'[novalug] SG-DC talk on Tuesday: Kathy Wang on Frustrating OS'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       novalug
Subject:    [novalug] SG-DC talk on Tuesday: Kathy Wang on Frustrating OS
From:       John Viega <viega () securesoftware ! com>
Date:       2004-06-25 19:20:50
Message-ID: C4E0DC50-C6DC-11D8-9696-000A959CFBBA () securesoftware ! com
[Download RAW message or body]

Come see Kathy's Defcon talk early!  As always, this talk is free to 
all comers.

Tuesday, June 29
Virginia Tech Falls Church campus (on the metro orange line)
Room 111
7:30pm

For directions: http://www.nvgc.vt.edu/about/location.html

Name of Speaker: Kathy Wang
Email: knwang@synacklabs.net

Talk Title:
Frustrating OS Fingerprinting with Morph

Talk Synopsis:
Sun Tzu once stated, "Know your enemy and know yourself, and in a 
hundred
battles you will never be defeated." By denying outsiders information 
about
our systems and software, we make it more difficult to mount successful
attacks.

There are a wealth of options for OS-fingerprinting today, evolving 
from basic
TCP-flag mangling tools such as Queso, through the ICMP quirk-detection 
of the
original Xprobe, and the packet timing analysis of RING, to today's 
suite of
multiple techniques employed by nmap. The ultimate advantage in the
OS-detection game lies with the defender, however, as it is they who 
control
what packets are sent in response.

Morph is a BSD-licensed remote OS detection spoofing tool. It is 
portable and
configurable, and will frustrate current state-of-the-art OS 
fingerprinting.
This presentation will discuss the current techniques used for OS
fingerprinting, and how to frustrate them. In addition, there will be a 
live
demo of Morph.

OS fingerprinting is one of the most useful methods available to gather
information for an attack. Some work has been done in the past to defend
against OS fingerprinting (FPF by Packet Knights), but none have been
implemented with portability in mind. A tool is needed that will allow
systems administrators to protect their assets against reconnaissance 
efforts
of potential attackers.

Speaker Bio:
Kathy Wang broke into programming with BASIC on the Apple IIgs. She has
a bachelor's and master's degree in electrical engineering from the 
University
of Michigan, where she specialized in VLSI chip design and 
semiconductor device
physics and fabrication. She worked at Digital as part of the 
Next-Generation
Alpha Chip Design Team, and got to spend an entire wonderful summer 
blowing up
Alpha chips. She has published a paper on some of the work she did 
there at an
IEEE conference. Kathy has instructed courses ranging from 
Semiconductor Device
Physics to Vulnerability Assessment and Penetration Testing.

Since Digital got broken up by Compaq and Intel, Kathy has focused on 
the
software side of things. She has worked at Counterpane Internet 
Security, and
currently works as a Senior Infosec Engineer at The MITRE Corporation. 
Kathy
is also a founder of Syn Ack Labs, a computer security research group 
focused on
cryptography, steganography, and low-level packet hijinks.

----
John Viega
CTO, Secure Software, Inc.
703-814-4402

Secure Programming Cookbook: http://secureprogramming.com
Building Secure Software: http://buildingsecuresoftware.com

_______________________________________________
novalug mailing list
novalug@tux.org
http://www.tux.org/mailman/listinfo/novalug
for subscribe/unsubscribe see web page
[prev in list] [next in list] [prev in thread] [next in thread] 