X

Solaris serviceability and nifty tools

FIRST Technical Colloquium in Prague

Two weeks ago (yeah, I am a slacker) FIRST
technical colloquium
was held in Prague and we (me and Sasha)
were given the opportunity to attend (the fact the Derrick serves as FIRST chair in the
steering comittee
has of course something to do with it).

I only attended one day of the technical colloquium (Tuesday 29th).
The day was filled with various talks and presentations. Most of them were
performed by various CERT teams members from around the world. This was because
this event was a joint meeting of FIRST and TF-CSIRT.
It was definitely
interesting to see very different approaches to the shared problem set (dealing with
incidents, setting up honey pots, building forensic analysis labs, etc.).
Not only these differences stemmed from sizes of the networks and organizations
but also (and that was kind of funny) from nationalities.


In the morning I talked about the integration of
Netcat into Solaris,
describing the process, current features and planned enhancements and extensions.

The most anticipated talk was by Adam Laurie who is entertaining guy involved in many hacker-like activities (see e.g. A hacker games the hotel
article by Wired) directed at proving insecurities in
many publicly used systems.


Adam (brother of Ben Laurie, author of Apache-SSL
and OpenSSL contributor) first started with intro about satellite scanning, insecure hotel safes
(with backdoors installed by the manufacturers which can be overcome by a screwdriver).
Then he proceeded to talk about RFID chips, mainly about cloning.

Also, at the "social event" in the evening I had the pleasure to share a table with
Ken van Wyk who is overall cool fellow and the author of
Secure coding and
Incident response books from O'Reilly.

In overall, it was interesting to see so many security types in a room and get to know some of
them.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.