applied security conferences and training: CanSecWest | PacSec | EUSecWest |

History

The CanSecWest conference was established in 2000. Archives of presented material may be found below.

Material Archives - 2014, 2013, 2012, 2011, 2010, 2009, 2008,
                    2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000

2014

Fighting Next-Generation Adversaries with Shared Threat Intelligence
Jacob West ; CTO - Enterprise Security Products, HP
USB Flash Storage Threats and Threat Mitigation in an Air-Gapped Network Environment
George Pajari ; HCIS
No Apology Required: Deconstructing Blackberry 10
Zach Lanier, Ben Nell ; Duo Security & Accuvant
Revisiting iOS Kernel (In)Security
Tarjei Mandt ; Azimuth Security
The Real Deal of Android Device Security: the Third Party
Collin Mulliner, Jon Oberheide ; Northeastern University, Duo Security
Exploring RADIUS
Brad Antoniewicz ; Foundstone/McAfee/Intel
Copernicus 2, SENTER the Dragon
Xeno Kovah, John Butterworth ; MITRE
All Your Boot Are Belong To Us
Corey Kallenberg, Yuriy Bulygin ; Intel, MITRE
Platform Firmware Security Assessment with CHIPSEC
John Loucaides, Yuriy Bulygin ; Intel
Keynote Presentation: Hon. Diane Finley br/> Federal Minister of Public Works and Government Services
Less is more, Exploring code/process-less techniques and other weird-machine methods to hide code (and how to detect them)
Shane Macaulay ; IOActive / Security Objectives
ROPs are for the 99%: A revolutionary bypass technology
Yang Yu a.k.a. "tombkeeper"; NSFOCUS Labs
Concurrency: a problem and opportunity in the exploitation of memory corruptions
Ralf-Philipp Weinmann; Comsecuris
Utilizing machine learning and DNS traffic to discover malware infections and C&C traffic
Brandon Niemczyk, Josiah Hagen, Jonathan Andersson
Exploit Detection
Haifei Li & Chong Xu ; McAfee a.k.a. Intel Security
Combating the Advanced Memory Exploitation Techniques: Detecting ROP with Memory Information Leak
Stanley Zhu and Chong Xu ; McAfee/Intel Security
Intelligent Use of Intelligence: Design to Discover
Ping Yan and Thibault Reuille ; OpenDNS
The Art of Leaks: The Return of Heap Feng Shui
Tao Yan a.k.a. "ga1ois" ; NSFOCUS Labs
Outsmarting Bluetooth Smart
Mike Ryan ; iSEC Partners

2013

Keynote
- DARPA's Peiter "mudge" Zatko
iOS6.1 - Exploitation 280 Days Later
- Stephan Esser (@i0n1c) Evil Maid Just Got Angrier: Why Full-Disk Encryption With TPM is Insecure on Many Systems
- Yuriy Bulygin, McAfee
Sandbox Escapes: When the Broker is Broken
- Peter Vreugdenhil (@WTFuzz)
Reflecting on Reflection - Exploiting Reflection Vulnerabilities in Managed Languages
- James Forshaw (@tiraniddo)
An Android Hacker's Journey: Challenges in Android Security Research
- Joshua J. Drake (@jduck1337)
Physical Privilege Escalation and Mitigation in the x86 World
- Oded Horovitz and Steve Weis (@sweis)
The Most Unusual APT
- Ryan McGeehan and Chad Greene, Facebook
DEP/ASLR bypass without ROP/JIT
- Yu Yang "tombkeeper"
SMS to Meterpreter - Fuzzing USB Modems
- Rahul Sasi (@fb1h2s)
Cracking and Analyzing Apple iCloud backups, Find My iPhone, Document Storage.
- Vladimir Katalov (@vkatalov), ElcomSoft
Desktop Insecurity
- Ilja van Sprundel & Shane "K2" Macaulay
Shining Some Light on the Evolution of BlackHole
- Chris Astacio, Websense
Project 53
- Dan Hubbard
Smart TV Security
- SeungJin Lee (@beist)
Godel's Gourd - Fuzzing for Logic Issues
- Mike "dd" Eddington (@sockstail)
MS SQL Post Exploitation Shenanigans: You're In, Now What?
- Rob Beck
Analysis of a Windows Kernel Vulnerability; From Espionage to Criminal Use
- Julia Wolf (@foxgrrl)
UPnP Vulnerabilities
- Daniel Garcia

2012

Deep Boot
- Nicholas Economou & Andres Lopez Luksenberg, Core
Mapping the Pen Tester's Mind: 0 to Root
- Nick (Kizz MyAnthia) D, Rapid7
Social Authentication
- Alex Rice, Facebook
Advanced Persistent Responses
- Peleus Uhley, Adobe
Inside the Duqu Command & Control Servers
- Roel Schouwenberg Kaspersky Labs
Root Proof Smartphones, and Other Myths and Legends
- Scott Kelly, Netflix
Probing Mobile Operator Networks
- Colin Mulliner
Legal Issues in Mobile Security Research
- Marcia Hoffman, EFF
iOS5 - An Exploitation Nightmare?
- Stefan Esser
Hardware-involved software attacks & defenses
- Jeff Forristal, Intel
Intro to Near Field Communication (NFC) Mobile Security
- Corey Benninger & Max Sobeil, Intrepidus
HDMI - Hacking Displays Made Interesting
- Andy Davis, NGS
Unveiling LTE Security
- Dr. Galina D. Pildush, Juniper
Vulerability Analysis and Practical Data Flow Analysis & Visualization
- Jeong Wook Oh, Microsoft
Playing with Network Layers to Bypass Firewalls' Filtering Policy
- Eric Leblond
New Threat Based Chinese P2P Network
- Jun XieMcAfee Labs
Scrutinizing a Country using Passive DNS an Picviz
- Sebastien Tricaud and Alexandre Dulanoy
The WOW Effect
- Christien Wojner

2011

Network Application Firewalls vs. Contemporary Threats
- Brad Woodberg, Juniper
Black Box Auditing Adobe Shockwave
- Aaron Portnoy, Logan Brown, Tipping Point / H.P. Zero Day Initiative
SMS-o-Death: From Analyzing To Attacking Mobile Phones on a Large Scale
- Nico Golde and Collin Mulliner, TU-Berlin
Runtime Firmware Integrity Verification: What Can Now Be Achieved
- Yves-Alexis Perez and Loic Duflot, ANSSI
The Law of Web Application Hacking
- Marcia Hofmann, EFF
Is Your Gaming Console Safe?: Embedded Devices, an AntiVirus-free Safe Hideout for Malware
- DongJoo Ha and KiChan Ahn, AhnLab Inc and Korea Financial Telecommunications & Clearings Institute
Dymanic Cryptographic Trapdoors
- Eric Filiol, ESIEA Laval CVO Lab & French DoD
Understanding and Exploiting Flash ActionScript Vulnerabilities
- Haifei Li, Fortinet
Chip & PIN is Definitely Broken
- Andrea Barisani and Daniele Bianco, Inversepath
iPhone and iPad Hacking
- Ilja van Sprundel, IOActive
Welcome To Rootkit Country
- Graeme Neilson, Aura Software Security
Project Ubertooth: Building a Better Bluetooth Adapter - Michael Ossmann, Great Scott Gadgets
Borken Fonts: The Story of Naive Parsers and Attacker Controlled Reboots
- Marc Schönefeld, Red Hat
Deconstructing ColdFusion
- Chris Eng & Brandon Creighton, Veracode
Stale Pointers Are The New Black
- Vincenzo Iozzo and Giovanni Gola, Zynamics GmbH
A Castle Made of Sand: Adobe Reader X Sandbox
- Richard Johnson, Sourcefire
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
- Dan Kaminski, Adam Cecchetti and Mike Eddington, Doxpara & Deja Vu Security
Security Defect Metrics for Targeted Fuzzing
- Dustin Duran, Matt Miller, David Weston, Microsoft
GRAPE: Generative Rule-based Generic Stateful Fuzzing
- Nicholas Green, FourteenForty
IPv6 Implementation and Security Round Table - A Moderated Disagreement or a Chorus?
- David Shinberg, Marc "van Hauser" Heuse, Guillaume Valadon

2010

Internet Nails
Marcus Ranum, Tenable
Under the Kimono of Office Security Engineering
- Tom Gallagher & David Conger, Microsoft
Automated SQL Ownage Techniques
- Fernando Federico Russ, Core
Can you still trust your network card?
- Yves-Alexis Perez & Loïc Duflot
SEH overwrite and its exploitability
- Shuichiro Suzuki, Fourteenforty
There's a party at ring0, and you're invited.
- Julien Tinnes & Tavis Ormandy, Google
Babysitting an army of monkeys: an analysis of fuzzing 4 products with 5 lines of Python
- Charlie Miller, Independent Security Evaluators
ShareREing is Caring
- Halvar Flake and Sebastian Porst, zynamics GmbH
Cisco IOS Exploitation with IODIDE
- Andy Davis, KPMG
Random tales from a mobile phone hacker
- Collin Mulliner
Legal Perspectives of Hardware Hacking
- Jennifer Granick, EFF
Stuff we don't want on our Phones: On mobile spyware and PUPs
- Jimmy Shah, McAfee, Inc
Practical Exploitation of Modern Wireless Devices
- Thorsten Schroeder and (contributing) Max Moser, Dreamlab Technologies
RFID Hacking at Home
- Dr. Melanie Rieback, Vrije Universiteit Amsterdam
Advanced Mac OS X Physical Memory Analysis
- Matthieu Suiche
Full Process Analysis and Reconstitution of a Virtual Machine from the Native Host
- James Butler, MANDIANT
Through the Looking Glass: An Investigation of Malware Trends and Response Activity
- Jeff Williams, Microsoft
The Jedi Packet Trick takes over the Deathstar: taking NIC backdoors to the next level
- Arrigo Triulzi, Independent Security and Networking Consultant

2009

Writing User Friendly Exploits
- Skylar Rampersaud, Immunity
The Smart-Phones Nightmare
- Sergio 'shadown' Alvarez
A Look at a Modern Mobile Security Model: Google's Android
- Jon Oberheide, University of Michigan
Multiplatform Iphone/Android Shellcode, and other smart phone insecurities
- Alfredo Ortega and Nico Economou, Core
Decompiling Dalvik and other JavaFX
- Marc Schoenefeld
An overview of the state of videogame console security
- Victor Muñoz
Persistent BIOS Infection
- Anibal Sacco & Alfredo Ortega, Core
Getting into the SMRAM: SMM Reloaded
- Loíc Duflot
Sniff keystrokes with lasers/voltmeters: Side Channel Attacks Using Optical Sampling of Mechanical Energy Emissions and Power Line Leakage
- Andrea Barisani & Daniele Bianco, Inverse Path
Hacking Macs for Fun and Profit
- Dino Dai Zovi & Charlie Miller
Bug classes we have found in *BSD, OS X and Solaris kernels
- Christer Oberg and Neil Kettle, Convergent Network Solutions
Exploiting Unicode-enabled software
- Chris Weber, Casaba Security
Chinese Infosec & Malware Overview
- Wei "icbm" Zhao, 365menshen
Platform-independent static binary code analysis using a meta-assembly language
- Sebastian Porst & Thomas "halvar" Dullien, zynamics
Binary Clone Wars: Software Whitelisting for Malware Prevention and Coordinated Incident Response
- Shane Macaulay, Sean Comeau, and Derek Callaway, Security Objectives
Network design for effective HTTP traffic filtering
- Jeff "rfp" Forristal, Zscaler
The Evolution of Microsoft's Exploit Mitigations
- Matt Miller and Tim Burrell, Microsoft
Automated Real-time and Post Mortem Security Crash Analysis and Categorization
- Jason Shirk & Dave Weinstein, Microsoft
Ninja Scanning
- Fyodor, Insecure.org
Kicking It Old School: No DNS Packets Were Harmed In The Making Of This Presentation
- Dan Kaminski, IOActive
SSL, The Sequel: MD5 collisions and EV certificates
- Alexander Sotirov & Mike Zusman

2008

Marty Roesch - Sourcefire
Snort 3.0
Rich Cannings - Google
Cross-Site Scripting Vulnerabilities in Flash Authoring Tools
Jan "starbug" Krissler & Karsten Nohl - CCC
Proprietary RFID Systems
Mark Dowd & John McDonald - IBM ISS
Media Frenzy: Finding Bugs in Windows Media Software
Rob Hensing - Microsoft
Targeted Attacks and Microsoft Office Malware
Oded Horovitz - VMWare
Virtually Secure
Frédéric Raynal - Sogeti/Cap-Gemini
Malicious Cryptography
Thierry Zoller and Sergio Alvarez - n.runs
The Death of AV Defense in Depth? Revisiting Anti-Virus Software
Sun Bing
VMWare Issues
Sebastien Tricaud and Pierre Chifflier - INL
Intrusion Detection Systems Correlation: a Weapon of Mass Investigation
Dan Hubbard and Stephan Chenette - WebSense
Web Wreck-utation
Marcel Holtmann - Intel
Secure programming with gcc and glibc
olleB - toolcrypt.org
Mobitex network security
Michael Eddington - Leviathan
Peach Fuzzing
Charlie Miller - Independent Security Evaluators
Fuzz by Number
Frank Marcus & Mikko Varpiola - Wurldtech / Codenomicon
Fuzzing WTF? What Fuzzing Was, Is And Never Will Be.
Kowsik Guruswamy - Mu
Vulnerabilities Die Hard
Dan Grifin - JW Secure
Hacking Windows Vista
Philippe Lagadec - NATO/NC3A
ExeFilter: a new open-source framework for active content filtering
Eric Hacker - BT INS
VetNetSec: Security testing for Extremists
Andres Riancho - Cybsec
w3af: A framework to own the web
Scott K. Larson - Stroz Friedberg
A Unique Behavioral Science Approach to Threats, Extortion and Internal Computer Investigations

2007

Barnaby Jack - Juniper
Exploiting Embedded Systems - The Sequel!
Andrea Barisani & Daniele Bianco - Inverse Path
Unusual Car Navigation Tricks
Jim Hoagland - Symantec
Vista's Network Attack Surface
Mark Russinovich - Microsoft
Vista Internals: User Account Control, Protected-Mode IE, and Bitlocker
Adam Laurie - Trifinite
RFID
Jose Nazario, PhD. - Arbor
Reverse Engineering Malicious Javascript
Ilja van Sprundel
Unusual bugs (2007 Edition, With More Flavor and Less Calories!)
Luis Miras
Other Wireless: New ways to get Pwned
Nicolas Fischbach - COLT
NGN - Next Generation Networks (err... Nightmare) ?
Marcel Holtmann - Red Hat
Wii Control You
Su Yong Kim & Do Hoon Lee - NSRI, Seong Deok Cha, KAIST
Playing with ActiveX controls
Ron Gula - Tenable
Good and Bad Uses of Vulnerability Data
Tavis Ormandy - Google
An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments
Michael Geide - United States Department of Homeland Security
A Network Analysis Manifold
Philippe Biondi & Arnaud Ebalard - EADS
Fun with IPv6 routing headers
HD Moore - BreakingPoint Systems
Live Free or Hack Hard: Metasploit 2007
Tim Vidas - University of Nebraska
Post-Mortem RAM Forensics
Roelof Temmingh
I know what you (and your company) did last summer...
Jonathan Wilkins - iSec Partners
ScarabMon: Automating Web Application Pentests
Richard Gowman & Eldon Sprickerhoff - eSentire
Black Box Analysis and Attacks of Nortel VoIP Implementations
Michael Sutton - SPIDynamics
Smashing Web Apps: Applying Fuzzing to Web Applications and Web Services
V. Anil Kumar - National Aerospace Laboratories, Bangalore
Low-Rate Denial-of-Service attacks

2006

van Hauser THC / n.runs GmbH
Attacking the IPv6 protocol suite
Jim DeLeskie & Danny McPherson - Teleglobe, Arbor Networks
Protecting the Infrastructure
Steve Lord
An hour of Rap and Comedy about SAP - Mo' Budget, Mo' Problems
Edward Balas & Mike Davis - Indiana University
Next Generation Sebek
Tim Johnson - Technical Security Consultants Inc.
RF Technical Security Counter Measures
Major Malfunction
Magstripe Madness
HD Moore - BreakingPoint
Metasploitation (and a dash of IPS)
Nico Fischbach - COLT
Carrier VoIP Security
Hendrik Scholz - Freenet Cityline GmbH
Attacking VoIP Networks
Loc Duflot
Security Issues related to Pentium System Management Mode
Christopher Abad - Cloudmark
Advancements in Anonymous eAnnoyance
Josh Ryder - University of Alberta
Real Time Threat Mitigation Techniques
Crispin Cowan - Novell
Stunt Profiling: Securing a System While You Wait
Lisa Thalheim
Visualizing source code for auditing
Alex Stamos, Scott Stender iSEC Partners -
Attacking Web Services
Alexander Sotirov - Determina
Reverse Engineering Microsoft Binaries
Fred Arbogast and Sascha Rommelfangen - S.E.S. Astra
Zen and the art of collecting and analyzing Malware
Renaud Bidou - RADWare
How to test an IPS
Dennis Cox - BreakingPoint
Insiders View: Network Security Devices
Halvar Flake
More on Uninitialized Variables
Eric Byres - BCIT
Security Testing SCADA and Control Systems
Julien Tinnes, Yoann Guillot - France Telecom R&D
Windows HIPS evaluation with Slipfest
Panel Discussion
Vulnerability Commercialization

2005

Christopher Abad
New Security Analysis Techniques
Philippe Biondi
Packet generation with scapy
Cesar Cerrudo
Windows Internals
Gal Delalleau
Large Memory Usage
Cedric Blancher
Mobile Workstations, mitigating the crawling trojans
Maximillian Dornseif
0wn3d by an iPod: Firewire/1394 Issues
Hiroaki Eto
Stack Protection Systems (ProPolice, XP SP2...)
Nicolas Fischbach - COLT
The Use of Network Flows in Security
Halvar Flake
Binary Difference Analysis
Fyodor - insecure.org
Hacking NMAP and mapping techniques
Fernando Gont
ICMP Attacks
Job de Haas
Mobile Phone Symbian OS Security
Barnaby Jack - eeye
Step into Ring 0
Shane "K2" Macaulay & Dino Dai Zovi - Bloomberg
Rogue Access Points
Brian Martin & Jake Kouns
OSVDB & Vulnerability Databases
David Maynor
0wn3d by everything else: USB/PCMCIA Issues
H D Moore & spoonm
Advances in Exploit Technology
Marty Roesch - Sourcefire
Target Based IDS and Snort Roadmap
Mike Schiffman
The Common Vulnerability Scoring System
Window Snyder - Microsoft
XPSP2 Internals
Alex Wheeler & Neel Mehta
Anti-Virus Issues

2004

Lance Spitzner
Why Honeypots Suck
Jun-Ichiro "itojun" Hagino
IPV6 Security
Ollie Whitehouse
Bluetooth: Red Fang, Blue Fang
Laurent Oudot
Towards Evil Honeypots? When they bite back
Phillipe Biondi
Shellforge NextGen: Shellcodes for everybody and every platform
Greg Taleck
New methods in OS Fingerprinting / TCP stack testing
Danny McPherson & Paul Quinn
Sink Hole Networks
H.D. Moore
Exploiting the Metasploit Framework
Ulf Mattsson
A real time intrusion prevention system for enterprise databases
Matthew "shok" Connover & Oded Horovitz
Reliably Exploiting Windows Heap Overflows
Paul Watson
Slipping in the Window: TCP Reset Attacks
Marty Roesch
Your Network is Talking, are you Listening?
Stefano Zanero
Unsupervised Learning Techniques / Data Mining for Intrusion Detection
Rakan "xvr" El-Khalil
Information hiding in binaries
Halvar
Binary difference analysis.
Michael Richardson
Opportunistic Encryption
Tom Ptacek
Something Cool
Theo DeRaadt
OpenBSD
Sharad Ahlawat
Cisco PSIRT TCP/BGP Q&A
Panel Session
Internet Legal Issues

2003

Fyodor
Advanced network reconnaissance techniques
Neel Mehta & Shaun Clowes
Advances in ELF binary runtime encryption
Dan Kaminsky
Strange cool things about TCP/IP
Oded Horovitz
Memory Access Detection
Lance Spitzner
Evolutions in honeypot technology
Theo DeRaadt
Advances in OpenBSD
Ron Gula & Renaud Deraison
Distributed Vulnerability Scanning
Jed Haile
IDS data correlation
Jose Nazario
Internet trust evaluation using distribtion statistics
Fx of Phenoelit
Attacking networked embedded systems
Jeff Nathan & Brian Caswell
Developments in IDS technology
Gary Golomb
Defeating Forensic Analysis
Halvar Flake
Automated bug detection

2002


Oliver Friedrichs & Alfred Huger - Security Focus
Oliver and Alfred spoke about the back end analysis system of their ARIS product
Crispin Cowan - WireX Communications
The Linux Security Module project, Immunix and it's components: StackGuard, FormatGuard, and RaceGuard
David Dittrich - University of Washington
Forensics and the latest security fun and games at UW
Dug Song - Arbor Networks
A sequel to fragrouter: New IDS evasion techniques
HD Moore - Digital Defense
Passive analysis and distributed security scanning using Nessus
Ivan Arce - Core SDI
Automated penetration testing with CORE Impact
Jed Haile - Nitro Data Systems
Hogwash: A snort based Gateway Intrusion Detection System(GIDS)
Jonathan Wilkins - Microsoft
Layer 2 hijacking attacks with Taranis
jobe - w00w00
Buffer Overflows: A cumulative review: It's not just %i7/%eip anymore
Jeff Nathan & Brian Caswell
IDS technology and experiences in deploying very large distributed IDS systems
Halvar Flake - Blackhat Consulting
Graph based binary analysis
Lance Spitzner - Sun Microsystems
Setting up Honeypots and Honeynets
Marty Roesch - Sourcefire
Enterprise IDS deployment and IDS OpenSnort Console
Matthew "Shok" Conover - w00w00/Entercept Security Technologies
.NET and utilities to play with it
Mike Schiffman & Dave Pollino - @stake
Wireless security and wireless auditing
Niels Provos - University of Michigan
OpenSSH
Ofir Arkin - @stake
VoIP security: Cracking SIP - Security Problems with VoIP Architecture
Rain Forrest Puppy - Wiretrip Labs
Assessing the web: finally some tools that are worthy
Richard Salgado - United States Department of Justice
Policy and procedure changes at the FBI and DOJ and Q&A about regulatory and operational changes with the recent DMCA and anti-terrorism legislation
Sebastien Lacoste-Seris & Nicolas Fischbach - securite.org/COLT
IP network infrastructure(s) in Cisco environment: attacks and defenses
Silvio Cesare - Qualys
Reverse engineering of the RST.b remote shell trojan linux virus, and virii anti-reverse engineering tactics and how to foil them
Simple Nomad - Bindview
I want to be a Ninja Stealth Cyberterrorist - hypothetical scenarios for stealthy internet communications and other case studies
Solar Designer & Rafal Wojtczuk - Openwall Project
Openwall GNU/*/Linux (Owl) security enhanced distribution

2001

Presentation Archives

Renaud Deraison, author of Nessus, spoke about the Nessus attack scanner, giving an overview of scanner operations and a tutorial on Nessus Attack Scripting Language (NASL).

Martin Roesch, author of the popular Snort Intrusion Detection System (IDS), spoke about new developments in IDSes.

Dug Song of Arbor Networks, author of many famous networking tools. Spoke about monkey in the middle attacks on encrypted protocols such as SSH and SSL.

Rain Forest Puppy spoke about assessing the web, with demonstrations of several new (previously unreleased) rfp.labs web tools and other surprises in his inimitable style.

