For the most recent presentations please visit our Slideshare Page.

Abstract:

“Many organizations are faced with the challenge of providing a “guest” wireless network. This network is intended to provide your guests, such as contractors, visiting faculty, patients, or training rooms, consultants, with wireless access to the network.”

Abstract:

“Security incidents come in many forms, from attackers breaking into computers, unauthorized attempts to sniff wireless networks and collect information, and stolen laptops or phones. This example is the latter, a stolen smartphone.”

Abstract:

“Embedded devices can often perform the same tasks as workstations and servers while consuming less space and power, generating less heat, and being more cost-effective. Paul Asadoorian describes why you’d want to “hack” (install new firmware on) embedded devices, and which hardware and firmware choices are the best, so you can make your $40 router do things typically found in a $600 device!”

Abstract:

“…this article will focus on ex-ploring vulnerabilities, and associated risk, with wireless access points, routers, printers, and some other common devices on the network. The methods of vulnerability discovery and defense against attacks can be applied to many different types of embedded devices in different environments.

Abstract:

“This book will teach the reader how to make the most of their WRT54G series hardware. These handy little inexpensive devices can be configured for a near endless amount of networking tasks. The reader will learn about the WRT54Gs hardware components, the different third-party firmware available and the differences between them, choosing the firmware that is right for you, and how to install different third-party firmware distributions. Never before has this hardware been documented in this amount of detail, which includes a wide-array of photographs and complete listing of all WRT54G models currently available, including the WRTSL54GS.”

Abstract:

“Mac OS X has one of the more secure default installations. However, as OS X gains popularity, attackers tend to take notice. We see more hacking tools, articles, and security incidents related to OS X as time goes on. Thankfully OS X’s BSD-based subsystems make it very configurable, especially when it comes to security settings, which helps to set it apart from the rest. Below are some tips to get you started securing OS X.”

Abstract:

“There has been much debate lately between two different browsers, namely Microsoft¿s Internet Explorer and the Mozilla Project¿s Firefox web browser. Security is in the center of this debate, accompanied by features and usability. This article will focus on the security aspects, particularly the risks involved with running any web browser and how to overcome some of these security shortcomings.”

Abstract:

“IPAudit is a handy tool that will allow you to analyze all packets entering and leaving your network. It listens to a network device in promiscuous mode, just as an IDS sensor would, and provides details on hosts, ports, and protocols. It can be used to monitor bandwidth, connection pairs, detect compromises, discover botnets, and see whos scanning your network.”

Abstract:

“I am often asked what it is the average user can do on their home networks to secure their own wireless implementation. Quite frankly, I never have any really good answers, at least ones I am truly comfortable with. I tell them to use encryption (WEP, or Wireless Equivalent Privacy), MAC address filtering, and don¿t broadcast the SSID.”

Abstract:

“Many environments that I encounter are using a Defense-In-Depth network security strategy. They have implemented firewalls, Intrusion Detection, VPN, and have a good security policy. When asked, however, how they manage their large installation of Cisco network devices, the reply many times is clear-text telnet, no username/password authentication combination, and very little in the way of auditing logs. The goal of this paper is to provide an easy guide for network administrators to implement secure remote access for all Cisco networking equipment.”

Abstract:

“NULL sessions take advantage of ¿features¿ in the SMB (Server Message Block) protocol that exist primarily for trust relationships. You can establish a NULL session with a Windows host by logging on with a NULL user name and password. Using these NULL connections allows you to gather the following information from the host…”

  • Network Intrusion Detection, Third Edition. Nothcutt, Novak. pg. 267-268.

Abstract:

“This paper looks at tools and methods for auditing metadata available via the internet in common file types. It includes examples of the tools, how to acquire the electronic documents (and the associated risks), and how to analyze the data. We’ll employ real world scenarios highlighting some of the tools to conduct reconnaissance, and show how we can utilize the information we’ve gathered to deliver a specific, targeted client side attack with high confidence that it will be successful. This paper will show how often forgotten document metadata can lead to getting you owned.”

Abstract:

“This is the perfect guide if network security tools is not your specialty. It is the perfect introduction to managing an infrastructure with freely available, and powerful, Open Source tools. Learn how to test and audit your systems using products like Snort and Wireshark and some of the add-ons available for both. In addition, learn handy techniques for network troubleshooting and protecting the perimeter.”

Abstract:

“This book will teach the reader how to make the most of their WRT54G series hardware. These handy little inexpensive devices can be configured for a near endless amount of networking tasks. The reader will learn about the WRT54Gs hardware components, the different third-party firmware available and the differences between them, choosing the firmware that is right for you, and how to install different third-party firmware distributions. Never before has this hardware been documented in this amount of detail, which includes a wide-array of photographs and complete listing of all WRT54G models currently available, including the WRTSL54GS.”

Abstract:

“Many smaller organizations can benefit from rogue wireless access point detection while utilizing a very limited budget. This GIAC Honors paper illustrates how to build such a system with inexpensive hardware, and covers design considerations and issues related to the system.”

Abstract:

“Ethereal Network Protocol Analyzer Toolkit provides the reader with a completely integrated book and companion Web site to analyze network traffic using Ethereal, the world’s most popular network protocol analyzer on Windows, Unix, and Apple OS X. This book covers everything from the fundamentals of protocol analysis, to analyzing real world malicious code to programming advanced protocol dissectors.”