“Own or be Pwned” – A little goes a long way..

1. “Own or be Pwned” – A little goes a long way.. By: Ozan Gonenc Ryan Thomas Date: Nov 22, 2007 Time: 6:30 to 7:30 PM Location: Room T130, Algonquin College, Woodroffe Campus Please RSVP to raedabdullah@ieee.org ABSTRACT Own your destiny.  No system can ever be 100% secure.  Security holes in corporate and campus networks are increasingly targeted by thieves and hackers alike for fun and for profit. Security breaches happen every day.  Most of them untold, yet the ones that hit the mainstream have touched almost all of us.                                     This presentation includes a demonstration of the tools used and the effort required for a successful hack.  The hands-on, live demonstration is followed by the lessons learned and an introduction to some of the types of safeguard strategies that can help minimize the risk to those systems that host not just corporate secrets worth millions, but your personal information as well. Proudly Organized and Sponsored By: Speaker Bios Ozan Gonenc has acquired GIAC’s Certified Incident Handling and ISC2’s CISSP certificates. He currently works as a Manager in the Deloitte’s Security and Privacy Practice. His area of focus includes Vulnerability Management.Ryan Thomas is a Certified Ethical Hacker and CISSP with many years of experience in information security. He is currently a Senior Security Consultant with Deloitte’s Security and Privacy Practice in Ottawa, Canada. IEEE Alliance of Consultants Network (AICN) IEEE Women in Engineering (WIE) IEEE Reliability Society (RS) IEEE Antennas & Propagation Society / Microwave Theory & Techniques Society (AP/MTT) IEEE Algonquin College Student Branch

2. “Fools Gold or Pay Dirt - Is Network Scanning Detection a Worthwhile Activity?” Date: Nov 29, 2007 Time: 6:30 to 7:30 PM Location: Room T130, Algonquin College, Woodroffe Campus Please RSVP to raedabdullah@ieee.org By: David Whyte ABSTRACT Networks are constantly bombarded by backscatter packets, incessant probes from auto rooters, malware infected systems (e.g. worms), and Internet cartographers. It can be argued that given the volume of nonproductive network traffic on the Internet, a network operator would be better served focusing on ensuring the latest patches have been installed rather than wasting their time engaging in quixotic endeavors such as network scan detection. In this talk, I will briefly discuss my latest progress on the development of dark port scanning detection technique. Specifically, I will discuss how the network-centric knowledge gained by the dark port technique allows for precise, faster, and finer-grained detection of scanning activity that directly threatens publicly available network services. I will argue that network scanning detection should be an essential part of any network operator's "virtual IT security toolbox". Proudly Organized and Sponsored By: IEEE Alliance of Consultants Network (AICN) IEEE Women in Engineering (WIE) IEEE Reliability Society (RS) IEEE Antennas & Propagation Society / Microwave Theory & Techniques Society (AP/MTT) IEEE Algonquin College Student Branch Speaker Bio David Whyte is a member of the Digital Security Group at Carleton University (Ottawa, Canada). He is currently a Ph.D. candidate in Computer Science and his research interests include computer worm defenses and network-based intrusion detection.