'[Full-disclosure] DC4420 - London DEFCON Tuesday 26th Feb 2013'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] DC4420 - London DEFCON Tuesday 26th Feb 2013
From:       Major Malfunction <majormal () pirate-radio ! org>
Date:       2013-02-25 9:27:48
Message-ID: 512B2E94.1040302 () pirate-radio ! org
[Download RAW message or body]

Apologies for the late announcement...

Tomorrow we have a particularly excellent line-up!

Primary Speaker:

Arron Finnon - Finux Tech Weekly

Title:

"The OSNIF Project: NIDS/NIPS Testing and Auditing"

Synopsis:

Yeah great, I know its not a silver bullet! NIPS/NIDS have issues, and
that's putting it lightly. I've talked about their limitations for
awhile, and I get either "that's awesome" or "they've been done to
death". The truth is, we achieved nothing in fixing the problem. We can
moan about how rubbish they are, we can pretend it's not our problem, or
we can start to address the situation. For too long we've moaned, we've
made comments and done little to make them better. Vendors are making
money off products we all know could be doing a better job. Here's a
crazy idea, let's talk about the issues, why they suck, and this time
actually do something! What is to be lost by trying something new? Let's
accept they fail and instead, turn that frown upside down. This talk
isn't an answer, it's a beginning. Looking at some of the common and
uncommon issues faced in trying to make NIDS/NIPS better, and why we
fail at finding solutions. I don't have all the answers, however I
intend to answer one simple question; What is OSNIF?

I intend to look at the current situation surrounding testing and
assessing NIDS/NIPS and basically why it sucks.  I'll also discuss the
Open Source Network Intrusion Framework (OSNIF) project, which is a open
group set up by people involved within IDS/IPS to put together a testing
methodology for IPS/IDS.  Sort of OWASP but for NIDS/NIPS

~~

Secondary Speaker:

Adrian Hayter - Convergent Network Solutions

Title:

"The dangers of black box devices. Or...just how many insecure IP 
cameras are out there?"

Synopsis:

Last year a security vulnerability left hundreds of TRENDnet IP camera 
feeds exposed on the Internet, many of them broadcasting their owner's 
living rooms, or (even more disturbingly) children sleeping.  One year 
on, and despite assurances from TRENDnet, a large number of feeds are 
still accessible. Over the last several months, I've hunted down the 
feeds of numerous types of camera and slowly built up an online viewer 
to illustrate the problem that these black box devices pose to 
uneducated users. This talk will give an overview of the processes 
involved in creating the viewer, as well as showcasing some of the more 
bizarre & interesting feeds that are still broadcasting to this day.

Venue is here:

   http://www.phoenixcavendishsquare.co.uk/

Full details:

   http://www.dc4420.org/

See you there!

cheers,
MM
-- 
"In DEFCON, we have no names..." errr... well, we do... but silly ones...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic