tag:blogger.com,1999:blog-4088979.post113737855678206498..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: ShmooCon Wrap-UpRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger12125tag:blogger.com,1999:blog-4088979.post-13679815555758254682009-02-10T03:36:00.000-05:002009-02-10T03:36:00.000-05:00This comment has been removed by a blog administrator.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137803232915890832006-01-20T19:27:00.000-05:002006-01-20T19:27:00.000-05:00The - Anti-Sans Starting Your Own "Not for profit"...The - Anti-Sans Starting Your Own "Not for profit" Training Institution - was not about taking the linux documentation project and delivering it.<BR/><BR/>The linux documentation projet was brought up as an example of how an open source project can work but not as a final idea on what to do.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137594199337484572006-01-18T09:23:00.000-05:002006-01-18T09:23:00.000-05:00Regarding parking: My home office is a half-block ...Regarding parking: My home office is a half-block from the hotel, on Calvert and McGill. We have room for some 18 cars parked legally (though blocking each other, so everyone would have to leave at more or less the same time or leave keys or something). If you want free parking, give me a call next year. If I haven't moved you're welcome to park.<BR/><BR/>Dan<BR/>202-986-5533x8484Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137558759289304772006-01-17T23:32:00.000-05:002006-01-17T23:32:00.000-05:00To the DC Metro area locals - why would you drive ...To the DC Metro area locals - why would you drive when you can ride the Metro? Metro parking is free on the weekends. For you I66 corridor folks, I believe the closest Metro with parking is Ballston. I almost paid for my 3 days fare and parking what the hotel charged for 1 day.<BR/><BR/>I saw some of the anti-SANS BoF. But not enough to make any real analysis. The part I caught was:<BR/><BR/>1) Use the materials from the Linux documentation project<BR/><BR/>2) Have someone standup and teach from it and do practical exercises<BR/><BR/>3) Give a test<BR/><BR/>There was probably much more discussed that I didn't hear so I won't draw any conclusions. Like Bettle said, I didn't see the booze they were serving.<BR/><BR/>That being said my wife is a former teacher and I did network support the same K-12 system - teaching classes is more than just getting some documentation and standing in front of group of people. It takes class materials (lesson plans, canned exercises, etc) and one has to be able to communicate effectively. It's one thing to hack and maybe teach one-on-one, it's a whole different ballgame to do that in front of a crowd. Plus, remember you're dealing with a whole bunch of geeks from the get-go, so you'll have 7 of 10 students going off and doing "other" stuff with their boxes.<BR/><BR/>I went to about 10 minutes of the B!tchslapping wireless IDS and couldn't take anymore of the speaker. It just wasn't going anywhere.<BR/><BR/>Dan Greer's keynote was great!<BR/><BR/>Jennifer Granick's keynote was interesting, however, there was no "equal time" to represent the other side. Some of us can appreciate the work that is involved within the IC, some just can't. 'Nuff said since this isn't the forum for that. People need to read both of James Bamford's books about the NSA.<BR/><BR/>Johnny Long's presentation was funny and entertaining, but no real practical application. The Bruce video was intertaining too.<BR/><BR/>Probably the best new thing I saw was the Covert Crawler. Kaos Theory's OpenBSD LiveCD using Tor was a close second.<BR/><BR/>I'd seen Richard present Sguil before, but it was a good talk. I don't know how many times Netflow data has filled in the empty spaces of a picture to tell the whole story.<BR/><BR/>The most difficult about Shmoocon was trying to be at 2 talks at once, sometimes all 3. I generally select my second choice mainly because of the crowding. Thankfully everything will be available here shortly. I feel sorry for the guy who made the DVDs, I don't think he'll sell many because everyone will download the videos.<BR/><BR/>I'll attend again next year. Hats off to Bettle, Bruce, Heidi, and the rest of the Shmoo Group.