Sunday, June 6, 1999|
Full Day Tutorial Session (9:00 am - 5:00 pm):
S5 Network Security Profiles: A Collection (hodgepodge) of Stuff Hackers Know About You
Jon Rochlis and Brad Johnson, SystemExperts Corp.
Who should attend: Network, system, and firewall administrators; security auditors or audit recipients; people involved with responding to intrusions or responsible for network-based applications or systems which might be targets for hackers. Participants should understand the basics of TCP/IP networking. Examples may use UNIX commands or include C or scripting languages.
This course will be useful for people with any type of TCP/IP based system, whether it is a UNIX, Windows, NT, or mainframe based operating system or whether it is a router, firewall, or gateway network host.
There are common stages to network-based host attacks, whether it comes from the Internet, Extranet, or Intranet - reconnaissance, vulnerability research, and exploitation. This tutorial will review the tools and techniques hackers use in performing these types of activities. You will learn how to be prepared for such attacks by becoming familiar with the methods they use. Specifically, the course will focus on how to generate profiles of your own systems over the network. Additionally, it will show some of the business implications of these network-based probes.
The course will focus primarily on tools that exploit many of the common TCP/IP based protocols (such as WWW, SSL, DNS, ICMP, SNMP) which support virtually all of the Internet applications, including Web technologies, network management, and remote file systems. Many topics will be addressed at a detailed technical and administrative level. This course will primarily use examples of public domain tools because they are widely available and commonly used in these situations.
Topics will include:
Jon Rochlis (S5, T8 Instructor) is a senior consultant for SystemExperts, where he provides high level advice to businesses on network security, distributed systems design and management, high-availability, and electronic commerce. Before joining SystemExperts, Jon was engineering manager with BBN Planet, a major national Internet Service Provider.
Brad Johnson (S5 Instructor) is a well known authority in the field of distributed systems. He has participated in seminal industry initiatives including the Open Software Foundation, X/Open, and the IETF, and has published often about open systems. At SystemExperts Brad has led numerous security probes for major companies, revealing significant unrealized exposures. Prior to joining SystemExperts, Brad was one of the original members of the OSF DCE Evaluation Team, the group that identified, evaluated and selected technology to become the industry's first true interoperable middleware.