Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Tag Archives: defcon

#DEFCON Defense by numbers: Making Problems for Script Kiddies and Scanner Monkeys

dc-21-logo-smWell, I finally popped my DEF CON cherry and did a presentation at the largest hacker conference in the world… and no I’m not talking about RSA!

Despite my fears of freezing on stage and beginning to drool like a moron, I think the presentation went well. Excluding of course the point where Powerpoint decided it would die in a fire rather than show my next slide. Still, in typical DEF CON fashion there were goons on hand to deliver shots _just_ at the right time to cover the problem. This will forever be known to me now as JITAD (Just In Time Alcohol Delivery).

Hopefully the attendees took something from the presentation that they can use to make their systems a little more secure, or at least the lives of script kiddies a little harder (this is a dream for us right?).

The slides for the presentation are now online (see below), and the video will be uploaded as soon as DEF CON make the release possible.

As always, feedback on the talk, the idea and anything else is gratefully received…

Links:

  • Slideshare –> HERE

Vegas Baby!

It’s been an odd year so far… the blog has been quiet, and I’ve stepped back a little due to personal reasons over the past few months. Still, it’s overdue time for the summer cons, and this years trivector of chaos (BSidesLV, Blackhat and Defcon) is looking to be the biggest yet.

This will be my 4th trip to Las Vegas, and one thing I learnt from my first visit was to “throw the plans out the window!”. I spent far too long planning each and every aspect of my trip that first year, and as a result I missed out on a lot of things. Still, live and learn eh!

There will (almost) always be the chance to go back and watch the videos from most presentations (excluding those from Skytalks and the underground track at BSidesLV). So take time to meet people, talk shop and discuss things. One of my big goals this year is to meet new people… so say hi if  you see me. I only bite when provoked ;)

Instead of setting things in stone I wanted to pick a couple of talks I really want to hit when in Vegas. So, without further ado, here’s my top talks to attend… it’s a short list, so don’t take offence if you’re talks not on it. Sorry….

- BSidesLV -

Top Picks:

  • Empirical Exploitation (HD Moore)
  • Burp Suite – Informing the 99% of What the 1%’ers Are Knowingly Taking Advantage Of (James Lester & Joseph Tartaro)
HD always puts on a good show, so I’m interested to see what comes out from his bag of crazy this year. The Burp Suite talk also looks to be interesting. Like many I spend a good deal of my life stuck in Burp Suite, so anything that can be done to expand and improve is a good thing in my book!

Bonus Round:

  • Breaking Microsoft Dynamics Great Plains – An Insider’s Guide (David Keene)

I have a soft spot for Microsoft Dynamics, as my girlfriend is an AX programmer… What can I say ;)

Note:

BSidesLV has an entire track (underground) that won’t be recorded or discussed in the press… if you can, these are probably some of the best talks to see. Unedited, raw, and unapologetic!

- Blackhat -

Due to Blackhat and BSidesLV taking place at the same time I’m not sure how long I’ll have to look around and see talks. Still, if possible I want to swing by and catch at least one talk…

Top Picks:

  • SexyDefense – Maximizing the home-field advantage (Iftach Ian Amit)
  • Confessions of a WAF Developer: Protocol-Level Evasion of Web Application Firewalls (Ivan Ristic)
I’m interested to see where Ian has gone with this since discussions (started?) in Cali last year. Sexy Defense has been talked about a lot, so I hope to see some actionable pointers.

Bonus Round:

  • iOS Security (Dallas De Atley)

How can I not put Apple’s official talk on the list… although I’m not heavy into iOS or mobile, I’m interested to see what Apple talk about, given their historic silence on anything even remotely security related!

- Defcon 20 -

Defcon turns 20… almost old enough to get wasted and wake up in its own vomit! Still, this year looks like it’s going to be fun.

Top Picks:

  • Don’t Stand So Close To Me: An Analysis of the NFC Attack Surface (Charlie Miller)
  • Uncovering SAP Vulnerabilities: Reversing and Breaking the Diag Protocol (Martin Gallo)
  • Weaponizing the Windows API with Metasploit’s Railgun (David ‘thelightcosine’ Maloney)

SAP, NFC and Metasploit… what’s not to love!

Bonus Round:

Note:

Skytalks are a side area where unrecorded presentations take place. Last year it was home to some of the best presentations of the con… if you take the time to see just one talk, make it something from Skytalks!

Hope to see you in Vegas!

Vegas gone wild

Well another year has come and gone in the infosec world. Just as accountants have their financial year, I think it’s safe to say that the infosec community revolves around the yearly Vegas ritual that is Blackhat and Defcon.

