Check out the new USENIX Web site.
 1998 USENIX Annual Technical Conference - June 15-19, 1998 - Marriott Hotel, New Orleans, Louisiana
Jump to Conference Home Page Jump to Registration Information
Table of Contents
T8   Network Security Profiles: What Every Hacker Already Knows About You and How They Do It
Jon Rochlis and Brad Johnson, SystemExperts Corp.

Who should attend: Network, system, and firewall administrators; security auditors or audit recipients; people involved with responding to intrusions or responsible for network-based applications or systems which might be targets for hackers. Participants should understand the basics of TCP/IP networking. Examples may use UNIX commands or include C or scripting languages.

This course will be useful for people with any type of TCP/IP based system: whether it is a UNIX, Windows, NT, or mainframe based operating system or whether it is a router, firewall, or gateway network host.

There are common stages to network-based host attacks -whether it comes from the Internet, extranet, or intranet: reconnaissance, vulnerability research, and exploitation. This tutorial will review the tools and techniques hackers use in performing these types of activities. You will understand how to be prepared for such attacks by becoming familiar with the methods they use. Specifically, the course will focus on how to generate profiles of your own systems over the network. Additionally, it will show some of the business implications of these network-based probes.

The course will focus primarily on tools that exploit many of the common TCP/IP based protocols (such as WWW, SSL, DNS, ICMP, SNMP) which support many of the Internet applications -Web technologies, network management, and remote file systems. Many topics will be addressed at a detailed technical and administrative level. This course will primarily use examples of public domain tools because they are widely available and commonly used in these types of situations.

Topics will include:

-    Review of attack methodology: reconnaissance, target selection, and exploitation
-    Profiles: what does one look like
-    Techniques: scanning, CERTs, TCP/IP protocol "mis"uses, denial of service, and hacking clubs
-    Tools: scotty, strobe, netcat, SATAN, ISS, ToneLOC, SSLeay/upget, etc.
-    Business exposures: integrity and confidentiality, audits, and intrusion resolution

Jon Rochlis  (M10, T8) is a senior consultant for SystemExperts which provides high level advice to businesses on network security, distributed systems design and management, high-availability, and electronic commerce. Before joining SystemExperts, Mr. Rochlis was engineering manager with BBN Planet, a major national Internet service provider.

Brad Johnson  is a well-known authority in distributed systems. He has participated in seminal industry initiatives including the Open Software Foundation, X/Open, and the IETF, and has published often about open systems. At SystemExperts Brad has led numerous security probes for major companies, revealing significant unrealized exposures.


Program at-a-Glance - Tutorials - Technical Program - Registration -
Birds-of-a-Feather - Conference Activities - Hotel & Travel Info - Conference Home
Conference Index
Events Calendar