Monthly Archives: February 2011

Quick and Dirty wireshark tutorial-2

Hi again,

Just got an email from anil of techtarget.com, informing me about my article being published in their online magazine. Interested people can please look into it. The link to the article is here: http://searchsecurity.techtarget.in/tutorial/Quick-and-dirty-Wireshark-tutorial

Thanks to Tamaghna, for informing about this opportunity and also the null community. I am thankful to Mr. Anil Patrick of techtarget, for publishing my article.

Keep reading this blog, for more…

Cheers

3ps!l0nLaMbDa

Nullcon dwitiya 2011

Hey folks,

I had a great time attending nullcon 2011, 2 days of sheer fun, knowledge and networking. Met a lot of people, got to know them personally, especially those whom I had met only through IRC’s.  A nice ambience at “The retreat” Zuri, beach resort, which come in utor doxi, pedda, varca, salcette.

The food was great, the t-shirt even better and finally the CPE which we got, at the end of the 2nd day, all added to those small gains I had which can turn into big ones. Will be indebted to basu bhai, who helped us a lot, and in all it was gr8 experience. Here’s an article I am presenting to you which ll give you a glimpse of nullcon..A lot more to be covered, but, currently, only so much.

Nullcon(http://nullcon.net) Dwitiya witnessed action worth following—whether it is the Desi Jugaad track on Hacking the Parliament or demystifying the Zeus man in the middle attack on cell phones. Get into the thick of all the action at nullcon Day Zero with our vignette series.

In its second year, nullcon 2011 is now an international security conference that witnesses the participation of India’s top whitehat hackers. Organized by the null information security community, nullcon 2011 is being held at The RETREAT by Zuri, Goa. With twin parallel tracks that cover various aspects such as technical tracks, security trend debates, research papers and CXO sessions , this is an event that sees participation from hackers— desi as well as international.

With tracks like Desi Jugaad which includes India-specific hacks, the event promises insights worth exploring for the security enthusiast as well, rather than just pure-play infosec. As part of our detailed nullcon Dwitiya coverage, we have put together some of the hottest topics of Day Zero. These presentations examine some of the hottest challenges—right from exploiting SCADA systems and building intelligence analysis systems to reversing Microsoft patches for analysis of vulnerable code. Here are some of the highlights of nullcon 2011’s Day Zero.

Session: Exploiting SCADA systems

Presenter: Jeremy Brown

During this session of nullcon 2011, Jeremy Brown of Tenable Network Security lays bare the vulnerabilities that surround SCADA software as well as the vendor apathy which makes these systems so vulnerable. Brown also conducts the demo of a live SCADA system exploit as part of this session. With threats like Stuxnet highlighting the need for secure SCADA systems, this is one presentation that you cannot afford to mix.

Paper: Reversing Microsoft patches to reveal vulnerable code

Presenter: Harsimran Walia

Application Developer Harsimran Walia’s paper details identification of vulnerable code files in Microsoft solutions through reverse engineering of patches and files for these products. The paper puts forward the need to leverage this process for creation of vulnerability signatures, an approach which is superior to the use of exploit signatures for making undisclosed exploit and patch verification.

Workshop: Building an intelligence analysis systems using open source tools

Presenter: Fyodor Yarochkin

As part of this nullcon 2011 workshop, security analyst Fyodor Yarochkin from Armorize Technologies exhibits how open source tools can be used to mine Internet data, organize and tag it for extraction of meaningful information. This hands-on workshop examines how intelligence analysis systems can be built using various open source solutions such as Nutch, solr, lucene, Soghun (machine learning framework), hadoop and netglub.

(Article courtesy: http://searchsecurity.techtarget.in)

Cheers

3ps!l0nLaMbDa