Sharing of thoughts and information is what blogging is all about. This way we can learn from each other. Post A Comment!These postings are provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use.
Anthony Bartolo Twitter | LinkedIn
Pierre Roman Twitter | LinkedIn
Well I spent three days this week attending the SecTor pre-con training on Wireless Hacking and SecTor itself and it was worth every minute! The group behind SecTor put on a great event (I should note I was on the advisory committee) with world class speakers from around the world. I thought I’d provide a quick recap along with some links to help you keep up with the ever changing face of IT security.
Wireless Hacking with Dino Covotsos was without a doubt the most interesting training experience I have attended in a long time. First off I haven’t spent an entire day using Linux in a while and the total hands on approach Dino and his co-instructor Charlie used really allowed the entire class to test out WEP and WPA/WPA2 cracking techniques as well as steps to mitigate them. It was also very nice to have Edmonton’s very own Brad RenderMan Haines on hand to share his vast insight into wireless security. While, like you, I had read that WEP was insecure and have not used it in a few years I didn’t realize the tools available to crack WEP in minutes. Actually testing it out on a demo wireless access point really drives home the point. I didn’t realize that the same was also true for WPA/WPA2 access points. While those are a little more difficult (I did get in after about 20 minutes) they are easy to exploit but do offer some mitigation. So what did I walk away with?
At the actual event itself the most popular area had to be the Lock Picking Village hosted by Deviant Ollam. Again seeing someone pick a lock on TV or in a movie looks pretty simple, what you might not realize is that in most cases it is even simpler. Lock bumps, wafer keys, Bic pens and beer cans are all very common and can get a large majority of locks open in seconds. It didn’t take much for me to pick up the tools and give it a try opening most locks from your basic combination lock, to bike locks to deadbolts in seconds. Deviant’s Kahlua and milk powered session really made you think about physical security. I urge you to look at the content on his page and re-assess the physical security in your building.
It wasn’t all technical though as Johnny Long was back, this time delivering a keynote titled No Tech Hacking based on his new book. Johnny was a very entertaining and enlightening speaker who makes you look at the people, places and things around you in a very different way. His swag was the most popular at the event as well by selling out long before anything else did, most likely due to the fact that 100% of the money went to his group call http://ihackcharities.org/
As I drove home on Wednesday night after the event all I could think about was October 5-7 2009 as I am already looking forward to SecTor 2009!