Nmap Tutorials and CanSecWest Presentation

[Fyodor <fyodor () insecure org>]

Hello Everyone,

In case anyone is interested, I have agreed to give 2 half-day Nmap
tutorials at the new Security Masters Dojo event in Vancouver,
B.C. Canada on May 3 and 4.  This directly precedes one of my favorite
conferences, CanSecWest, at which I will also be presenting.  Both
events are organized by security expert and fellow Nmap-hacker Dragos
Ruiu.

My favorite aspect about the Security Masters Dojo is that the
speakers are all well-known authorities on their topics.  You've got
Renaud Deraison teaching Nessus, Marty Roesch and Brian Caswell on
Snort, Dave Aitel and Gerardo Richarte teaching exploit development
classes, and many other great instructors.  Attendance is also limited
to 10 paid registrants -- insuring that the sessions are quite
interactive and useful.  Here is the description for my session:

   Nmap author Fyodor demonstrates advanced network reconnaissance
   techniques. Topics include analyzing and circumventing firewalls,
   defeating intrusion detection systems, speed optimization for
   scanning large networks, automating daily scans, and more.

   Rather than simply re-hash man pages and define each option flag,
   Fyodor shows how practical problems are solved by combining several
   techniques with careful analysis. Excerpts from his upcoming Nmap
   book document effective scanning strategies. Complementary open
   source tools such as Hping2 and Netcat are also demonstrated.

   Attendees should arrive with Nmap installed on their
   network-equipped laptop computers. They should already be familiar
   with Nmap and its basic options.  A good test is to run the
   command:

      nmap -A -T4 -PT53,80,113 scanme.nmap.org

   to ensure that it works and that the output and command-line itself
   are well understood.

The Dojo information/registration page is up at
http://www.cansecwest.com/dojoq.html .  Here is a more detailed
announcement that Dragos sent out:

CanSecWest Security Masters Dojo
----------------------------------------

Dates: Morning/Afternoon May 3 and Morning May 4
        (Immediately preceding CanSecWest/core05)

Venue: Mariott Harbourside. Vancouver BC Canada
        (Off site lab equipment provided by BCIT IEL)

Duration: 7 half day courses in three sessions. 
        (each course offered twice in the three
         possible sessions.)

Registration Maximum: 10 Students per course session.


Description
-----------
Advanced and intermediate security training
and technology enhancement for information
security professionals.

To address the need for intermediate and advanced
educational requirements that go beyond the introductory
materials typically found in most currently existing
training (which are often geared towards the
novice level) for professionals who already have
significant work experience, and want to further
improve their skills, we have assembled a curriculum
of hands-on, half day, training programs - delivered
by industry renowned experts who are pre-eminent
in their fields.

This is information security university level training
for practitioners who already have substantial
knowledge and wish to broaden their boundaries.
It goes beyond introductory level material to
focus and delve more deeply into technical
subjects that aren't addressed in other currently
available training.

The initial courses offered will be:

Gerardo Richarte - Core Security Technologies - Assembler
        Language Programming: Assembly for Exploits

Dave Aitel - Immunity Inc. - Your first Exploit: An
        accelerated class in Windows exploitation

Halvar - Reverse Engineering: Rapid Bug
        Discovery and Input Crafting

Fyodor - Insecure.Org - Network Reconnaissance
        with NMAP

Renaud Deraison - Tenable Network Security - Vulnerability
        Scanning: Advanced NESSUS Usage

Marty Roesch & Brian Caswell - Sourcefire - Advanced
        IDS deployment and Signature Creation: Learn
        to get the most from your SNORT deployment

Laurent Oudot & Nico Fischbach - Applied network security
        and advanced anomaly detection using state-of-the-art
        honeyports and netflow/NIDS

These instructors are each considered to be the world's
top experts in their field. Many have been responsible
for the creation of some of the most famous and useful
security tools and methodologies you probably use
frequently in your normal security tasks. All
have given many introductory courses and are
experienced instructors. They are knowledgeable
in what students need to advance their skills.
Many have created course material that other
instructors still use. Each has taken that wisdom
and knowledge of training and refined it into material
to take your understanding to the next level. Our
goal is to empower you to be the experts in
your organization so that you can help your
company be an information security powerhouse.
Let our sensei transform your skill to the next
degree of intensity.

Our half day format is oriented towards maximum
information transfer and learning retention.
Research into learning retention rates has proven:

Teaching Method - Knowledge Retention

See/Hear - Lecture 5%
Reading - 10%
Audio Visual / Video - 20%
Demonstration - 30%
Discussion Group - 50%
***Practice by Doing*** - 75%
Teaching Others - 90%
****Immediate application of learning in a real situation**** - 90%

Patterned after martial arts combat training, the
Security Masters Dojo will focus on real world
applications of new skills which can help you
advance in the field of information security. You
will learn difficult to aquire skill sets from the
world's top practitioners. A series of tests will
challenge and verify your skills in each course
area, with series of ceremonial belt colors which
are awarded after successful attainment of
each difficulty level in the testing challenges.
The most difficult levels (black belt), are
difficult to attain. But you can rest assured
that if you study and persevere, by attaining
and overcoming the challenges, you too
will indeed become a world class expert in
information security - with an exclusive skill
and knowledge level few have reached.

As incentives to performance, two additional
rank awards will be presented to the two
most exceptional students in each Dojo sitting
at the belt award ceremony at the opening of
the CanSecWest/core05 conference.
(highest cumulative test scores per Dojo
after normalization by class average)

Top student:    Authentic weapon grade Japanese
                Folded Samurai Katana Sword -
                Soft and hard powdered carbon
                steel blend, tameshigiri grade cutting
                sword good for iaido practitioners.
                It's not just decorative, this is the
                real thing. (We can ship it home
                if you think you might have any
                issues with airport security :-)
                (~USD$1200)


Runner-up:       Linux Zaurus SL3000 PDA with
                4Gig hard drive and VGA touchscreen,
                only available in Japan, converted to
                english menus and pre-loaded
                with security tools and NICs. This
                too is not just decorative. (~USD$1200)

Each class is offered in two sessions per dojo
and features one or two expert intructors teaching
a small group (maximum of ten people are
allowed to register per session, class max 12).
Courses have a strong hands-on laboratory component
and prepared exercises for you to perform.
Laboratory equipment for the excercises
and a gigabit peering link will be provided
by the BC Institue of Technology Internet
Engineering Laboratory.
(http://www.bcit.ca/appliedresearch/facility/iel/)

To accomodate this, each class may have
prerequisites for software loads and a laptop
is mandatory.  The individual class guides
will list material the students are expected
have knowledge about coming in and
software tools that need to be pre-installed
before attending so you get the maximum
benefit from the focused intermediate or
advanced level course. Please pay particular
attention to the prerequisites, as the
material listed there will not be reviewed
in the courses, and will be necessary
to get the maximum benefit out of these
educational programs.

The small size (10) means that space is limited,
so you must book early, but you will be assured
that the low student-instructor ratio will mean
that you will each get specific attention to
assisting your individual learning process.

Our sensei masters have said "Hai!" to the
challenge of improving your skills. I hope you
choose to say so too and rise to the challenge
of increasing your information security
knowledge.

More information on courses and registration
will be found at:

 http://cansecwest.com/dojoq.html

cheers,
--dr (a.k.a. Dojo Mama-san :-)



--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to 
nmap-hackers-help () insecure org . List archive: http://seclists.org