<BR/><BR/>ThomasAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137502941708966232006-01-17T08:02:00.000-05:002006-01-17T08:02:00.000-05:00This was my first security conference I had an opp...This was my first security conference I had an opportunity to attend and I thoroughly enjoyed it. I thought the speakers were very good for the most part. I thought Johnny Long's presentation on Hacking Hollywood was pretty funny. <BR/><BR/>I did get to see Richard's talk and thought it was very informative. I had never gotten to see squil in action and I was impressed with it. I'll definitely have to give it a closer look now. <BR/><BR/>So, as for my first sec conference goes, It rocked. I would definitely go back again. <BR/><BR/>DJordanAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137473542597372552006-01-16T23:52:00.000-05:002006-01-16T23:52:00.000-05:00Richard, I enjoyed reading your account of the con...Richard, <BR/><BR/>I enjoyed reading your account of the con -- very thorough and hit upon most of the things I thought were excellent about Shmoocon. I couldn't agree more with your assessment of Dan Geer's speech, which I found highly engaging and provocative. I'm sorry I missed your talk, and that we did not get a chance to talk more. <BR/><BR/>On Friday, I drove to work and Metro-ed in, which I should have done on Saturday as well b/c when I arrived the tiny lot was full and the valet insisted I give them a room number to park my car (they wouldn't let me pay in advance). Kaminsky ended up giving me his and he crashed before I got a chance to buy him the 5 or 6 drinks it would take to cover that crazy $30 parking tab. I got so thirsty at around 3 a.m. Sunday morning that I almost hit up one of those ubiquitous Amway/Quixstar dreamers for one of their energy drinks.<BR/><BR/>Anyway, I had the pleasure of chatting with Elonka and looking at her slides until the wee hours, as I missed her talk also. Grannick's keynote was solid, as always. Kaminsky's presentation was a riot, as was Simple Nomad's description of his self-described "lame 0day" which really was neither of those things. Still, he kept everyone laughing their heads off with his deadpan delivery of surfing pr0n stored on his target's machines and then patched laptops of security execs sitting next to him on the plane. <BR/><BR/>And I was honored that you mentioned my name alongside such a list of security luminaries: I'm sure I don't<BR/>deserve it! :)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137458876361357342006-01-16T19:47:00.000-05:002006-01-16T19:47:00.000-05:00I forgot to mention the things I noticed that were...I forgot to mention the things I noticed that were different in Fyodor's talk. He added the functionality to change a couple of things interactively while NMap is running, such as verbosity. He also took a little poke at Nessus without naming it by mentioning how a competing scanner was going closed source because of a lack of community contributions. Then he put up a very large number of names that had contributed to NMap.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137447771253042912006-01-16T16:42:00.000-05:002006-01-16T16:42:00.000-05:00Parking may have been bad, but for people from out...Parking may have been bad, but for people from out of town it is probably very convenient to be less than a block from the Metro so you don't have to rent a car to get around town. As a local, I guess I'm lucky that I could easily take the Metro by parking at the station near my house. I found it extremely convenient for that reason.<BR/><BR/>I heartily agree about the Kryptos talk by Elonka Dunin. It was the least useful for me in practical terms but it may have been the most interesting. You can tell she loves the subject. I happened upon her in the lobby while she was showing her slides to a couple more people that had missed her talk and she was still just as enthusiastic!<BR/><BR/>I couldn't really get into the reverse-engineering talk. I made the mistake of checking the other two talks first, both of which were not very impressive. By then, the reverse-engineering BoF was too full to gain easy entry. That was the only time I had trouble due to overcrowding, unlike Defcon where there were many problems with overcrowding.<BR/><BR/>Brian Krebs wrote about Simple Nomad's "Hacking the Friendly Skies" in his blog.<BR/><BR/>Fyodor's talk was basically the same one I saw at Defcon. I would not see him talk again unless I knew there was substantial new content, but it is definitely worth attending for someone that hasn't heard it yet.