Re: Defcon Roll Call!

[AltF4 <altf4 () phx2600 org>]

Hey, I'm AltF4, I did the Defcon Friday 3:00 "Network Anti-Reconnaissance: Messing with Nmap Through Smoke and Mirrors" 
talk. Thanks for the mention!

I didn't intend for the talk to be a response to anything, except insofar as anti-reconnaissance is necessarily a 
response to reconnaissance in general.

If you're curious, you can check out our tool at projectnova.org. Slides from the HOPE #9 talk I just did about it are 
there, and I'll try to get video up soon as well.

Thanks again, you guys rock!
-Alt

On Sat, 21 Jul 2012 03:00:51 -0700 Fyodor <fyodor () insecure org> wrote:

   Hi folks!  The world's largest hacker conference starts next week and
   I hope many Nmap developers and community members can make it to Las
   Vegas!  This is the largest in-person Nmap meetup of the year, and
   Dark Tangent is pulling out all the stops to make this 20th Defcon the
   best ever.

   So who is going?  Please let me know so I can invite you to the Friday
   night developer dinner.  You don't need to be a committer--anyone
   listed in the CHANGELOG (http://nmap.org/changelog.html) is eligible.

   Also, it looks like we'll have the 1600-square-foot Nmap Party Suite
   again this year!  But instead of having a late night party with
   hundreds of people like last year, I'm leaning toward using it as a
   daytime refuge on Friday and Saturday.  We'll stock it with beers and
   sodas and snacks and folks can hang out while watching talks live on
   the hotel CATV system.  That beats waiting in line downstairs at the
   con only to get rejected at the door because the room is full.  Also,
   it allows us to call BS on speakers without getting kicked out.

   Of course Defcon isn't the only con in town.  Black Hat and BSidesLV
   are right before it and are shaping up to be great too.

   One slight disappointment is that there aren't many talks this year
   which are directly Nmap related or are given by Nmap devs.  But there
   are some:

   - Thursday 11:00AM - 11:50 Track 1 - "Intro to Digital Forensics:
      Tools & Tactics" by Ripshy & Hackajar.  This is a basic skills class
      covering Nmap, Metasploit, etc.

   - Friday 3:00 - 3:20 Turbo Talk Track - "Network Anti-Reconnaissance:
      Messing with Nmap Through Smoke and Mirrors" by Dan 'AltF4' Petro.
      I guess this is a response to my "Advanced Network Reconnaissance"
      talks (e.g.http://nmap.org/presentations/Shmoo06/).  Unfortunately
      this talk is short and is about deceiving Nmap than using it.

   - Sunday 11:00 - 11:50 Track 3 - "Improving Web Vulnerability
      Scanning" by Dan Zulla.  I don't know if he covers Nmap, but it
      could be interesting considering all the work we've put into making
      Nmap better at web scanning lately.

   - Sunday 12:00 - 12:50 Track 3 - "Post Metasploitation: Improving
      Accuracy and Efficiency in Post Exploitation Using the Metasploit
      Framework" by Egypt.  This is right after the web scanning talk.
      The Nmap relevance is that I think Egypt will show off the new
      Metasploit privilege escalation attack against SetUID Nmap.  Of
      course Nmap never installs SetUID and the manual has long warned
      people never to do that, and now it even prints a warning every time
      it runs if SetUID.  But some people still do it, and Metasploit is
      there to exploit them :).

   Hopefully I'll get my act together next year in time to do another
   advanced Nmap usage and research talk.

   While the Nmap-related talks are rather sparse, there are many other
   great talks on the schedule:
       http://defcon.org/html/defcon-20/dc-20-schedule.html

   So again, if you're going to Defcon and want to be invited to stuff,
   do let me know!  Please also send me your cell phone number for
   coordination.

   Cheers,
   Fyodor
   _______________________________________________
   Sent through the nmap-dev mailing list
   http://cgi.insecure.org/mailman/listinfo/nmap-dev
   Archived athttp://seclists.org/nmap-dev/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/