----- Forwarded message from John Ormonde <jafo1723@comcast.net> ----- From: John Ormonde <jafo1723@comcast.net> Date: Wed, 27 Feb 2002 15:44:22 -0500 To: vuln-dev@securityfocus.com, pen-test@securityfocus.com, bugtraq@securityfocus.com Subject: CanSecWest '02 conference X-Mailer: iPlanet Webmail I was thinking about registering for this conference but there isn't an agenda yet on the web site and the registration form won't accept my credit card info. The tentative speaker list looks pretty impressive but these two things put some doubt in my mind about the conference. Has anyone successfully registered? Did anyone attend last year? Was it worthwhile? --------------------------------------------------------- The on-line registration system still only accepts VISA, though we are working on direct authentication modules for Mastercard and Paypal. We have gone through some detailed design to develop a secure transaction system (even down to the level of pgp encrypting record information stored _inside_ the database in case the server is compromised), which we've had pen-tested by an all star audit team including hdm and rfp... We figured the attendees of this conference _would_ notice any slip ups :-). You may register for the conference through the automated system at http://cansecwest.comor with a company cheque by e-mailing core02@cansecwest.com and getting further info. In the interim while the new auth modules are being added we can accomodate AmEx (though we currently have no plans for adding automated processing of AmEx directly on line) and Mastercard through a manual PayPal transfer please contact core02@cansecwest.com for this and/or any other conference related inquiries. The final speaking agenda for the single track conference which runs from May 1-3 is (paper titles still subject to change at speaker whims :-): Alfred Huger - VP Engineering - Security Focus - ah Alfred will be speaking about the back end analysis system of their ARIS product. Crispin Cowan - Chief Scientist - WireX Cmmunications Crispin will be giving a presentation about the Linux Security Module project, Immunix in general and it's components: StackGuard, FormatGuard, and RaceGuard. David Dittrich - Senior Security Engineer - University of Washington David will be speaking about forensics and the latest security fun and games at UW. Dug Song - Arbor Networks - dugsong Dug will be presenting some new IDS evasion techniques including a sequel to fragrouter. Fyodor Yarochkin - Security Analyst - Trusecure/Asia Pacific - beez Fyodor will be discussing fuzzy fingerprinting stuff and an xprobe2 demo. HD Moore - Digital Defense - hdm HD will be speaking about passive analysis and distributed security scanning using Nessus. Ivan Arce - CTO - Core-SDI - wario Ivan will be discussing automated penetration testing tools and CORE's new Impact product. Jed Haile - Nitro Data Systems - jed Jed will be discussing the open-source Hogwash Gateway IDS based on Snort that he is the principal author of. Jonathan Wilkins - emaze Jonathan will be discussing his taranis tool and Layer 2 hijacking attacks. jobe & shok - founders - w00w00 - unlearn, Shk Jobe will be presenting: Buffer Overflows, A cumulative review: It's not just %i7/%eip anymore. Shok will be presenting a paper title TBD. Jeff Nathan & Brian Caswell - McKesson, MITRE - jnathan, cazz Jeff will be discussing IDS technology and Brian will outline some experiences in deploying _very_ large distributed IDS systems at MITRE. Halvar Flake - Reverse Engineering - Blackhat Consulting - halvar Paper Title TBD Lance Spitzner - Global Enterprise Security Team - Sun Microsystems Lance will be discussion setting up Honeypots and Honeynets with excerpts from his new book on Honeypot technology. Marty Roesch - CEO - Sourcefire - mfr Marty will be discussion enterprise IDS deployment and the new IDS OpenSnort Console product from Sourcefire. Marshal Beddoe & Christopher Abad - Foundstone, Qualys - bind, aempirei Marshal and Chris will be discussing heap corruption vulnerabilities. Mike Schiffman - Director of Security Architecture - @stake - route Mike will be discussing wireless security and probably answer some questions about the latest release of libnet. Niels Provos - C.S. PhD Candidate - University of Michigan - ActivatE Niels will be talking about a paper title TBD and probably answer some questions about the OpenSSH project he works on. Ofir Arkin - Managing Security Architect - @stake - blaad Ofir will be giving a new presentation about technical details of VoIP security: Cracking SIP - Security Problems with VoIP Architecture Rain Forrest Puppy - head puppy - Wiretrip Labs - cail Paper Title TBD Ralph Logan - CEO - Camisade - rkl Paper Title TBD Richard Salgado - Computer Crime and Intellectual Property - U.S. Department of Justice Richard will be discussing recent policy and procedure changes at the FBI and DOJ and have a Q&A about regulatory and operational changes with the recent DMCA and anti-terrorism legislation. Sebastien Lacoste-Seris and Nicolas Fischbach - securite.org d00dz - COLT Telecom - kaneda, nico Paper title TBD. Silvio Cesare - Qualys - zilvio Silvio will be discussing reverse engineering of the RST.b remote shell trojan linux virus caught in the wild, and virii anti-reverse engineering tactics and how to foil them. Simple Nomad - Bindview I want to be a Ninja Stealth Cyberterrorist - hypothetical scenarios for stealthy internet communications and other case studies. Solar Designer - head honcho - Openwall - solardiz Solar designer will be talking about the openwall secure linux patch and the secure OWL distribution. Hope this helps. I look forward to seeing you all in May. cheers, --dr -- --dr http://dragos.com/dr-dursec.asc CanSecWest/core02 - May 1-3 2002 - Vancouver B.C. - http://cansecwest.com
