[PEN-TEST] Fwd: CanSecWest/core01 Conference Announcement v1.4

[Dragos Ruiu <dr () KYX NET>]

I apologize in advance for the partially commercial nature of this,
but I think some of these talks will be of keen interest to the typical
reader of this list.... and it's usually easier to get forgiveness than
permission.... :-)

Some information for all of you regarding the CanSecWest/core01
Network Security Training Conference:

The dates for this year's conference are March 28-30.
It will be held again in downtown Vancouver, B.C. Canada.

The current conference speaker lineup includes:

Renaud Deraison - Author of Nessus, speaking about the Nessus attack scanner,
      giving an overview of scanner operations and a tutorial on Nessus Attack
      Scripting Language (NASL). [http://www.nessus.org]

Martin Roesch - Author of the popular Snort Intrusion Detection System (IDS),
      speaking about new developments in IDSes. [http://www.snort.org]

Ron Gula of Enterasys - VP of IDS products, author of Dragon IDS, Speaking
      about evading IDS systems.  [http://www.network-defense.com]

Dug Song of Arbor Networks - Author of many famous networking tools. Speaking
      about monkey in the middle attacks on encrypted protocols
      such as SSH and SSL. :-)   [http://www.monkey.org/~dugsong/]

Rain Forest Puppy - Will be speaking about assessing the web, with
      demonstrations of several new (previously unreleased) rfp.labs web
      tools including the release of Whisker 2.0 and other surprises
      in his inimitable style. [http://www.wiretrip.net]

Mixter of 2XS Ltd. (Israel) - Author of several widely used distributed tools
      and some popular security whitepapers will give a talk about  "The
      future of distributed applications" explaining the key elements of
      peer-to-peer networks, discussing  a few examples/possibilities of
      distributed technology, and related security problems in distributed
      networks. [http://mixter.void.ru]

K2 of w00w00 - Will present his new ADMutate, a multi-platform, polymorphic
      shell-code toolkit and libraries for detection evasion. [http://www.ktwo.ca]
      (Early reviews say it's scary good. --dr)

Matthew Franz of Cisco -- Author of Trinux: A Linux Security Security
      Toolkit, will discuss a comprehensive security model (including tools
      and techniques) for conducting security evaluations of firewalls, VPNs,
      and other networked devices. [http://www.trinux.org]

Lance Spitzner of Sun - Will present more of the HoneyNet group's honeypot
      findings, including watching Romanian hackers on their own web
      cam while they were hacking one of his honeypots for their botnet.
      [http://project.honeynet.org]

Theo DeRaadt of OpenBSD - Paper Title TBA  [http://www.openbsd.org]

Fyodor of insecure.org - Author of the popular nmap network scanner, will talk
      about new mapping and scanning tools and techniques. [http://www.insecure.org]

Frank Heidt of @Stake - Paper Title TBA [http://www.atstake.com]

HD Moore of Digital Defense- WIll give a surely popular talk about his more
      esoteric NT/Win2k penetration test tricks in apresentation called "Making
      NT Bleed." where he will cover some of the procedures he has had to
      develop during the course of cracking multiple systems for customers
      daily. [http://www.digitaldefense.net]

Jay Beale of MandrakeSoft - Author the the Linux Bastille scripts and Security
      Team Director at MandrakeSoft, will talk about securing Linux.
      [http://www.bastille-linux.org]

Kurt Seifried of SecurityPortal.com - Will moderate a panel debate about
      cryptography... a "two edged sword" including PKI, SSH and SSL.
      [http://www.securityportal.com]

Dave Dittrich of University of Washington: Author of many famous Forensic
      Analyses and UW Senior Security Engineer,  will give a talk about
      finding intruders, then tracing their actions through the trails
      they leave on penetrated systems. [http://www.washington.edu/People/dad/]

Robert Graham of NetworkICE: CTO of NetworkICE will discuss IDS operations
      and decoding technology, illustrating with exploits including his new
      "sidestep" utility during live demonstrations of the BlackICE Sentry
      IDS system and other IDSes like Snort. [http://www.networkice.com]

Nicolas Fischbach&Kaneda of COLT Telecom AG: Editors of the French
      securite.org site, will discuss the rollout of Kerberos across their
      company and hosting center using Kerberized SSH and Kerberos V5
      across Unix/Cisco/Win2k platforms to provide strong authentication
      with SSO capabilities, their experiences, and what potential problems
      and limitations they faced. [http://www.securite.org]

Schedule:
-------
Afternoon (1-6), Wed Mar 28.
All Day (9-6:30) (and night :-), Thurs Mar 29,
Morning (10-2 or 3) Fri 30.

There will be some Birds of a Feather sessions held at 6:30 on
Thursday - these will be announced at the conference.