<BR/><BR/>I saw some of "Web Application Vulnerabilities and Exploits" by Matt Fisher. The portion I saw was exclusively about SQL injection, but it was eye-opening. He did a good job demonstrating how SQL attacks are quite easy and can be changed as needed to be effective in many situations.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137446328950631162006-01-16T16:18:00.000-05:002006-01-16T16:18:00.000-05:00Who else thought parking at ShmooCon was crazy? I...Who else thought parking at ShmooCon was crazy? I don't see the attraction of holding a conference in DC itself. Perhaps someplace else in NoVA for 2007 with (1) abundant cheap parking ($23 for > 3 hrs? Please!); (2) non-obstructed views; and (3) more than one entry and exit door per room?Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137440966361416452006-01-16T14:49:00.000-05:002006-01-16T14:49:00.000-05:00Shmoocon was worth the money no question. Even wi...Shmoocon was worth the money no question. Even with the fun of trying to find parking - a nice 1 mile hike for me :)<BR/><BR/>I really found Jennifer Granick's presentation thought provoking. Her challenge to dc area folks to ensure that democracy was built into technology was interesting. <BR/><BR/>Fyodor as always was fun, the demonstration of the speed improvments for NMAP were astonishing, as was his "using NMAP to find images" talk.<BR/><BR/>Richard your talk was very good in contrast to the last poster I felt the audience was a bit unprepared for much of the technical side of it. Many people only see the offensive side of information security and few focus on the defensive nature. SANS courses honestly are a joke as are many of the "experts" who claim to be network security analysts because they graduated. Sguil is a great tool, however I do see much of that functionality in the SIM space today - you have too look deep but it does exist. However, Sguil as a freeware product/project is phenominal and Bamm , Johnny and many others who helped get it to this point deserve a loud "Thanks!" for offering a way to dig deep, efficiently and on a budget!<BR/><BR/>The kaos theory anonym os live cd is an interesting concept but as many stated during the talk... if the intention is to provide out of the box functionality for your mom, then you better be able to support media (PDA, DVD, Camera) out of the box. The project is well-intentioned and I'm sure they'll make significant progress over the long run, they seem like a sharp bunch.<BR/><BR/>Tor is a great tool even if it's slow, but it got a lot of good press during the con.<BR/><BR/>The discussion on RE was enlightening, not being a programmer or RE myself I sat in trying to learn and learn I did. Wow I'm very impressed by Pedram and Chris and the entire participating group out there it was a pleasure.<BR/><BR/>My only negative statements about the con:<BR/>1. Parking<BR/>2. Stolen prize (PSP) come on guys, how 7th grade.<BR/>3. seating was pretty bad in some of the rooms, beams/poles obscured a high percentage of the seats.<BR/><BR/>Overall the presenters were top notch, the organization was well thought out. I would recommend this con to all dc area infosec interested people.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137417696945881932006-01-16T08:21:00.000-05:002006-01-16T08:21:00.000-05:00hey richard, i happened to attend your talk at shm...hey richard, i happened to attend your talk at shmoo. it was pretty good.. unfortunately when David Bianco took over, it seems like the room died. I'm pretty sure enough people there have the foo to figure out what he was blabbing about. it was not complex or very indepth.<BR/><BR/>your talk however was excellent, answering questions I had about postgres portability. I agree the snort bof was cool, hearing from the snort guys themselves how to make snort Uber fast. It would be interesting to do some tests.<BR/><BR/>Thanks for the talk, it was really informativeAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1137389966693394862006-01-16T00:39:00.000-05:002006-01-16T00:39:00.000-05:00Just an all around great con/event! After spending...Just an all around great con/event! After spending all day Saturday at the Wardman Park Marriott I can tell you that there is not a better security event for your $s anywhere...<BR/><BR/>Compared to what you get for your money at say a SANS and/or a CSI event, ShmooCon is the clear winner.<BR/><BR/>Couple of highlights - Fyodor did a great presentation on Nmap.<BR/><BR/>I also liked kaos.theory and their Anonym.OS LiveCD.Hugh McArthurhttps://www.blogger.com/profile/12127576829623036665noreply@blogger.com