Friday, February 17, 2006

RSA Conference 2006 Wrap-Up, Part 2

This is part 2 of my RSA Conference 2006 wrap-up. I started with part 1. My first talk of day 2 was Bruce Schneier. Bruce is a great speaker, but I seemed to remember his material from 2002. His major point involved this fact: cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are far too many legitimate users compared to attackers. This makes detection and prevention difficult. I believe this is a form of Axelsson's 1999 base rate fallacy (.pdf) paper. Bruce made cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 interesting point that by charging cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 conference fee ($1900 or so) to replace a lost badge, RSA had transferred a security problem entirely to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 attendees.

Next I saw Nitesh Dhanjani discuss penetration testing techniques and tools. I worked with Nitesh at Foundstone, and his talk was excellent. He emphasized how he only uses open source tools for his work, because cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are so easily customized to meet his requirements. Nitesh described how cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Metasploit WMF exploit works. He showed how to create a new NASL script for Nessus, and made cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 point that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fact Nessus 3.x is closed-source makes no difference to him. Anyone can still make custom NASL scripts. Nitesh cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n showed how to code an Ettercap plug-in.

He continued his presentation by describing problems with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Google Firefox anti-phishing toolbar, namely that it sends all GET requests in clear text to Google -- even those referenced via HTTPS. If a user is browsing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Web with this extension enabled, and is logged in to Gmail, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n Google also reads cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 user's Gmail cookie. Hence, Google knows exactly who you are and what you're browsing. Nice. I should also mentioned Nitesh used cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 socat tool, which I had never seen before. Nitesh finished by discussing how to use Tor to anonymously attack Web servers, which is a problem without much of a solution at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 moment. I wonder if Tor servers will have to run inline filters to police this sort of activity, in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 spirit of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "control" aspect of my Defensible Network Architecture framework from Extrusion Detection?

I have to board my plane shortly... part 3 will probably arrive this weekend.

1 comment:

Anonymous said...

Custom Steel Wheels can be found here for any make of classic hot rod or street rod