Mixter of 2XS, author of several widely used distributed tools and some popular security whitepapers gave about "The future of distributed applications" and explained the key elements of peer-to-peer networks, discussing a few examples/possibilities of distributed technology, and related security problems in distributed networks.

K2 of w00w00 presented his new ADMutate, a multi-platform, polymorphic shell-code toolkit and libraries for detection evasion.

Matthew Franz of Cisco, author of Trinux discussed a comprehensive security model (including tools and techniques) for conducting security evaluations of firewalls, VPNs, and other networked devices.

Lance Spitzner of Sun presented more of the HoneyNet group's findings, including watching Romanian hackers on their own web cam while they were hacking one of his honeypots for their botnet.

Theo de Raadt is the principal architect of the OpenBSD operating system project. He spoke about file globbing vulnerabilities.

Fyodor of insecure.org, author of the popular nmap network scanner, talked about new mapping and scanning tools and techniques.

HD Moore of Digital Defense gave a talk about his more esoteric NT/Win2k penetration test tricks in a presentation called "Making NT Bleed." He will covered some of the procedures he has had to develop during the course of cracking multiple systems for customers daily.

Jay Beale of MandrakeSoft, author the Linux Bastille scripts and Security Team Director at MandrakeSoft, spoke about securing Linux.

Kurt Seifried formerly of SecurityPortal.com, explored issues surrounding cryptography... a "two edged sword" including PKI, SSH and SSL.

Dave Dittrich of The University of Washington, author of many famous forensic analyses and UW Senior Security Engineer, gave a talk about finding intruders, and tracing their actions through the trails they leave on penetrated systems.

Robert Graham, CTO of NetworkICE, discussed IDS operations and decoding technology, illustrating with exploits including his new "sidestep" utility during live demonstrations of the BlackICE Sentry IDS system and other IDSes like snort.

Sebastien Lacoste-Seris and Nicolas Fischbach of COLT Telecom AG, editors of the French securite.org site, discussed the rollout of Kerberos across their company and hosting center using Kerberized SSH and Kerberos V5 across Unix/Cisco/Win2k platforms to provide strong authentication with SSO capabilities, their experiences, and what potential problems and limitations they faced.

Andrew Reiter and Christopher Abad, R&D Engineers with Foundstone Inc., spoke about format string vulnerabilties with emphasis on the win32 environment.

Gary Golomb of Enterasys presented a talk about tools like NT Rootkit and the fact that a lot of the DDOS clients don't need a full three way handshake to establish a session.

John Tan, a research scientist from @stake gave a talk entitled Forensic Readiness: Strategic Thinking on Incident Response.

Andrew R. Baker is a senior software engineer at farm9. He talked about advanced Snort techniques.

2000

Presentation Archives

Ron Gula of Network Security Wizards, an Ex-U.S. government computer security analyst, who founded Network Security Wizards and authored the Dragon intrusion detection system. Ron discussed intrusion detection sensors, drawing upon his large base of practical experience in the area.

Ken Williams of Ernst & Young [editors note: now eSecurity Online] The creator of famous hacker super-site packetstorm The infamous "tattooman" gave some pointers on NT security.

Marty Roesch of Sourcefire author of the popular snort intrusion detection system and senior software engineer on the "ARMOR" intrusion detection system. He talked about good ways to snort out intruders.

rain.forest.puppy of wiretrip.net, a noted security analyst, covered the latest exploits and how to protect against them.

Theo DeRaadt, the leader of the OpenBSD secure operating system project talked about securing operating systems.

Fyodor of insecure.org and author of the award winning nmap security scanner and several seminal papers describing techniques for stealth port scanning and OS detection via TCP/IP stack fingerprinting. Fyodor demonstrated the use of nmap to identify subtle security vulnerabilities in a network.

Lance Spitzner of Sun Microsystems graciously agreed to hop on to the CanSecWest speaking roster at the last minute to substitute for Max Vision due to legal difficulties. Lance discussed intruder forensics, stealth information gathering and passive monitoring of intruders to your systems. He will demonstrate this using actual intrusion traces of break-ins to his systems at home.

Dragos Ruiu Presented some security tutorials and is the guy who started all this shit...