in the post-9/11 world? Exactly how safe are social security numbers as a means to identity? How easy is it to creat ea valid SSN that will pass inspection by the Identity detection systems in place for business and government today? Or how you can recreate someone's ssn only knowing their date of birth and the last four digits of their ssn? This presentation will explain how current identity creation detection schemes work. You will leave understanding what these schemes look for to flag someone as needing more investigation to establish that they are who they say they are. You will also learn about the history of the social security number, what the number means, and how it is used to establish identity.
With peer to peer networks under fire by organizations using the legal system to attack participants, it seems that the only sustainable future is for dark, encrypted, networks where participants only talk to peers that they know and trust. Such networks, like WASTE, already exist to some extent, but they scale poorly and do not allow global communication.
This does not need to be the case, however. The "small world" observations, going back to Milgram's famous experiments in the sixties, show that social networks have all the right characteristics for being easy and efficient to navigate and search. It stands to reason that, under the right circumstances, so should a Darknet. We present algorithms for making routing possible in such networks, based on the real mathematics of how small worlds function. The goal is to build peer to peer networks that are difficult for outsiders to detect and infiltrate, making the job of those who wish to shut them down much harder.
We are besieged with information every day, our inboxes overflow with spam and our search queries return a great deal of irrelevant information. In most cases there is no malicious intent, just simply too much information. However, if we consider active malicious entities, the picture darkens. Denial of information (DoI) attacks assail the human through their computer system and manifest themselves as attacks that target the human's perceptual, cognitive and motor capabilities. By exploiting these capabilities, attackers reduce the ability of humans to acquire and act upon desired information. Even if a traditional denial of service attack against a machine is not possible, the human utilizing the machine may still succumb to a DoI attack. Typically much more subtle (and potentially much more dangerous), DoI attacks can actively alter the decision making of humans, potentially without their knowledge. This talk explores denial of information attacks and countermeasures and uses network visualization scenarios to illustrate the problem.
Industrial designers working in traditional media have the luxury of sketching, playing, and experimenting with their materials before constructing a finished product. Designers working with electronics and computers are relatively impoverished. To "sketch" with electronics or computers would typically require extensive training in engineering and ready access to inexpensive parts--requirements that most designers can't easily meet. This deficiency--this inability to work closely with materials before building with them--hampers designers' efforts to make products sensitive to human use. This paper describes an attempt to address this problem in a human-computer interaction (HCI) design studio at a major design school. The course itself was an exercise in design: it worked within severe constraints to address a human need. We describe our attempt to shape the course to meet students' most pressing needs; our students' attempts to work within the constraints of the course; and the outcomes of the course for students and faculty. The paper suggests that the course offers one way to experiment with HCI concepts, produce innovative solutions to design problems, and--crucially--humanize new technologies and the design process."
A raging fear of The Computer Evildoers has driven enterprises to the safety of the herd, buying whatever elixirs the big vendors peddle. Security consumers waste billions of dollars on ineffective (but well integrated!) solutions. However, as technology users grow more sophisticated about security threats (often learning the hard way), opportunities will surface for innovative startups to deliver effective IT survival mechanisms. This talk will review the industry's blunders, and sources of opportunity.
The Dark Tangent, founder of DEFCON, invites Chief Information Security Officers from global corporations to join him on stage for a unique set of questions and answers. What do CISOs think of David Litchfield, Dan Kaminsky, Joe Grand, Metasploit, Black Hat, and DEFCON? How many years before deperimeterization is a reality? Is security research more helpful or harmful to the economy? What privacy practices do CISOs personally use? These questions and others from the audience will be fielded by this panel of security visionaries.
The paper I will be presenting serves as a rudimentary literature review on how hackers may be constructed as either deviants or non-deviants in society. This presentation begins by placing hackers within the framework of sociological literature on deviance. I talk about how deviance has historically been a social construction, with the more powerful members of society defining what it is to be deviant, and those with less power are frequently applied the label. I apply sociological definitions of of deviants to hackers, and am able to refute these claims in many cases.
