A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Louisville Infosec 2009 Videos

Louisville Infosec 2009 Videos

        Below are the videos from Louisville Infosec 2009 conference. Enjoy.


Insider Attacks: The How's, Why's, and What to Do's Dr. Eugene Schultz Louisville Infosec Conference Video 
An insider attack is intentional misuse by individuals who are authorized to use computers and networks. Insider attacks result in more financial and other loss than another other type of attack. Worse yet, detecting insider attacks is one of the most difficult tasks facing information security professionals, but an increasing amount of information about the nature of these attacks and strategies that inside attackers use, and ways of both preventing these attacks and/or limiting the damage that they can cause is becoming available. Based on this information, this talk describes the major types of risk resulting from the insider attacks, major types of insider attacks and motives for these attacks, appropriate information security policy provisions relevant to insider risks, how to better predict and detect insider attacks, and how to respond appropriately when insider attacks occur.

About the speaker: CTO at Emagined Security, previous manager of an information security practice and national incident response team, and retired professor of computer science at University of CA at Berkeley.  Gene is the author/co-author of a book on Unix security, another on Internet security, a third on Windows NT/200, a fourth on incident response, and the latest on intrusion detection and prevention.  He is the former Editor-in-Chief of Computers and Security (2002-2007), is an associate editor for Network Security, is a SANS instructor and member of SANS NewsBites, has co-authored the 2005 & 2006 Certified Information Security Manager preparation materials, and is on the technical advisory board of three companies.  He has received numerous industry and academic awards and has even provided expert testimony before committees in the US Senate and House of Representatives.  


The Internet is Evil John Strand Louisville Infosec Conference Video
Back by popular demand!!  SANS professor and technical guru extraordinaire, John Strand, joined us again this year to share more of his in-depth technical knowledge and rock-n-roll personality.   John currently teaches the SANS GCIH and CISSP classes, and is a key player in their local mentor program.  His extensive experience in computer security and education encompasses the areas of intrusion detection, incident response, vulnerability assessment/penetration testing, specialized multi-level security solutions, security architectures, program certifications and accreditation.  Whew!  But that's not all.  He holds a Masters degree from Denver University, where he is also a professor.  Amazingly, he still finds 'spare time' to write loud rock music and make futile attempts at fly-fishing.

 Paul Asadorian wrote on his blog -

"While all of the presentations got rave reviews, one of the keynote speeches was particularly interesting. John Strand gave a keynote speech titled "The Internet is Evil". Most of us know that the Internet is evil, but John wants us to do something about it. He challenges us to think differently about defense, question how much, if any, Internet access your users should have. He also brings up a good point about the perceptions of users. Many believe that the average user is not knowledgeable about computers, when in reality they are using anonymizing proxies to bypass corporate web filtering. John then went on to identify two areas of "security" that need improvement. I put "security" in quotes, because it's a false sense of security that the following provide:

  • Anti-virus - John points out a new service that allows you to upload your binary and have it encoded by several different programs, then review a report of which Anti-virus engines caught it, and which ones did not. You can find more information on the PolyPack web site.
  • SSL - SSLStrip is a tool that tricks the user into running a connection over HTTP instead of HTTPS. You can watch a video demonstration of this tool in action to get a better idea how it works. John then goes on to show how this could be combined with attacks against BGP to intercept traffic without having to be on the same subnet as your victims.
John then went on to cover defensive techniques that work, such as using firewalls not only to restrict outgoing access, but also to enable the built-in firewall on all of your hosts (especially desktops). The other interesting idea he presented was to treat your user desktop subnets as hostile. I know this may sound like a radical idea, but if the users are accessing the Internet and exposing their systems to malicious code, it's best to treat them as if they are already infected with malware. I've used this tactic when developing security strategies for universities and it works quite well."

 


The Seven Habits of a Successful Information Security Career Manager Lee Kushner Louisville Infosec Conference Video
Due to the growth of the information security industry and the popularity of our profession, future competition for information security leadership roles will intensify.  As the number of qualified information security professionals grow, it will become increasingly more difficult to accomplish your long term career goals and objectives.   To succeed in the information security employment market of the future, you can no longer be "good," you will have to be "better."

The presentation will demonstrate to the audience how to become more effective managers of their own information security career.  Topics that will be covered include career planning, career investment strategies, personal branding, and professional "network" development.  At the conclusion of the presentation, attendees should have the framework for building a career plan that is best suited to their personal career goals.

Speaker: Lee Kushner is President of LJ Kushner and Associates, LLC, an executive search firm dedicated to the Information Security industry and its professionals.  Since 1996, he has provided career management guidance to industry professionals at all skill levels.    He is a regular presenter on topics that include career planning, interview preparation, and employee recruitment and retention.   He is the co-founder of www.infosecleaders.com, a career advice resource for information security pros.