--

The venue will be the Pacific Palisades Hotel Conference Center
on Robson Street.

The hotel web site can be found at www.pacificpallisadeshotel.com
We have negotiated discounted rates for the CanSecWest conference
with the hotel at $150/night regular, and $200/night suite for attendees.
I'm told that some (but not all) suites now feature in room high speed network
access. Attendees need to tell the reservations desk they are attending
the CanSecWest conference and that they should get the block
discount rate when they make their reservation.

The conference this year will be held in the hotel itself in their meeting
facility, and will feature a catering room, as well as a a vendor display area
and a place to set up your computer to check e-mail.  There will be a
wireless 802.11 network and a "Capture The Flag" contest over the
wireless net, on-going throughout the presentations.  There will be a
display in the speaker room during the talks with the CTF target web
page where the current "owner" of the CTF target server will be able
to put up their advert, logo, pithy quote, or whatever. If you are bringing a
PC with a wireless card, please ensure your firewalls are in good working
order, as we assume no liability for what kind of traffic may be seen. (:-)
This year, we will have a permanent coffee stand (after feedback from last
year's sessions). Seating is limited and the venue is slightly smaller than
last year so please book early to ensure a spot.


How to register:

-In the month of January, you may register by either sending PGP encrypted
  e-mail to dr () dursec com (gpg/pgp key on file at wwwkeys.pgp.net) with
  the following information:

      Your name
      Your company
      Your company address
      Visa card number/expiry
      Visa Billing Name and Address
      Your contact phone number.
      Your preferred e-mail address for conference mailings.

      (I'm sorry we still accept only VISA at this time and Mastercard
      or AmEx is not an option.  We also accept pre-payment by couriered
      cheque or wire transfer of USD or CAD equivalents. Registrations
      are reserved upon receipt of cheque - please email dr () kyx net
      for further details about this payment method.)

-Alternatively you can phone Dragos Ruiu at +1 (604) 722-3993 with
  the above information and he will process the VISA transaction manually.
  Please try to phone between 10:00AM-8:00PM PST, but an occasional
  odd hour phonecall from weird timezones will be tolerated if it
  _absolutely_ cannot be avoided.

If you prefer, we can also reserve a hotel room on your credit card, if
you specify dates.  (We have been told that our block booking will
have priority for the rooms with networking).

In January the registration fee will be:

USD$895 - for past attendees.
USD$980 - for all others up until Jan 31.

In February, an on-line booking system will be up at www.dursec.com
and the registration fees for all will be USD$1120.

In March, the registration fee will be USD$1350.

Due to the slightly smaller venue we expect that registrations
at the door will be extremely limited and potentially unavailable,
at a cost of USD$1595.

Vendor sponsorships are available at USD$2500, which as
well as sponsoring a display table for the vendor also gives
the vendor up to five attendee registrations at USD$580.
The cut-off date for vendor sponsorships is March 9.

Registration fees include catered lunches and coffee breaks.
Thanks for your continuing support, and I hope we'll have
a conference that will surpass the positive experiences of
last years conference. I'm eager to see and hear the fascinating
papers planned, and this year, we will be bringing back the
popular technical book(s) (title TBD) that will be given to
attendees, as well as having another conference CD-ROM
full of goodies and some previously unreleased tools and
information. I'm looking forward to seeing you there.

Thank You,-
--dr

--
Dragos Ruiu <dr () dursec com>   dursec.com ltd. / kyx.net - we're from the future
gpg/pgp key on file at wwwkeys.pgp.net or at http://www.dursec.com/drkey.asc

Email dr () kyx net for info about CanSecWest/core01: March 28-30, Vancouver B.C.
Speakers: Renaud Deraison/Nessus Attack Scanner, Martin Roesch/Snort/Advanced IDS,
  Ron Gula/Enterasys/IDS Evasion, Dug Song/Arbor Networks/Monkey in the Middle,
  RFP/Whisker2.0 and other fun, Mixter/2XS/Distributed Apps, Theo DeRaadt/OpenBSD,
  K2/w00w00/ADMutate, HD Moore/Digital Defense/Making NT Bleed, Frank Heidt/@Stake,
  Matthew Franz/Cisco/Trinux/Security Models, Fyodor/insecure.org/Network Mapping,
  Lance Spitzner/Sun/Honeynet Fun, Robert Graham/NetworkICE/IDS Technology Demo,
  Kurt Seifried/SecurityPortal/Crypto: 2-Edged Sword, Dave Dittrich/UW/Forensics,
  Nicolas Fischbach&Kaneda/COLT Telecom AG/securite.org/Kerberized SSH Deployment,
  Jay Beale/MandrakeSoft/Bastille-Linux/Securing Linux