1 / 7

Learning From the Underground at Defcon

Learning From the Underground at Defcon. Jonathan Taylor, CISSP Enterprise Security Engineer, Sutter Health http://www.sutterhealth.org Jesse D’aguanno Senior Developer/Systems Engineer JJRam LLC http://www.jjram.com. Defcon: What is it?. Oldest “Underground” Security Convention

kermit
Download Presentation

Learning From the Underground at Defcon

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Learning From the Underground at Defcon Jonathan Taylor, CISSP Enterprise Security Engineer, Sutter Health http://www.sutterhealth.org Jesse D’aguanno Senior Developer/Systems Engineer JJRam LLC http://www.jjram.com

  2. Defcon: What is it? • Oldest “Underground” Security Convention • Defcon 11 – August 1-3 2003 http://www.defcon.org • Celebrate Information Security • Respect good security • Learn from the mistakes of bad security • Speakers • Games (official and unofficial) • War Driving, Lock Picking, Hacker Jeopardy • Network Capture the Flag (Root Fu)

  3. Defcon: Why do I attend? • For me? I have a lot to learn • Develop Better Risk Assessment Skills • Risk = (threats)(vulnerabilities) Controls • Vulnerabilities and controls are easy to quantify, but REAL threats are difficult to discern. • There is MUCH to learn from the underground… • …and they WANT you to know.

  4. Root Fu (CTF) • Formerly called Network Capture the Flag • Developed and run by Ghetto Hackers, 3-time CTF champs • http://www.ghettohackers.net/rootfu/

  5. Root Fu (Contd.) • Isolated Network • 8 Teams pitted against each other • Protect your vulnerable game server from compromise by patching and defending • Compromise your competitors and replace their digital certificates

  6. Digital Revelation • CTF Champs – Defcon 9-10 • 12 Core Team Members • Spread out from San Francisco to Washington DC • Diverse Membership: • Department of Defense, Healthcare, Financial, K-12, College Students, Software Developers

  7. Digital Revelation • Competitions won • Defcon 9 CTF (Merged with Ghetto) • Defcon 10 CTF • Interzone II Root Fu (Two team members) • Defcon 11? We think so 

More Related