Re: Classes?

[BlueBoar () THIEVCO COM (Blue Boar)]

> You know, this may seem a little off base, but, I don't know much about
> exploits, buffer overflows, linux networking, but I'd like to...  I'd
> love to see a class taught by a top notch freebsd, openbsd, linux admin
> teach a class on setting up dns etc.  and then a seperate class taught by
> an expert at bugtraq or something, to teach one on security measures
> etc.  With a lot of hands on work where we test exploits on eachother's
> machines, I think a lot of people would be interested...

This might be plug bait, but what the heck... :)

Ernst & Young offers a class they call "Extreme Hacking" which teaches
about how certain kinds of hacking works.  I haven't taken the class, but
from what I've been able to gather, I tend to think of it as "How to
perform a penetration test."

http://www.ey.com/aabs/isaas/ess/hacking.asp

Several E&Y guys, including a couple who run the above class, and the two
who write the Security Watch column for Infoworld have written a book
called "Hacking Exposed" along those lines:

http://www.amazon.com/exec/obidos/ASIN/0072121270/thievco

(The Thievco bit at the end is my little "Amazon store"... I had nothing to
do with the book, though it's a good book.)

Aleph1 occasionally gives lectures on the topics mentioned.  I know nothing
about exactly what the topics are, how much it costs, etc..

There are a number of good papers on the web on those topics.  I've seen
good buffer overflow papers from Mudge, Aleph1, and Dildog.  Check out the
last several issues of Phrack as well.

I'm working on a book that covers many of the topics you expressed interest
in, and I'm aware of a couple of other books in the works that i think
you'll find interesting as well, but you'll have to wait for their authors
to make announcements.

                                                        BB