CanSecWest Presentation in Vancouver, B.C. on March 28-30

[Fyodor <fyodor () insecure org>]

Hello,

I just wanted to say thanks to all of you who attended my OSDEM
presentation in Brussels last week.  I think it (and the rest of the
conference) went well.

Some of you in North America complained that Europe is an inconvenient and
expensive destination for a 2-day conference.  So I have also agreed to
speak at CanSecWest in beautiful Vancouver, B.C. on March 28-30.  I am
currently planning to discuss "Packet Reconnaissance Techniques" and to
release a special version of Nmap at the conference which implements some
of the advanced techniques.  Of course, this is subject to change if I
think of something even cooler to talk about :).

For more information on the conference, including the speaker list, see
http://www.dursec.com/ .   Since I was so tardy in sending out this
invitation, I convinced Dragos ( the organizer ) to honor the early
(January) registration price until Feb 9 if you mention nmap-hackers when
you register.

Here is the full conference announcement:

                              CanSecWest/core01

 Network Security Training Conference: March 28-30 2001

 It will be held again in downtown Vancouver, B.C. Canada.

 The current conference speaker lineup includes:

 Renaud Deraison - Author of Nessus, speaking about the Nessus attack
 scanner, giving an overview of scanner operations and a tutorial on Nessus
 Attack Scripting Language (NASL). [http://www.nessus.org]

 Martin Roesch - Author of the popular Snort Intrusion Detection System
 (IDS), speaking about new developments in IDSes. [http://www.snort.org]

 Ron Gula of Enterasys - VP of IDS products, author of Dragon IDS, Speaking
 about evading IDS systems. [http://www.network-defense.com]

 Dug Song of Arbor Networks - Author of many famous networking tools.
 Speaking about monkey in the middle attacks on encrypted protocols such as
 SSH and SSL. :-) [http://www.monkey.org/~dugsong]

 Rain Forest Puppy - Will be speaking about assessing the web, with
 demonstrations of several new (previously unreleased) rfp.labs web tools
 including the release of Whisker 2.0 and other surprises in his inimitable
 style. [http://www.wiretrip.net]

 Mixter of 2XS - Author of several widely used distributed tools and some
 popular security whitepapers will give a talk about "The future of
 distributed applications" explaining the key elements of peer-to-peer
 networks, discussing a few examples/possibilities of distributed
 technology, and related security problems in distributed networks.
 [http://mixter.void.ru]

 K2 of w00w00 - Will present his new ADMutate, a multi-platform,
 polymorphic shell-code toolkit and libraries for detection evasion.
 [http://www.ktwo.ca] (Early reviews say it's scary good. --dr)

 Matthew Franz of Cisco -- Author of Trinux: A Linux Security Security
 Toolkit, will discuss a comprehensive security model (including tools and
 techniques) for conducting security evaluations of firewalls, VPNs, and
 other networked devices. [http://www.trinux.org]

 Lance Spitzner of Sun - Will present more of the HoneyNet group's honeypot
 findings, including watching Romanian hackers on their own web cam while
 they were hacking one of his honeypots for their botnet.
 [http://project.honeynet.org]

 Theo DeRaadt of OpenBSD - Paper Title TBA [http://www.openbsd.org]

 Fyodor of Insecure.Org - Author of the popular Nmap Security Scanner, will
 talk about Advanced Packet Reconnaissance Techniques.  He will also release
 a special version of Nmap which implements some of those techniques. 
 [http://www.insecure.org]

 Frank Heidt of @Stake - Paper Title TBA [http://www.atstake.com]

 HD Moore of Digital Defense - Will give a surely popular talk about his
 more esoteric NT/Win2k penetration test tricks in a presentation called
 "Making NT Bleed." where he will cover some of the procedures he has had
 to develop during the course of cracking multiple systems for customers
 daily. [http://www.digitaldefense.net]

 Jay Beale of MandrakeSoft - Author the the Linux Bastille scripts and
 Security Team Director at MandrakeSoft, will talk about securing Linux.
 [http://www.bastille-linux.org]

 Kurt Seifried of SecurityPortal.com - Will moderate a panel debate about
 cryptography... a "two edged sword" including PKI, SSH and SSL.
 [http://www.securityportal.com]

 Dave Dittrich of The University of Washington - Author of many famous
 Forensic Analyses and UW Senior Security Engineer, will give a talk about
 finding intruders, then tracing their actions through the trails they
 leave on penetrated systems. [http://www.washington.edu/People/dad/]

 Robert Graham of NetworkICE - CTO of NetworkICE, will discuss IDS
 operations and decoding technology, illustrating with exploits including
 his new "sidestep" utility during live demonstrations of the BlackICE
 Sentry IDS system and other IDSes like Snort. [http://www.networkice.com]

 Sebastien Lacoste-Seris & Nicolas Fischbach of COLT Telecom AG - Editors
 of the French Securite.Org site, will discuss the rollout of Kerberos
 across their company and hosting center using Kerberized SSH and Kerberos
 V5 across Unix/Cisco/Win2k platforms to provide strong authentication with
 SSO capabilities, their experiences, and what potential problems and
 limitations they faced. [http://www.Securite.Org]

 Schedule:

 Afternoon (1-6), Wed Mar 28.

 All Day (9-6:30) (and night :-), Thurs Mar 29,

 Morning (10-2/3) Fri 30.

 There will be some Birds of a Feather sessions held at 6:30 on Thursday -
 these will be announced at the conference.

 Venue:

 The venue will be the Pacific Palisades Hotel Conference Center on Robson
 Street.

 The hotel web site can be found at www.pacificpallisadeshotel.com We have
 negotiated discounted rates for the CanSecWest conference with the hotel
 at $150/night regular, and $200/night suite for attendees. I'm told that
 some (but not all) suites now feature in room high speed network access.
 Attendees need to tell the reservations desk they are attending the
 CanSecWest conference and that they should get the block discount rate
 when they make their reservation.

 The conference this year will be held in the hotel itself in their meeting
 facility, and will feature a catering room, as well as a a vendor display
 area and a place to set up your computer to check e-mail. There will be a
 wireless 802.11 network and a "Capture The Flag" contest over the wireless
 net, on-going throughout the presentations. There will be a display in the
 speaker room during the talks with the CTF target web page where the
 current "owner" of the CTF target server will be able to put up their
 advert, logo, pithy quote, or whatever. If you are bringing a PC with a
 wireless card, please ensure your firewalls are in good working order, as
 we assume no liability for what kind of traffic may be seen. (:-) This
 year, we will have a permanent coffee stand (after feedback from last
 year's sessions). Seating is limited and the venue is slightly smaller
 than last year so please book early to ensure a spot.

 How to register:

 In the month of January, you may register by sending PGP encrypted e-mail
 to dr () dursec com (gpg/pgp key on file at wwwkeys.pgp.net or here) with the
 following information:

 Your name

 Your company

 Your company address

 Visa card number/expiry

 Visa Billing Name and Address

 Your contact phone number.

 Your preferred e-mail address for conference mailings.

 (I'm sorry we still accept only VISA at this time and Mastercard or AmEx
 is not an option. We also accept pre-payment by couriered cheque or wire
 transfer of USD or CAD equivalents. Registrations are reserved upon
 receipt of cheque - please email dr () kyx net for further details about this
 payment method.)

 Alternatively if for some reason you cannot use encrypted e-mail, you can
 phone Dragos Ruiu at +1 (604) 722-3993 with the above information and he
 will process the VISA transaction manually. Please try to phone between
 10:00AM-8:00PM PST, but an occasional odd hour phonecall from weird
 timezones will be tolerated if it absolutely cannot be avoided.

 If you prefer, we can also reserve a hotel room on your credit card, if
 you specify dates. (We have been told that our block booking will have
 priority for the rooms with networking).

 In January the registration fee will be:

 USD$895 - for past attendees.

 USD$980 - for all others up until Jan 31.

 In February, an on-line booking system will be up at https://dursec.com
 and the registration fees for all will be USD$1120.

 In March, the registration fee will be USD$1350.

 Due to the slightly smaller venue we expect that registrations at the door
 will be extremely limited and potentially unavailable, at a cost of
 USD$1595.

 Vendor sponsorships are available at USD$2500, which as well as sponsoring
 a display table for the vendor also gives the vendor up to five attendee
 registrations at USD$580. The cut-off date for vendor sponsorships is
 March 9.

 Registration fees include catered lunches and coffee breaks. Thanks for
 your continuing support, and I hope we'll have a conference that will
 surpass the positive experiences of last years conference. I'm eager to
 see and hear the fascinating papers planned, and this year, we will be
 bringing back the popular technical book(s) (title TBD) that will be given
 to attendees, as well as having another conference CD-ROM full of goodies
 and some previously unreleased tools and information. I'm looking forward
 to seeing you there.

 Thank You,

 --dr







--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to 
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).