Some of you m ay have noticed that there was a distinct lack of blogging fro me during this years events, and for that I apologize. This year I really wanted to spend more time really talking to people and experiencing the hallway track that so many people miss entirely. You can never attend all the talks, and the best laid plans of mice (and men) amount to nothing once the first good discussion starts! So why fight it. I find that I can get much more out of a 4am discussion with somebody than I can get from even the most well researched presentation. Plus, if you want to see the talks, you can always buy the DVD set, or wait till they’re released! The hallway track and events like the Skytalks are limited to on-site. Be there, or miss out!

So with these things in mind here’s some comments from Vegas…

BSides

This years BSides event prior to Defcon was amazing… There are almost no words to describe the hotel that was selected to house this years event. I can’t think of a better place to hold the event, and I can’t wait to see what they come up with in 2012! BSidesLV is getting big… there’s no two ways around it. From it’s humble beginnings it’s grown to over 600 people attending and a large amount of people blowing off Blackhat entirely just to attend. BSides tickets were the hottest in town with walk-ups being turned away and requests for tickets (mostly through twitter) coming thick and fast.

I commented once that the size of BSidesLV means that it’s lost some of it’s interaction that it originally touted. I know Vegas is always going to be bigger, better, faster, more! but I stand by that comment. I loved the event and had some great discussions. The most memorable being the PTES discussion that started from the “Fuck the PTES” presentation. It was a great and frank exchange of views, knowledge and thoughts, and drives home what I consider to be the real plus behind BSides events!

With that said though, I saw a lot of people just attending… and the manta of BSides was always that there are no attendees. Everyone participates. I didn’t see that this year. Maybe it was too big, maybe it was the fact that there was a topless swimming pool! Who knows for sure. I just think things need to be tweaked in order to bring back that feeling of community sharing for next years event.

Location: 9
Feel: 7
Interaction: 6
Information: 8

Overall: 7.5

Defcon

Thank goodness for the Rio! Yes I said it… the Riviera was too small for Defcon 17, far too small for Defcon 18, and might well have crumbled under the number if they’d held Defcon 19 there. The Rio has a lot to learn when it comes to handling hackers, but they tried, and that’s what counts. The extra space, better flow and just general “not as shitty as the Riv” feeling was a welcome change from the last few years. Sure you still have to line up to get into the popular talks, but that’s to be expected. There was room for all, and enough spare for things that needed to be done. The Rio even catered for the last minute blood drive, which from all accounts went very very well I hear.

The talks this year were varied and interesting. Although I found some to be less than inspiring when it came to the actual presentation itself. Just because you’re a great researcher, penetration tester, or developer, doesn’t automatically mean you’re a great speaker. Still, there’s not much Defcon can do to change that unless they start free classes on how not to use Powerpoint! If you presented and want feedback, ask. People are happy to give it, if you ask in the right way. If you ask “What do you think?”, most people will say “It was good”. Be specific. Ask what people thought of the slides, or the presentation style, of the content. Anyway, I’m getting off topic, sorry.

As always the hallway track and the smaller contests, Skytalks and general banter were much more important to me than the content in most cases. Don’t get me wrong, I went to some talks and saw some great stuff… but taking the time to really chat to the speakers afterwards is where the real content is.

Location: 7
Feel: 7
Interaction: 8
Information: 7

Overall: 7.25

If you take one thing from this blogpost, it’s that interaction is the most important thing at these sort of events. Talk to people, introduce yourself to new people. Make contacts, and take the time to really enjoy yourself!

See you all next year I hope! It’s the start of a new Infosec year…

PS: No, Mr Evans didn’t show up!

Defcon 12,000 : Evans 0

My picks for BSidesLV and DefCon 2011

Now that I have confirmed 100% I’ll be in Las Vegas (family stuff…) here are some of my picks for the top talks I’m looking forward to seeing this year.

To be honest if I get to even half these I’ll be happy! This time of year is more about the hallway track and meeting new and old friends… Still, here’s my top picks for BSidesLV and DefCon / DC SkytTalks this year!

BSidesLasVegas Top Picks

  • Siemens / SCADA 0day – Dilion
  • Hacking webapps is more fun when the end result is a shell! – Joshua Abraham
  • Something Awesome(TM) – HD Moore

DefCon Top Picks

  • Hacking your victims over power lines – Dave Kennedy
  • Don’t drop the SOAP – Tom Eston, Joshua Abraham, Kevin Johnson
  • Metasploit vSploit modules – Marcus J. Carey, David Rude, Will Vandevanter

DefCon Skytalks top Picks

  • Hacking with QR Codes – Pyr0, Tuna
  • Walking the Green Mile: How to Get Fired After a Security Incident – Brian Baskin
  • Planes Keep Falling On My Head – Chris Roberts

Well, there you have it. I tried to keep it to 3 picks per “con”. Realistically I know I’m never gonna see all of them, but it’s nice to dream!. See you in Vegas!

As always, I’ll be the ugly British guy with no hair and orange glasses ;)

Links :

Follow

Get every new post delivered to your Inbox.

Join 121 other followers