Physical security isn't just a concern of the IT world. Besides securing server rooms, locks of all sizes and styles are scattered throughout our lives. However, much of the general public is unaware of the insecurities present in many lock designs. Through discussion and direct example, Deviant Ollam will address the strengths and weaknesses of standard pin tumbler locks, combination locks, warded locks, wafer locks, and more. Discussion of effective tools, advanced techniques, master key theory, and lesser-known picking techniques will also be covered. This talk is aimed at lockpick novices who are interested in better security and learning lockpicking skills. While always the first to admit that he's no Barry Wels, Deviant hopes to have a good time with this lockpick talk and looks forward to hand-on audience participation. Many styles of practice locks and picks will be made available.
Have you ever been pulled over by the Cops? Do you worry about your home being searched by the Feds? The Hacker's Guide to Search and Arrest is presented in a down and dirty fast pace. You won't hear a single boring case citation here. Instead you get information you can use in every day life, presented in a way that won't make your eyes gaze over. Learn when the Government can legally perform searches or make arrests. Find out what you can do if you are a victim of an illegal search or seizure.
An ongoing project for scholars in Geography has been to explore how power and cartography are mutually implicated. Geographers have traditionally been concerned with making maps of the earth, but until recently we have seldom reflected on how particular forms of knowledge and power are privileged in the production of maps, and how those maps themselves produce particular geographic imaginations. As new virtual spaces are opened up through communication technologies such as the Internet, maps remain one of the important ways that these spaces are articulated to the public. However, when creating these new maps of cyberspace, it is necessary to remain aware of the political meaning contained in these representations. Maps of the internet that depict it as a disembodied, decentralized and unregulated space may in fact promote particular interests such as capitalism and national security, while suppressing others. The aim of this presentation is to open up a dialogue where we can collectively critique existing maps of cyberspace and imagine alternatives that may be more sensitive to a competing range of interests, including those of the hacker community.
While many security practitioners use Nmap, few understand its full power. Nmap deserves part of the blame for being too helpful. A simple command such as "nmap scanme.insecure.org" leaves Nmap to choose the scan type, timing details, target ports, output format, source ports and addresses, and more. You can even specify -iR (random input) and let Nmap choose the targets! Hiding all of these details makes Nmap easy to use, but also easy to grow complacent with. Many people never explore the literally hundreds of available options and scan techniques for more powerful scanning.
In this presentation, Nmap author Fyodor details advanced Nmap usage--from clever hacks for teaching Nmap new tricks, to new and undocumented features for bypassing firewalls, optimizing scan performance, defeating intrusion detection systems, and more.
This presentation will introduce two powerful, non-destructive safe opening techniques. The first "Dial B For BackDialing," will trace the history of backdialing all the way from Richard Feynman working on the atomic bomb (and opening safes) in the 1940's, to today. This presentation will show how mechanical safes have changed since Feynman's time, but how most are still vulnerable to both his method and the simpler Nascar(tm) technique. The next part of the presentation, "Spike the Wonder Safe" will demonstrate how to defeat the two locking mechanisms of a popular office safe using just an ink pen and a battery, all in under two minutes.
Has your network ever been hacked, and all you have to show for your investigative efforts is an IP address belonging to an ISP in Irkutsk? Are you tired of receiving e-mails from Citibank that resolve to Muscovite IP addresses? Would you like to hack the Kremlin? Or do you think that the Kremlin has probably owned you first? Maybe you just think that Anna Kournikova is hot. If the answer to any of the above questions is yes, then you need an introduction to the Gulag Archipelago of the Internet, the Cyberia of interconnected networks, Russia.
Do not let the persistent challenges of crossing international boundaries intimidate you any longer. In this briefing, we will follow several real-world scenarios back to Russia, and you will learn valuable strategies for taking your investigations and operations one big geographical step further. A brief introduction to Russia will be followed by 1,000 traceroutes over the frozen tundra described in detail, along with an explanation of the relationship between cyber
and terrestrial geography. Information will be provided on Russian hacker groups and law enforcement personnel, as well as a personal interview with the top Russian cyber cop, conducted in Russian and translated for this briefing.
Quick: name one significant advantage that Russian hackers have over you. They can read your language, but you cannot read theirs! Since most Westerners cannot read Russian, the secrets of Russian hacking are largely unknown to Westerners. You will receive a short primer on the Russian language, to include network security terminology, software translation tools, and cross-cultural social engineering faux-pas (this method will apply to cracking other foreign languages as well).
Hacking in a Foreign Language details a four-step plan for crossing international frontiers in cyberspace. First, you must learn something about the Tribe: in this case, the chess players and the cosmonauts. Second, you must study their cyber Terrain. We will examine the open source information and then try to create our own network map using traceroutes. Third, we will look at the Techniques that the adversary employs. And fourth, we will conquer Translation. The goal is to level the playing field for those who do not speak a foreign language. This briefing paves the way for amateur and professional hackers to move beyond their lonely linguistic and cultural orbit in order to do battle on far-away Internet terrain.
Nowadays there is a lack of adequate frameworks to make the security consulters and pen testers life easy. A lot of separated or integrated tools like automating penenetration Testingtools improve their performance but aren't very useful for the real world consultant. Also some languages, which are not too powerful and complex like python makes others tools hard to expand to the public in general. In reality, the need for flexible, modular and extensible but also powerful kind of tool is growing in today's computing security scene due to substantial increases in the security, pen testing and code audit market. The goal of this paper is to motivate a renewed interest and present a solution based on nowadays technologies capable to handle the real world challenges and to be useful.
Bacon is an introduction to a generic framework for penetration testers and consultants.
Baconis an Open Source modular framework. Bacon's core component is developed in C# and is able to load modules compiled to run in ECMA Common Language Infrastructure, for example C#, C++.NET, VB.NET, IronPython and others. So the core component, GUI and the modules are multi platform. These modules would run on Windows using the Microsoft CLI or Linux using Mono or another CLI implementation. Bacon's core also provides a set of facilities to generate custom reports, utility libraries and module communication. The actual development of Bacon is focused in the core component and three modules, one of them for code auditing, other for web application auditing and the last one for database auditing.
This "Talk" will focus on the next step beyond basic locks and lock picking. You will NOT learn about basic cylinders. You will not learn how to shim a padlock. You will learn about Medeco side bars and how they've been beaten. You will learn about mul-t-lock pin-in-pin cylinders and how they've been beaten. You will learn the basics of safe manipulation. This is not a "Talk" that will teach you how to pick, the "pick-proof" locks. It will give you the foundation and methods that will allow you to understand these locks, and the concepts behind picking them. Punch and Pie will be served.
Previous attempts to hack the connection between wealth and power have aimed mainly at eliminating economic inequality. They've all ended in disaster, because economic inequality is closely related to risk: you can't eliminate inequality without eliminating startups, and with them growth. So if you want to get rid of injustice, the place to attack is one step downstream, where wealth turns into power.
This will be a practical and theoretical tutorial on legal issues related to computer security practices. In advance of the talk, Granick will unscientifically determine the "Top Ten Legal Questions About Computer Security" that Defcon attendees have and will answer them as clearly as the unsettled nature of the law allows. While the content of the talk is audience driven, Granick expects to cover legal issues related to vulnerability disclosure, copyright infringement, reverse engineering, free speech, surveillance and civil liberties.
Conventional wisdom states that once a system has been compromised, it can no longer be trusted and the only solution is to wipe the system clean and reinstall. This talk goes against the grain of conventional wisdom and asks are there more efficient ways to repair a system other than complete reinstallation. Specifically, this talk will focus on the detection of and recovery from the installation of both traditional and kernel-level rootkits. Included in the presentation is a demonstration of an operating system architecture and intrusion recovery system (IRS) that is capable of recovering from some of the most prevalent rootkits seen in the wild. Prototype recovery tools will be released.
This presentation describes the possibilities of steganographically embedding information in the "noise" created by automatic translation of natural language documents. An automated natural language translation system is ideal for steganographic applications, since natural language translation leaves plenty of room for variation. Also, because there are frequent errors in legitimate automatic text translations, additional errors inserted by an information hiding mechanism are plausibly undetectable and would appear to be part of the normal noise associated with translation. Significantly, it should be extremely difficult for an adversary to determine if inaccuracies in the translation are caused by the use of steganography or by perceptions and deficiencies of the translation software. A prototype, Lost in Translation (LiT), will be presented.
The insecure workstation II `Bob Reloaded`. Exploring attack vectors within Microsoft desktop systems. A close look at third party applications that still suffer from api call vulnerabilities and how attackers can use these vulnerabilities to escalate there rights to system level . Also will be exploring this year's security research into "attacks against the local desktop login". Demonstration of desktop access without logging in.
Every Corporation in the world has run out and purchaed IDS, Patch Mangement and other products that are selling security. This talk will outline ways that these so called "security products" can actually be used against an organization. Organizations should fear their poorly impelemented "Security"
The President of Harvard University, Lawrence H. Summers, recently suggested the lack of women in the sciences is due to innate differences between men and women. He speculated a variety of reasons for this including genetics and social factors, and his comments created a stir among academics and the general public. While the accuracy of his statements are suspect, he raises an intriguing question in light of declining female enrollment in computer science and engineering degree programs at MIT and other universities. And if women are falling out of these fields, what is happening to the population of female hackers and security professionals? What have their experiences been up to this point? Research suggests men dominate the underground, and sociological research suggests this is attributable to social practices rather than innate sex differences. However, the female hackers' perspective has not been well documented. Furthermore, the existing literature on this issue is based largely on anecdotal rather than empirical evidence. As such, it is necessary to examine the gendered experiences of hackers to expand our knowledge of how these experiences impact individuals and their behavior.
The purpose of this talk is to introduce my research agenda to study male and female hackers, and examine variations across gender. During the talk, I will lay out fundamental theoretical concepts used to discuss the different experiences of men and women on and off-line. Then I will introduce my research proposal and call for interested individuals to participate in this study. Throughout the presentation, the audience is welcome to share their personal feelings, beliefs, and knowledge about gender and hacking. The start of an open dialogue, whether formal or informal, regarding gender differences in hacking is critical to advance our understanding of this important issue for information technology and the sciences.
Technology trends are treacherous. Should you learn java or visual basic? Pay for Windows or download Linux? Will that investment in Bluetooth pay off? Or will you get suckered by a faddish book written by a fading technology guru?
You can't know the future (yet), but you can make educated guesses and tilt the odds in your favor. Meme Miner is a simple program for trend tracking. Its power lies in the business and social bandwidth concepts behind its creation.
Meme Miner shows current technology trends, but also gives an historical perspective of their past. You will NOT get a lesson in HTTP hacking in this session, but you will get practical and valuable business concepts to help survive (and perhaps prosper) in the next technology upheaval.
What if I told you, than in a few minutes and at no extra cost, you could be blocking up to 30% of all malware headed for your network? Sound to good to be true? Well it doesn't work for everyone and there are a lot of caveats, but it can be an effective way to eliminate a large portion of the malicious traffic aimed at your network. In this talk we will cover why you would want to GeoIP block and why it might not be a good choice for you. We will then get into the mechanics with actual IP blocks given and strategies for both full and limited GeoIP blocking. You have nothing to lose and may gain a valuable tool in your network security arsenal.
Encryption is simply the act of obfuscating something to the point that it would take too much time or money for an attacker to recover it. Many algorithms have time after time failed due to Moore's law or large budgets or resources (e.g. distributed.net). There have been many articles published on cracking crypto using specialized hardware, but many were never fully regarded as being practical attacks. Slowly FPGAs (Field Programmable Gate Arrays) have become affordable to consumers and advanced enough to implement some of the conventional software attacks extremely efficiently in hardware. The result is performance up to hundreds of times faster than a modern PC.
This presentation will provide a walk through on how FPGAs work, review their past applications with crypto cracking, present basic tips and pointers to developing a fast and efficient crypto cracking design, discuss overclocking FPGAs, and analyze the future growth of FPGA hardware and it's relation to current crypto ciphers. Then, a new open source DES cracking engine will be released and demonstrated which is able to crack windows Lanman and NTLM passwords at a rate over 600,000,000 crypts per second on a single low-cost Virtex-4 LX25 FPGA and provide brute-force performance comparable to lookups on a hard-drive based rainbowtable attack.
Identity theft is at an all time high. With businesses, universities and banks being compromised the threat is real right now. The media covers these area's but miss one important location that your most suseptiable to fraud, everywhere you swipe your credit card. We will pull out all the stops to help you understand credit cards, their history and how to protect yourself. Ever wonder what was in the magnetic strip of a card? Where that information goes? Who keeps your personal information, and for how long? Who is data mining this information? Who do they sell it to? All these questions and more will be answered in this presentation Defcon 11 we talked about social engineering to steal your credit card information. Defcon 12 we gave a live example on stealing credit card data from merchant networks. Now we will show you what that information is, and how to protect yourself against fraud.
Another year, another batch of packet related stunts. A preview:
Traditionally, IDS systems such as snort have been used to monitor attacks against or within a network. This talk will give the outline for turning those tools around and instead using them to audit networks. We will discuss how to identify OS's, tell who is patching, what services are being deployed (perhaps insecurely), and other methods for policy enforcement. This discussion is ideally suited for administrators and security professionals in open and/or decentralized environments, especially those charged with auditing the network. While several signatures and sample scripts will be discussed during this talk, this is a relatively new area of auditing and network security so questions, comments and volunteers will all be welcome.
Fresh from a year of grappling with Tsunamis, the IRS and building IT in Uganda, members of The Hacker Foundation will tell the story of their first year as a federally recognized non-profit organization while providing practical insight on doing charitable IT work throughout the world. Tips and tricks on everything from funding for free software projects to keeping a dust storm from killing your laptop will be presented.
The Hacker Foundation serves as a research and service organization to promote and explore the creative use of technological resources across frontiers with a global outlook.
Sick of hand-coding each and every exploit? The past few years have seen the rise of some generalized frameworks for the exploitation of vulnerabilities, but none of them are general-purpose enough to accommodate arbitrary hardware and network protocols. By applying programming language theory to the development of new networks attacks, we can create next-generation platforms capable of quickly handling arbitrary protocols and hardware, and exponentially reducing threat development time. The advances made in compilers in the past decades allow us to divorce ourselves from the tedious mechanics of custom-crafting network attacks and focus only on what we want the attack to do.
This new platform has serious implications for both good (rapidly adding 0-day exploits to your lab's regression testing with no programming knowledge) and for evil (allowing people with no programming knowledge to wield a database of malevolence). The Linguistic Platform can simultaneously accomodate both the generation of network traffic and the decomposition of packet captures for subsequent modification and playback. Using this system, a user can capture a malicious traffic stream in Ethereal, modify it as needed, and play it back on a live network. By deploying several clustered systems, it can even play back multi-node conversations, such as a man-in-the-middle attack. The design of new threats and the organization of threats into a database are also drastically simplified by this system.
In this talk, I will introduce a simple and incredibly powerful approach to the scripting, capture, and playback of malicious network traffic, and detail the design goals and considerations of a Linguistic Platform for Threat Development. Some familiarity with linguistics or finite automata will be helpful, but is not required.