 


Attacking SSL PKI Mike Zusman Louisville Infosec Conference Video
The last year has been a rough one for SSL PKI. Fraudulently provisioned certificates, MD5 collisions, SSL spoofing attacks, and most recently, attacks against EV SSL. The variety of these attacks shows us how big the attack surface of SSL really is. From crypto attacks to browser design flaws, attackers have choices when it comes to man-in-the-middling SSL protected web sites. This presentation covers one of these vectors: real attacks against CA web sites. While some folks look to CAs for guidance when it comes to conducting secure business on the Internet, the CAs themselves can fall victim to the same attacks consumers look to them for protection against. EV SSL is a step in the right direction, but with a heavy reliance on low-assurance domain validated SSL certificates, can we ever get SSL right?

Speaker: Mike Zusman is a Principal Consultant with the Intrepidus Group. Prior to joining Intrepidus Group, Mike has held the positions of Escalation Engineer at Whale Communications (a Microsoft subsidiary), Security Program Manager at Automatic Data Processing, and lead architect & developer at a number of smaller firms. In addition to his corporate experience, Mike is an independent security researcher, and has responsibly disclosed a number of critical vulnerabilities to commercial software vendors and other third parties. He has spoken at a number of top industry events including Black Hat, CanSecWest, DEFCON, regional OWASP conferences, and also teaches Information Security & Penetration Testing at NYU/Polytechnic University. Mike brings 10 years of security, technology, and business experience to Intrepidus Group. He is a CISSP and an active member of the OWASP foundation.

 


Blocking the Covert Channels Used for Malicious Data Theft Alex Lanstein Louisville Infosec Conference Video
Browser-based computing, mobility and social networking are giving rise to a new breed of threat: stealthy Web-borne malware. Cyber criminals are using the Web as their prime infection vector to take over enterprise and consumer PCs, and embedding malicious code within user-generated content websites, third party ads, and high-traffic web applications.

The fact is today's threats exploit the inability of "traditional" network protection to provide a unified defense against a cyber criminal who attacks on multiple fronts, from OS exploits, browser attacks, and increasingly, plug-in/widget vulnerabilities.

Companies need "modern" tools that offer both accuracy and advanced detection techniques to prevent the calculated, surgical access and theft of their critical information. Tool Talk attendees will learn:

- The extent of today's sophisticated Web malware and how it works.
- Key differentiators between data leakage and malicious data theft
- Why traditional solutions are powerless to stop today's insidious threats
- How a new network security tool can foil break-ins and detect future infections
- Real-world results from an organization that is using this new solution.

Speaker: Alex Lanstein, Senior Researcher, FireEye - At FireEye, Alex handles a broad set of responsibilities including product engineering, sales engineering, and security research. Most recently, his security research was published by The Washington Post, PC World, The Register, and Cisco Systems, where he uncovered botnet and Web malware sites associated with McColo Corp. His work was key in taking McColo off the Internet as well as significantly reducing worldwide spam. Prior to FireEye, Alex was founder, owner, and network administrator of an Internet hosting company. His areas of expertise include botnets, malware, network security, and functional binary analysis. Alex has a B.S. in Computer Science from Connecticut College.
 

 


Darknets: Fun and games with anonymizing private networks Adrian Crenshaw Louisville Infosec Conference Video
This talk will cover the basics of semi-anonymous networks, their use (political dissidence, file sharing, gaming and pr0n), how they were developed and what they mean to organizations. The main focus will be on the Tor, Freenet and anoNet Darknets, their uses and weaknesses.

Speaker: Adrian Crenshaw - Adrian Crenshaw has worked in the IT industry for the last twelve years. He runs the information security website Irongeek.com, which specializes in videos and articles that illustrate how to use various pen-testing and security tools.

 


Compliance Strategy and Planning - Building an Effective Application Security Program John Pavone Louisville Infosec Conference Video
Compliance doesn't make you secure, but a good application security program can ensure your applications are compliant with all major regulations, including PCI, FISMA, SOX, and HIPAA. Application security is no longer a choice. Between increasing number of attacks and regulatory pressures, organizations must demonstrate their capability to secure their applications. Given the staggering number of applications and lines of code already in production, many organizations are struggling to identify a cost-effective and compliant approach to gaining this assurance.

Through a series of case studies and scenarios, John will provide awareness of application security vulnerabilities and verification techniques, compare pros/cons of remediation approaches taken, and provide a practical and tried method in establishing a positive application security program.  A program based on four simple balanced focus areas that leverage people, process, and technology to build the capability to reliably produce secure applications.  Together, these areas with established practices will enable your organization to successfully manage, improve and sustain an application security initiative in a cost effective and regulatory compliant manner.

Speaker: John Pavone is Aspect Security's Acceleration Services Practice Lead, specializing in the enablement of application security within organizations.  John has been an IT professional for over 20 years. In the last 12 years, John has concentrated solely on Information and IT Infrastructure Security.

 


SAS 70 Compliance Auditing Rick Taylor Louisville Infosec Conference Video
Speaker: Rick Taylor, CISA
, Director of Information technology and Internal Audit, Hawkins Company CPAs - Rick Taylor is the Director of the Information Technology and Internal Audit Services at Hawkins Company CPA's and has been with the company since 2002.  He has more than 24 years' IT experience with regional accounting firms, national corporations (including AEGON USA and YUM! Brands, Inc.), and over 12 years' experience at financial institutions, including PNC Bank, Great Financial Bank, and Star Bank.  He has performed system security and compliance audits based on federal regulatory standards, and his vast knowledge and work with network architecture, disaster recovery, product development, and situational analysis have led to innovative and cost-saving solutions for many clients.
 

 


Virtualizing the Security Architecture: Defending Virtual Servers and Applications Jason Wessel Louisville Infosec Conference Video
Will discuss the push of virtualization in the enterprise and how to use virtualization in a manner that does not compromise the security of the enterprise architecture.  The presentation will cover the following areas:
Drivers that are pushing enterprises to accept virtualization
The impacts and challenges that virtualization has on designing security into enterprise architectures
The new threat vectors virtualization introduces in an enterprises
Defense-in-Depth based strategies for security virtualization in the enterprise

Speaker: Jason Wessel has over 12 years of enterprise security architecture experience as a sec consultant for both large and small to medium sized enterprises. His strength is developing integrated security solutions for complex network environments with numerous custom applications. 


Bob's Great Adventure: Attacking & Defending Web Applications Paul Asadoorian Louisville Infosec Conference Video
We will explore the age old debate between Alice and Bob, learn about the latest web application attacks and tools, and learn about the latest defense.

 Speaker:  Paul Asadoorian - Paul is the product evangelist for Tenable Network Security, where we writes and produces content to support the Nessus vulnerability scanner in addition to several enterprise products.  Paul is also the host of PaulDotCom Security Weekly (http://pauldotcom.com), a weekly podcast discussing IT security news, vulnerabilities, hacking, and research, including interviews with some of the top security professionals. He is also the co-author of Ultimate WRT54G Hacking, a book dedicated to embedded device hacking and wireless security. Paul's other efforts include a monthly webcast discussing the latest hacking techniques and news, penetration testing, and coaching capture the flag hacking events. 


Advanced Data Recovery Forensic Scott Moulton Louisville Infosec Conference Video
Every hard drive will die a quick and sudden death sooner rather than later. What happens after that death can be very important to your data and become the deciding factor in its survival. Forensics relies on the data, because without it there is no case. I will display the inner workings of a hard drive in a beautiful animation and discuss the successes and failures in rebuilding a hard drive and recovering the data. I will teach you what to look for and how to accomplish this task on your own so you might be able to recover your own data without sending it to an expensive recovery house. We will delve into the platters and heads to show you when there is a good probability of success. The animated presentations will make it clear how a hard drive works and educates you on the interworking most forensic experts don't know!

Speaker: Scott Moulton is president of Forensic Strategy Services, LLC and the lead recovery expert for a data recovery company called My Hard Drive Died.com. Mr. Moulton began his forensic career with a specialty in rebuilding and repairing hard drives for legal cases. Many times while working on a case, Mr. Moulton will be given hard drives that had already failed in an effort to *blame* the opposition or to impede performance and increase the cost to the opposition.

Scott Moulton has successfully rebuilt and performed recoveries for many investigations and has given depositions and testified in many complex cases involving homicide, embezzlement, theft, divorce, child pornography and corporate fraud, among others. Mr. Moulton has also been involved in a precedence setting case about port scanning. In addition Mr. Moulton currently holds a private investigator license in the state of Georgia.

 


Blending business and technical benefits together to achieve an effective and streamlined compliance assessment. Jim Czerwonka and Jimmy Noll Louisville Infosec Conference Video 
The business considerations of determining where an organization stands with its IT enterprise wide compliance posture from a senior management perspective to the technical professional's perspective. We will address creating a cost effective and efficient compliance program through the use of technical resources and automated tactical tools to meet senior management's compliance strategy. 

Speakers:  Jim Czerwonka and Jimmy Noll 

Mr. Noll, CISSP is the Director of Security Solutions with Systems Design Group. Mr. Noll manages the daily operations of the security practice. He also served as SDG's senior technology consultant where he spent the last six years focused on information security and network infrastructure design and protection for clients.

Mr. Czerwonka, CISA, CISM, CGEIT is a Compliance Specialist with Systems Design Group. He has significant tactical and management experience as a compliance and audit, information technology, and business process professional. His industry experience includes healthcare, manufacturing, "Big 4" IT audit and management consulting, and financial services
 

 

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast