Sunday, January 15, 2006

ShmooCon Wrap-Up

As soon as I returned from DoD Cybercrime, I headed to ShmooCon. I attended last year but didn't speak. This year David Bianco and I presented Network Security Monitoring with Sguil. I was very surprised by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 number of people who attended our talk. I hope you liked it. I brought about 30 books provided by various publishers over cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 years, and distributed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m in an ad-hoc manner at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 end of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 talk. If you received a book, I would very much appreciate seeing a review posted to Amazon.com.

I started ShmooCon by arriving late to Dan Geer's keynote. Even seeing only half cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 talk, I was incredibly impressed. Dr. Geer is a biostatistician in search of a computer security hypocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365sis to test. I cannot do his talk justice, as I was reduced to trying to take notes by writing in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 margins of a book excerpt I received in my conference bag. Here are a few highlights:

  • Dr. Geer noted that our field "suffers nothing but ambiguity over who owns what risk." It is "completely cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 opposite" in banking, thanks to "massive simulations" and explicit assignment of risk.

  • Dr. Geer reported that a "major bank" "will not spend any more time on prevention, only response." When a patch arrives from Microsoft, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y simply apply it. If cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 patch breaks something, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y fix it. The bank no longer cares about Mean Time To Failure. All cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y track is Mean Time to Repair. Dr. Geer said this approach is not unusual and it is more common than you might think.

  • Dr. Geer warned that "we are in danger of being overtaken by people with credentials and process instead of skill and knowledge." This sounds like a warning against auditors and non-technical people.

  • One sixth of security vulnerabilities are found by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 owners of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 flawed software. That means five sixths are found by ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rs.

  • Dr. Geer uses a disease model for computer security. He said we don't need every system to be patched, only "enough." This is called "herd immunity." Enough members of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 community are immune to keep cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 disease from destroying cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 group.

After Dr. Geer's talk I listened to Joe Stewart of LURHQ describe his sandnet concept. The sandnet is a research network for analyzing malware. Joe said that malware can be investigated by code review or behavioral inspection. Code review is complete but time-consuming and skill-intensive; behavioral inspection is incomplete but faster and easier. Sandnets assist with behavioral inspection by giving malware a real host and a simulated network in which to operate.

A sandnet is unique because it is a structured, semi-automated way to use real machines for malware analysis. Too much malware that Joe researches is VMware-aware, mostly using a backdoor I/O function call. Since his sandnet runs on real hardware, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 malware doesn't realize it is being watched. To simulate cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network, Joe has a gateway pretend to be cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet. If cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 malware needs to retrieve a certain file, Joe watches for what it requests and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n places it on his gateway where cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 malware expects to find it. Expect to see more details released through LURHQ shortly.

Next I watched acidus (Billy Hoffman from SPI Dynamics) describe Covert Crawling. Essentially he has implemented a means to mirror Web sites in a manner that simulates a human user racá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r than a simple retrieval of all Web site pages. In some ways his work appeared to be a "solution in search of a problem," because he assumes Web site administrators pay attention to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir logs and check who is mirroring or ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rwise investigating cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir sites. On cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r hand, I know his work will be of great interest to many parties who want to add anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r layer of discretion to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir Web site surveillance activities.

After acidus I saw Dan Kaminsky's latest "Black Ops of TCP/IP" presentation. I think I first saw Dan speak four years ago, and he always delivers. His latest research demonstrates a way to abuse IP fragment reassembly timers to fool IDS/IPS. He explained that highly complex inline devices are easy to fingerprint, since each device accepts or rejects traffic differently -- especially at layer 7. Dan also presented updated data on his adventures investigating Sony, and introduced Xovi, his streaming graph visualization framework. Dan said you can feed Xovi Tcpdump data, which I would love to try.

I started Saturday by arriving late for Jennifer Granick's keynote. (Hey, I live about an hour away, I need to find parking, etc.) Thankfully she ran about 20 minutes over her allotted time, so I probably listened to her for 50 minutes or so. She spent a good deal of time talking about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 implications of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Bush administration's domestic spying program. With privacy in mind, I cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n turned to a talk on improvements in Tor that frustrate identifying hidden servers. Basically cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 old version allowed malicious parties to identify hidden servers by joining cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Tor network and carefully inspecting traffic.

After hearing about Tor I attended a fascinating talk about Kryptos by Elonka Dunin. Kryptos is a scuplture at CIA HQ with four sections of ciphertext. Three have been decoded, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fourth remains a mystery. I recommend visiting Elonka's site for more information.

I turned back to computer security issues by attending a BoF on reverse engineering hosted by Pedram Amini and Chris Eagle (author of ida-x86emu and Naval Postgraduate School professor). That was an insane group. Greg Hoglund from Rootkit.com sat in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 front row and contributed a lot to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 discussion of reverse engineering, including his work analyzing Warden. Pedram encouraged people to share what cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y know at OpenRCE.org. A lot of people chimed in regarding Ilfak Guilfanov (IDA Pro developer). Steve Micallef's IDA Plugin document was brought up, as was rom.by (warning: Russian).

I managed to see most of Mike Rash's presentation on single packet authorization (SPA), which was cool. I was nervous because I was speaking next, so it was tough to concentrate. After my talk I participated in a Snort BoF held by Brian Caswell and Lurene Grenier. They made good points on high-performance Snort operation, including using an architecture-specific compiler to get better performance. In ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r words, avoid GCC and use an Intel compiler on Intel, an AMD Compiler on AMD, and so on. Brian mentioned zero copy as a means for faster packet collection, along with Endace NICs. I was fairly burnt out after that, so I headed home. I didn't return for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 talks on Sunday, since I wanted to go to church and spend some time with my family.

Four aspects of ShmooCon stand out.

  1. The Shmoo Group threw tons of manpower at this conference. I saw red shirts everywhere. This was welcome and unlike any ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r conference I've attended.

  2. The quality of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 talks was very good. They were not all stellar, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 value for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 money is absolutely unparalleled.

  3. I have not spoken with so many recognized speakers, authors, and researchers anywhere else. I personally shared at least a few words with Eric Cole, Jenifer Granick, Greg Hoglund, Brian Krebs, Dan Langille, Dru Lavigne, Ike Levy, Johnny Long, Mike Poor, Mike Rash, George Rosamond, Marcus Sachs, Ed Skoudis, and Visigoth. Several Sguil users were cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re, including #snort-gui regulars like Hanashi (with whom I presented), nr, snortboy, and transzorp. Many people were kind enough to say hello, and one even gave me a coin from his three letter .gov agency.

  4. Many of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 talks are available for sale in DVD format from Media Archives. I am sure cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir Web site will be updated to reflect ShmooCon soon, but I already see my talk in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir catalog.


Kudos to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Shmoo Group and founder Bruce Potter.

If you didn't attend ShmooCon last year, please consider it for 2007. If you did attend this year, what did you think?

Incidentally, did anyone attend cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 BoF were SANS certification and teaching schedules were debated? If so, would you mind posting some comments here?

12 comments:

Hugh McArthur said...

Just an all around great con/event! After spending all day Saturday at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Wardman Park Marriott I can tell you that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is not a better security event for your $s anywhere...

Compared to what you get for your money at say a SANS and/or a CSI event, ShmooCon is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 clear winner.

Couple of highlights - Fyodor did a great presentation on Nmap.

I also liked kaos.cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ory and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir Anonym.OS LiveCD.

Anonymous said...

hey richard, i happened to attend your talk at shmoo. it was pretty good.. unfortunately when David Bianco took over, it seems like cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 room died. I'm pretty sure enough people cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re have cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 foo to figure out what he was blabbing about. it was not complex or very indepth.

your talk however was excellent, answering questions I had about postgres portability. I agree cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 snort bof was cool, hearing from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 snort guys cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365mselves how to make snort Uber fast. It would be interesting to do some tests.

Thanks for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 talk, it was really informative

Anonymous said...

Shmoocon was worth cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 money no question. Even with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fun of trying to find parking - a nice 1 mile hike for me :)

I really found Jennifer Granick's presentation thought provoking. Her challenge to dc area folks to ensure that democracy was built into technology was interesting.

Fyodor as always was fun, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 demonstration of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 speed improvments for NMAP were astonishing, as was his "using NMAP to find images" talk.

Richard your talk was very good in contrast to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 last poster I felt cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 audience was a bit unprepared for much of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 technical side of it. Many people only see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 offensive side of information security and few focus on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 defensive nature. SANS courses honestly are a joke as are many of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "experts" who claim to be network security analysts because cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y graduated. Sguil is a great tool, however I do see much of that functionality in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 SIM space today - you have too look deep but it does exist. However, Sguil as a freeware product/project is phenominal and Bamm , Johnny and many ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rs who helped get it to this point deserve a loud "Thanks!" for offering a way to dig deep, efficiently and on a budget!

The kaos cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ory anonym os live cd is an interesting concept but as many stated during cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 talk... if cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 intention is to provide out of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 box functionality for your mom, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n you better be able to support media (PDA, DVD, Camera) out of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 box. The project is well-intentioned and I'm sure cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y'll make significant progress over cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 long run, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y seem like a sharp bunch.

Tor is a great tool even if it's slow, but it got a lot of good press during cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 con.

The discussion on RE was enlightening, not being a programmer or RE myself I sat in trying to learn and learn I did. Wow I'm very impressed by Pedram and Chris and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 entire participating group out cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re it was a pleasure.

My only negative statements about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 con:
1. Parking
2. Stolen prize (PSP) come on guys, how 7th grade.
3. seating was pretty bad in some of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 rooms, beams/poles obscured a high percentage of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 seats.

Overall cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 presenters were top notch, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 organization was well thought out. I would recommend this con to all dc area infosec interested people.

Richard Bejtlich said...

Who else thought parking at ShmooCon was crazy? I don't see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 attraction of holding a conference in DC itself. Perhaps someplace else in NoVA for 2007 with (1) abundant cheap parking ($23 for > 3 hrs? Please!); (2) non-obstructed views; and (3) more than one entry and exit door per room?

Anonymous said...

Parking may have been bad, but for people from out of town it is probably very convenient to be less than a block from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Metro so you don't have to rent a car to get around town. As a local, I guess I'm lucky that I could easily take cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Metro by parking at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 station near my house. I found it extremely convenient for that reason.

I heartily agree about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Kryptos talk by Elonka Dunin. It was cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 least useful for me in practical terms but it may have been cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most interesting. You can tell she loves cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 subject. I happened upon her in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lobby while she was showing her slides to a couple more people that had missed her talk and she was still just as enthusiastic!

I couldn't really get into cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 reverse-engineering talk. I made cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 mistake of checking cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r two talks first, both of which were not very impressive. By cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 reverse-engineering BoF was too full to gain easy entry. That was cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 only time I had trouble due to overcrowding, unlike Defcon where cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re were many problems with overcrowding.

Brian Krebs wrote about Simple Nomad's "Hacking cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Friendly Skies" in his blog.

Fyodor's talk was basically cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same one I saw at Defcon. I would not see him talk again unless I knew cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re was substantial new content, but it is definitely worth attending for someone that hasn't heard it yet.

I saw some of "Web Application Vulnerabilities and Exploits" by Matt Fisher. The portion I saw was exclusively about SQL injection, but it was eye-opening. He did a good job demonstrating how SQL attacks are quite easy and can be changed as needed to be effective in many situations.

Anonymous said...

I forgot to mention cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 things I noticed that were different in Fyodor's talk. He added cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 functionality to change a couple of things interactively while NMap is running, such as verbosity. He also took a little poke at Nessus without naming it by mentioning how a competing scanner was going closed source because of a lack of community contributions. Then he put up a very large number of names that had contributed to NMap.

Anonymous said...

Richard,

I enjoyed reading your account of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 con -- very thorough and hit upon most of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 things I thought were excellent about Shmoocon. I couldn't agree more with your assessment of Dan Geer's speech, which I found highly engaging and provocative. I'm sorry I missed your talk, and that we did not get a chance to talk more.

On Friday, I drove to work and Metro-ed in, which I should have done on Saturday as well b/c when I arrived cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 tiny lot was full and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 valet insisted I give cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m a room number to park my car (cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y wouldn't let me pay in advance). Kaminsky ended up giving me his and he crashed before I got a chance to buy him cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 5 or 6 drinks it would take to cover that crazy $30 parking tab. I got so thirsty at around 3 a.m. Sunday morning that I almost hit up one of those ubiquitous Amway/Quixstar dreamers for one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir energy drinks.

Anyway, I had cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 pleasure of chatting with Elonka and looking at her slides until cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 wee hours, as I missed her talk also. Grannick's keynote was solid, as always. Kaminsky's presentation was a riot, as was Simple Nomad's description of his self-described "lame 0day" which really was neicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r of those things. Still, he kept everyone laughing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir heads off with his deadpan delivery of surfing pr0n stored on his target's machines and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n patched laptops of security execs sitting next to him on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 plane.

And I was honored that you mentioned my name alongside such a list of security luminaries: I'm sure I don't
deserve it! :)

Anonymous said...

This was my first security conference I had an opportunity to attend and I thoroughly enjoyed it. I thought cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 speakers were very good for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most part. I thought Johnny Long's presentation on Hacking Hollywood was pretty funny.

I did get to see Richard's talk and thought it was very informative. I had never gotten to see squil in action and I was impressed with it. I'll definitely have to give it a closer look now.

So, as for my first sec conference goes, It rocked. I would definitely go back again.

DJordan

Anonymous said...

To cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 DC Metro area locals - why would you drive when you can ride cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Metro? Metro parking is free on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 weekends. For you I66 corridor folks, I believe cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 closest Metro with parking is Ballston. I almost paid for my 3 days fare and parking what cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hotel charged for 1 day.

I saw some of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 anti-SANS BoF. But not enough to make any real analysis. The part I caught was:

1) Use cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 materials from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Linux documentation project

2) Have someone standup and teach from it and do practical exercises

3) Give a test

There was probably much more discussed that I didn't hear so I won't draw any conclusions. Like Bettle said, I didn't see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 booze cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y were serving.

That being said my wife is a former teacher and I did network support cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same K-12 system - teaching classes is more than just getting some documentation and standing in front of group of people. It takes class materials (lesson plans, canned exercises, etc) and one has to be able to communicate effectively. It's one thing to hack and maybe teach one-on-one, it's a whole different ballgame to do that in front of a crowd. Plus, remember you're dealing with a whole bunch of geeks from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 get-go, so you'll have 7 of 10 students going off and doing "ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r" stuff with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir boxes.

I went to about 10 minutes of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 B!tchslapping wireless IDS and couldn't take anymore of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 speaker. It just wasn't going anywhere.

Dan Greer's keynote was great!

Jennifer Granick's keynote was interesting, however, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re was no "equal time" to represent cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r side. Some of us can appreciate cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 work that is involved within cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 IC, some just can't. 'Nuff said since this isn't cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 forum for that. People need to read both of James Bamford's books about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 NSA.

Johnny Long's presentation was funny and entertaining, but no real practical application. The Bruce video was intertaining too.

Probably cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best new thing I saw was cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Covert Crawler. Kaos Theory's OpenBSD LiveCD using Tor was a close second.

I'd seen Richard present Sguil before, but it was a good talk. I don't know how many times Netflow data has filled in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 empty spaces of a picture to tell cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 whole story.

The most difficult about Shmoocon was trying to be at 2 talks at once, sometimes all 3. I generally select my second choice mainly because of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 crowding. Thankfully everything will be available here shortly. I feel sorry for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 guy who made cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 DVDs, I don't think he'll sell many because everyone will download cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 videos.

I'll attend again next year. Hats off to Bettle, Bruce, Heidi, and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 rest of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Shmoo Group.

Thomas

Anonymous said...

Regarding parking: My home office is a half-block from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hotel, on Calvert and McGill. We have room for some 18 cars parked legally (though blocking each ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r, so everyone would have to leave at more or less cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same time or leave keys or something). If you want free parking, give me a call next year. If I haven't moved you're welcome to park.

Dan
202-986-5533x8484

Anonymous said...

The - Anti-Sans Starting Your Own "Not for profit" Training Institution - was not about taking cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 linux documentation project and delivering it.

The linux documentation projet was brought up as an example of how an open source project can work but not as a final idea on what to do.

Anonymous said...
This comment has been removed by a blog administrator.