Friday, June 30, 2006

Ten Days Left for Cheaper USENIX Security Registration

Those of you who read the Atom or RSS feeds for this blog have been missing my personalized USENIX Security 2006 banner ad, visible to my Blogger readers. In fact, some of you might have no idea that I, Richard Bejtlich, write these words, thanks to the various people who copy and reproduce my blog postings without regard to my authorship!

In any case, there are ten days left for early registration for USENIX Security in Vancouver, BC. I will teach a brand new, two day course called TCP/IP Weapons School (TWS) on 31 July and 1 August 2006.

This will be a fun course. Let me make your expectations perfectly clear, however: the primary purpose of this course is to teach TCP/IP and packet-level analysis. The intended audience is junior and intermediate security personnel. We will work our way up the TCP/IP stack over the two day course, using security tools at each layer to provide sample traffic for analysis.

If you walk up to me in class and say "I know all of these tools. This isn't cool," I will boot you from class! This is not an "uber-l33t-h@x0r-t00lz" course. Still, I am trying to add tools from off the beaten path to keep things interesting.

I will probably create a FreeBSD VM with all or most of the tools I use in the slides. Students will be free to try those tools, although I may omit the layer 2 attacks. I do not wish to see MAC spoofing, flooding, and so forth disrupting the USENIX network. I plan to provide all of the traces analyzed in class, however. You will want to be sure your laptop is running Ethereal/Wireshark so you can follow along.

Assuming the class goes well, I hope to offer it elsewhere -- including to private groups.

4 comments:

geek00L said...

For tools that not available via bsd package/port, you may either try using backtrack and load it into vm as well.

Just in case :)

Yousef Raffah said...

sounds cool to me, any chance you can upload your slides later (if any)?

Richard Bejtlich said...

No chance.

Yousef Raffah said...

too bad :(