cansecwest/core02

[Dragos Ruiu <dr () kyx net>]

----- Forwarded message from John Ormonde <jafo1723 () comcast net> -----

From: John Ormonde <jafo1723 () comcast net>
Date: Wed, 27 Feb 2002 15:44:22 -0500
To: vuln-dev () securityfocus com, pen-test () securityfocus com,
bugtraq () securityfocus com
Subject: CanSecWest '02 conference
X-Mailer: iPlanet Webmail


I was thinking about registering for this conference but there isn't
an agenda yet on the web site and the registration form won't 
accept my credit card info. The tentative speaker list looks pretty
impressive but these two things put some doubt in my mind about the
conference.  Has anyone successfully registered? Did anyone attend 
last year?  Was it worthwhile? 

---------------------------------------------------------


The on-line registration system still only accepts VISA, though we are
working on direct authentication modules for Mastercard and Paypal.
We have gone through some detailed design to develop a
secure transaction system (even down to the level of pgp
encrypting record information stored _inside_ the database
in case the server is compromised), which we've had pen-tested
by an all star audit team including hdm and rfp...  We figured
the attendees of this conference _would_ notice any slip ups :-). 

You may register for the conference through the automated system 
at http://cansecwest.comor with a company cheque by e-mailing
core02 () cansecwest com and getting further info.

In the interim while the new auth modules are being added we can accomodate
AmEx (though we currently have no plans for adding automated processing
of AmEx directly on line) and Mastercard through a manual PayPal transfer
please contact core02 () cansecwest com for this and/or any other conference  
related inquiries. 

The final speaking agenda for the single track conference which runs 
from May 1-3 is (paper titles still subject to change at speaker whims :-):

Alfred Huger - VP Engineering - Security Focus - ah
Alfred will be speaking about the back end analysis
system of their ARIS product.

Crispin Cowan - Chief Scientist - WireX Cmmunications
Crispin will be giving a presentation about the Linux Security
Module project, Immunix in general and it's components: StackGuard,
FormatGuard, and RaceGuard.

David Dittrich - Senior Security Engineer - University of Washington 
David will be speaking about forensics and the latest
security fun and games at UW.

Dug Song - Arbor Networks - dugsong 
Dug will be presenting some new IDS evasion techniques including
a sequel to fragrouter.

Fyodor Yarochkin - Security Analyst - Trusecure/Asia Pacific - beez
Fyodor will be discussing fuzzy fingerprinting stuff and an 
xprobe2 demo.

HD Moore - Digital Defense - hdm
HD will be speaking about passive analysis and
distributed security scanning using Nessus.

Ivan Arce - CTO - Core-SDI - wario
Ivan will be discussing automated penetration testing
tools and CORE's new Impact product.

Jed Haile - Nitro Data Systems - jed
Jed will be discussing the open-source Hogwash
Gateway IDS based on Snort that he is the principal
author of.

Jonathan Wilkins - emaze 
Jonathan will be discussing his taranis tool and 
Layer 2 hijacking attacks.

jobe & shok - founders - w00w00 - unlearn, Shk
Jobe will be presenting: Buffer Overflows, A cumulative review: It's not just %i7/%eip anymore. 
Shok will be presenting a paper title TBD.

Jeff Nathan & Brian Caswell - McKesson, MITRE - jnathan, cazz
Jeff will be discussing IDS technology and Brian will outline some
experiences in deploying _very_ large distributed IDS systems at
MITRE.

Halvar Flake - Reverse Engineering - Blackhat Consulting - halvar
Paper Title TBD

Lance Spitzner - Global Enterprise Security Team - Sun Microsystems
Lance will be discussion setting up Honeypots and Honeynets with
excerpts from his new book on Honeypot technology.

Marty Roesch - CEO - Sourcefire - mfr
Marty will be discussion enterprise IDS deployment and
the new IDS OpenSnort Console product from Sourcefire.

Marshal Beddoe & Christopher Abad - Foundstone, Qualys - bind, aempirei
Marshal and Chris will be discussing heap corruption vulnerabilities.

Mike Schiffman - Director of Security Architecture - @stake - route
Mike will be discussing wireless security and probably answer
some questions about the latest release of libnet.

Niels Provos - C.S. PhD Candidate - University of Michigan - ActivatE
Niels will be talking about a paper title TBD and probably answer some questions
about the OpenSSH project he works on.

Ofir Arkin - Managing Security Architect - @stake - blaad
Ofir will be giving a new presentation about technical details
of VoIP security: Cracking SIP - Security Problems with VoIP Architecture

Rain Forrest Puppy - head puppy - Wiretrip Labs - cail
Paper Title TBD

Ralph Logan - CEO - Camisade - rkl
Paper Title TBD

Richard Salgado - Computer Crime and Intellectual Property - U.S. Department of Justice
Richard will be discussing recent policy and procedure changes
at the FBI and DOJ and have a Q&A about regulatory and operational 
changes with the recent  DMCA and anti-terrorism legislation.

Sebastien Lacoste-Seris and Nicolas Fischbach - securite.org d00dz - COLT Telecom - kaneda, nico
Paper title TBD.

Silvio Cesare - Qualys - zilvio
Silvio will be discussing reverse engineering of the
RST.b remote shell trojan linux virus caught in the wild, and 
virii anti-reverse engineering tactics and how to foil them.

Simple Nomad - Bindview
I want to be a Ninja Stealth Cyberterrorist - hypothetical scenarios for
stealthy internet communications and other case studies.

Solar Designer - head honcho - Openwall - solardiz
Solar designer will be talking about the openwall
secure linux patch and the secure OWL distribution.


Hope this helps. I look forward to seeing you all in May.

cheers,
--dr


-- 
--dr                    http://dragos.com/dr-dursec.asc
        CanSecWest/core02 - May 1-3 2002 - Vancouver B.C. - http://cansecwest.com