sorted by: recent | see :
popular
Content Tagged with OpenWengo + Security
Back from EuSecWest
Back from London where I had a great time during EuSecWest.
I liked most of the talks but in particular:
Then, was lighting talk session. I didn't plan doing it, but I finally talked about Prelude IDS. I had a few minutes to write slides and I worried of having my laptop not working with the videoprojector (yes, it's handled so bad in Linux that last year in FOSDEM during my Gscore talk we tried several laptops and finally a guy running a double boot machine allowed me to make the presentation. Hopefully... just in case as usual I had my slides in PDF on a usb key). And I think the best stuff was what Philippe did about scapy: Use Gimp to write slides and perform the presentation and use layers to show a particular thing etc..
Since the Fuzz talk that was planned today switched to yesterday because planned speaker couldn't make it this blank was filled by a (yet another!) Metasploit talk. OK, Metasploit is a nice framework for writing exploits easily. I just can't figure out why I am not excited by this project, even if I find the idea interesting. Do we hear to much of it at any conference ? (There was also a talk in Fosdem last week-end, and last year in black hat as well).
Symantec people did research on GS protection within Visual Studio. It is something similar to what is called sentinel in gcc (dindinx rox showing me that!). In the end Microsoft were very helpful towards Symantec to do further research on how to know is a binary of GS protected or not.
Sun Bing did a talk on the software virtualisation based rootkits. As long as ou don't load your rootkit before the hypervisor, there are ways to find you are obfuscating process etc..
The last talk was a clever one on Vista internals security measures. Mostly what Grsecurity/Pax folks did, but better
In the end, the organization team, some speakers and random people like me went to a restaurant where the food was awesome. I think the event was pretty exhausting because all of us were just looking at each other and eating.
I liked most of the talks but in particular:
Day 1
- MS attack: How Microsoft defend themselves from being attacked. You have MS employees working in the Seattle area that use the VPN from their untrusted home machine. Their VPN server will actually scan for known vulnerabilities before allowing somebody to use VPN. He told a story about staff who once where in Germany. They got the "Invalid Certificate" message they of course cliked on and got a Man In The Middle attack. It shows how you must educate users, and that you must be always proactive. He also talked of a remediation tree. Starting from the hacked box, finding the credentials people can have from this box and move to machines this account has access to. And from this machine move down to the hacked box that you would recognize because the user doesn't have an account on it. So on and so forth...
He made a few points I found very relevant :
- Communicate expectations to management before an incident
- Being creative and have discipline
- Reevaluate your strategy continuously
- Don't educate executives in the middle of a crisis
I understand why this talk has been higly rated during ParSec.
- Linux Kernel Security Nightmare: Marcel works for Redhat in the security response team. I liked his Tuesday to Thursday rule : Monday morning, you are not going to like having a security report you have to fix and Friday afternoon the only thing you want is maybe go home and have a beer . He showed examples of CVE-2007-format (common vulnerability exposure for vendors for having a unique number identifying a vulnerability). The number of vulnerabilities concerning Linux kernel is terrific. He talked about cryptic code parts (by cryptic I mean highly bad written and exposed to vulnerabilities) such as most drivers, with the notable exception of network drivers, netfilter (!!) and filesystems. He talked also about nvd.nist.gov.
- OWASP: It is the Open Web Application Security Project. Talking about web stuff and penetration testing methodology.
- RFID: I didn't think I could like this but... well the speaker was so awesome that he made me like all those RFID stuff. He is running rfidiots.org which is all about understanding and hacking into RFID materials. He was really entertaining : take some industry crap like "RFID provides a unique number for everyone guaranted" and showed how easy it was to bypass it. He talked about passport RFID system. Took a passport to show on screen all data it has. Asked people to come and see him with their RFID card afterwards. He also did a lightning talk on... nothing
I waited 5 mn and in the end used a script to hack the conference clock and changed time left he had to talk.
He had a great story: imagine this kind of very root electronic guru, giving lectures all over the world about RFID, taking all this state-of-the-art material and passing through security gates. Well, ahead of him was a happy couple with a new born baby. They were carrying milk with them to feed him, and since recent laws forbid about liquid aboard, they were asked to drink the milk so that they were sure it was not a bomb. His bag come through Xray analysis, and by picking it up the guy asked him if he had liquid in it. He just said "No" and took the aircraft.
- VoIP attack: Dutin likes green! from hair to shoes, until slides. So this talk was one of the ones I wanted to see because of, ... well.. I feel a bit concerned about VoIP security issues. Be being hired at Wengo I discovered VunerabilityHHHHHHHHHH^Hoice Over IP. As a VoIP security searcher I can assure you this is a nightmare. He showed tools and attacks currently available. Mostly from the wonderful Hacking VoIP Exposed book.
- Fuzz: Robustnes testing code coverage analysis. Christian Wieser is involved in the PROTOS project who worked hard on SIP security. You bet I was very interested! During the party held in a bar around the corner (thanks Microsoft!!) we talked him about lots of things around SIP, VoIP and security. It was a pleasure for me to meet in person the bright leader of a project I use.
Then, was lighting talk session. I didn't plan doing it, but I finally talked about Prelude IDS. I had a few minutes to write slides and I worried of having my laptop not working with the videoprojector (yes, it's handled so bad in Linux that last year in FOSDEM during my Gscore talk we tried several laptops and finally a guy running a double boot machine allowed me to make the presentation. Hopefully... just in case as usual I had my slides in PDF on a usb key). And I think the best stuff was what Philippe did about scapy: Use Gimp to write slides and perform the presentation and use layers to show a particular thing etc..
Day 2
Since the Fuzz talk that was planned today switched to yesterday because planned speaker couldn't make it this blank was filled by a (yet another!) Metasploit talk. OK, Metasploit is a nice framework for writing exploits easily. I just can't figure out why I am not excited by this project, even if I find the idea interesting. Do we hear to much of it at any conference ? (There was also a talk in Fosdem last week-end, and last year in black hat as well).
Symantec people did research on GS protection within Visual Studio. It is something similar to what is called sentinel in gcc (dindinx rox showing me that!). In the end Microsoft were very helpful towards Symantec to do further research on how to know is a binary of GS protected or not.
Sun Bing did a talk on the software virtualisation based rootkits. As long as ou don't load your rootkit before the hypervisor, there are ways to find you are obfuscating process etc..
The last talk was a clever one on Vista internals security measures. Mostly what Grsecurity/Pax folks did, but better
In the end, the organization team, some speakers and random people like me went to a restaurant where the food was awesome. I think the event was pretty exhausting because all of us were just looking at each other and eating.
Saturday
Blandine, Yuri, Victor and I walked in London to see few stuff: Since I've been in London for a few months few years back, I was pretty good at giving the exact opposite direction of where we were heading to We walked from Victoria to Picadily circus. We stoped for beers, we then walked to Big Ben where we got a boat until London's Tower where I took the underground back to Waterloo then Paris.
