[[
cons:tc7
]]
bw.net notes
Trace:
»
burn.sh
»
missiontrip
»
roasted-veggies
»
researchideas
»
sykeshotsprings
»
ventanacampground
»
nps
»
world
»
party
»
tc7
Table of Contents
Toorcon 7
URLs to Check
Jay Beale - Bastille
Andrea Bittau - Single Pkt Frag Attack
Toorcon 7
URLs to Check
toorcon conference proceedings
|
Dan Anderson blog
lockpicking101.com
|
irvine underground
|
synacklabs
|
hackaday
Books: Greyhat Hacking, How Not to Program in C++, Absolute BSD, Hacking - Art of Exploitation, Wicked Cool
Perl
, The Phone Bug Book
tor - the onion router
|
privoxy
|
freenetworks
|
openinfreno
|
osiris
|
samhain
nostartch presss
(30% off for toorcon)|
syngress press
neg9
|
nologin
|
shmoo
Jay Beale - Bastille
basatille-linux.org/jay
PCs are a target of opportunity, window of vuln before patches applied
always reacting to incidents, metasploit injects into running dlls
need for Hardening: 1) least privilege 2) minimalism
lots of templates, easy to do, bastille just puts it all in one: an EDUCATIONAL product
can create and copy policy files over to other systems to enforce and score/weight
has “audit” function - definible by anyone (bastille -a)
good no-touch inspection of security of system, will not make changes in audit mode
weighted score - psychological power, an incentive, and competitiveness
Andrea Bittau - Single Pkt Frag Attack
darkircop
-
http://toorcon.org/2005/conference.html?id=3
new attack on wep with single packet
airjack and aircrack, functionality on fbsd wi driver. from atheros sw card driver
flaw in wep shared key authentication, mgmt frames can still force others offline
cons/tc7.txt · Last modified: 2005/12/29 10:54 by bw
