An interactive introduction to the techniques of Internet hackers and the serious danger they pose to organizations. The interactive presentation challenges the audience to play the roles of hacker versus security analyst in a game of measures, attacks and countermeasures.
The goal of the hacker is to identify the 5 major weaknesses:
Unauthenticated Connections
Inbound Flows of Data
Complex Software
Unauthenticated Data
Software Running as a Super User
The audience attempts to identify defenses as the hackers works to find these
major weaknesses. Highlights include a detailed analysis of buffer overflow
and Malicious Mobile Code (Java/ActiveX) attacks that have crippled the Pentagon
and Microsoft.
Most of the demonstrated attacks are not stopped by firewalls or intrusion
detection systems. As a result, the audience will understand that technical
countermeasures are self-defeating and that the people, processes, procedures
and technology aspects of security must be addressed in an effective security
program.
Demos Include:
Searching for Home Cable and DSL vulnerabilities
Port scanning
IP spoofing
User spoofing
E-mail spoofing
L0phtcrack
Ping of Death
Password exploits
Sendmail exploit
ActiveX Excel save-as exploit
IMAP buffer overflow
NT IIS buffer overflow
CGI exploits
PHF attack
War dialing
Social engineering techniques
Audience:
CIO, CTO, CEO, MIS Management, Security Staff, Network Administrators, et.
al. |
