lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <512B2E94.1040302@pirate-radio.org>
Date: Mon, 25 Feb 2013 09:27:48 +0000
From: Major Malfunction <majormal@...ate-radio.org>
To: dc4420@...420.org, bugtraq@...urityfocus.com, 
	full-disclosure@...ts.grok.org.uk
Subject: DC4420 - London DEFCON Tuesday 26th Feb 2013

Apologies for the late announcement...

Tomorrow we have a particularly excellent line-up!

Primary Speaker:

Arron Finnon - Finux Tech Weekly

Title:

"The OSNIF Project: NIDS/NIPS Testing and Auditing"

Synopsis:

Yeah great, I know its not a silver bullet! NIPS/NIDS have issues, and
that's putting it lightly. I've talked about their limitations for
awhile, and I get either "that's awesome" or "they've been done to
death". The truth is, we achieved nothing in fixing the problem. We can
moan about how rubbish they are, we can pretend it's not our problem, or
we can start to address the situation. For too long we've moaned, we've
made comments and done little to make them better. Vendors are making
money off products we all know could be doing a better job. Here's a
crazy idea, let's talk about the issues, why they suck, and this time
actually do something! What is to be lost by trying something new? Let's
accept they fail and instead, turn that frown upside down. This talk
isn't an answer, it's a beginning. Looking at some of the common and
uncommon issues faced in trying to make NIDS/NIPS better, and why we
fail at finding solutions. I don't have all the answers, however I
intend to answer one simple question; What is OSNIF?

I intend to look at the current situation surrounding testing and
assessing NIDS/NIPS and basically why it sucks.  I'll also discuss the
Open Source Network Intrusion Framework (OSNIF) project, which is a open
group set up by people involved within IDS/IPS to put together a testing
methodology for IPS/IDS.  Sort of OWASP but for NIDS/NIPS

~~

Secondary Speaker:

Adrian Hayter - Convergent Network Solutions

Title:

"The dangers of black box devices. Or...just how many insecure IP 
cameras are out there?"

Synopsis:

Last year a security vulnerability left hundreds of TRENDnet IP camera 
feeds exposed on the Internet, many of them broadcasting their owner's 
living rooms, or (even more disturbingly) children sleeping.  One year 
on, and despite assurances from TRENDnet, a large number of feeds are 
still accessible. Over the last several months, I've hunted down the 
feeds of numerous types of camera and slowly built up an online viewer 
to illustrate the problem that these black box devices pose to 
uneducated users. This talk will give an overview of the processes 
involved in creating the viewer, as well as showcasing some of the more 
bizarre & interesting feeds that are still broadcasting to this day.

Venue is here:

   http://www.phoenixcavendishsquare.co.uk/

Full details:

   http://www.dc4420.org/

See you there!

cheers,
MM
-- 
"In DEFCON, we have no names..." errr... well, we do... but silly ones...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