Home page logo
/

bugtraq logo Bugtraq mailing list archives

DC4420 - London DEFCON Tuesday 26th Feb 2013
From: Major Malfunction <majormal () pirate-radio org>
Date: Mon, 25 Feb 2013 09:27:48 +0000

Apologies for the late announcement...

Tomorrow we have a particularly excellent line-up!

Primary Speaker:

Arron Finnon - Finux Tech Weekly

Title:

"The OSNIF Project: NIDS/NIPS Testing and Auditing"

Synopsis:

Yeah great, I know its not a silver bullet! NIPS/NIDS have issues, and
that's putting it lightly. I've talked about their limitations for
awhile, and I get either "that's awesome" or "they've been done to
death". The truth is, we achieved nothing in fixing the problem. We can
moan about how rubbish they are, we can pretend it's not our problem, or
we can start to address the situation. For too long we've moaned, we've
made comments and done little to make them better. Vendors are making
money off products we all know could be doing a better job. Here's a
crazy idea, let's talk about the issues, why they suck, and this time
actually do something! What is to be lost by trying something new? Let's
accept they fail and instead, turn that frown upside down. This talk
isn't an answer, it's a beginning. Looking at some of the common and
uncommon issues faced in trying to make NIDS/NIPS better, and why we
fail at finding solutions. I don't have all the answers, however I
intend to answer one simple question; What is OSNIF?

I intend to look at the current situation surrounding testing and
assessing NIDS/NIPS and basically why it sucks.  I'll also discuss the
Open Source Network Intrusion Framework (OSNIF) project, which is a open
group set up by people involved within IDS/IPS to put together a testing
methodology for IPS/IDS.  Sort of OWASP but for NIDS/NIPS

~~

Secondary Speaker:

Adrian Hayter - Convergent Network Solutions

Title:

"The dangers of black box devices. Or...just how many insecure IP cameras are out there?"

Synopsis:

Last year a security vulnerability left hundreds of TRENDnet IP camera feeds exposed on the Internet, many of them broadcasting their owner's living rooms, or (even more disturbingly) children sleeping. One year on, and despite assurances from TRENDnet, a large number of feeds are still accessible. Over the last several months, I've hunted down the feeds of numerous types of camera and slowly built up an online viewer to illustrate the problem that these black box devices pose to uneducated users. This talk will give an overview of the processes involved in creating the viewer, as well as showcasing some of the more bizarre & interesting feeds that are still broadcasting to this day.

Venue is here:

  http://www.phoenixcavendishsquare.co.uk/

Full details:

  http://www.dc4420.org/

See you there!

cheers,
MM
--
"In DEFCON, we have no names..." errr... well, we do... but silly ones...


  By Date           By Thread  

Current thread:
  • DC4420 - London DEFCON Tuesday 26th Feb 2013 Major Malfunction (Feb 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault