[Owasp-newjersey] OWASP Upcoming Topics

Kevin Reiter kevin at penguinnetwerx.net
Tue Sep 12 21:56:42 EDT 2006


(Resent to the new list address in case the original to the old address 
didn't make it to your Inbox.)

This email is to update you that of the topics for the final 2 meetings
for NJ OWASP:

9/25/2006 Meeting (NJIT)

http://www.owasp.org/index.php/New_Jersey

TOPIC A: ENDPOINT CONTROL This talk will focus on basic
components/capabilities of controling the endpoints in the network and
the developing standards that you should be aware of. Speaker: Larry Fermi

TOPIC B: SESSION MANAGEMENT This talk will highlight of weaknesses in
3rd party token generation algorithms, session fixation and weaknesses
in expiration. Speaker: James Landis

TOPIC C: WIRELESS INSECURITY For enterprises with wireless LAN
networks,as well as those without, Wi-Fi brings a new set of security
threats that cannot be protected against by your current firewall and
VPN security systems. This talk will cover a current wireless computer
security vunerability attack vectors and provide a live demo of the
problems and the hacks. Round table discussion will follow concerning
risk mitigation of the issues for business and personal. Speaker:
Anthony Paladino

TOPIC D: OWASP LABRAT Project This talk will provide a updated on LabRat
= The first version Application Security Testing CD developed with the
OWASP project leader: Joshua Perrymon. Download the Alpha ISO and burn a
copy LABRAT <http://www.packetfocus.com/hackos> . Be sure to bring it
with you to the event. Speaker: Tom Brennan

========================================================================


12/7/2006 Meeting (Jersey City)

http://www.owasp.org/index.php/New_Jersey

TOPIC A: THE RULES OF INFORMATION SECURITY HAVE CHANGED A view on
current state of cyber warfare, counter-terrorism, communications and
intelligence.

Speaker: Gunnery Sergeant M. Sedano Reynolds, United States Marine Corps

TOPIC B: METASPLOIT FRAMEWORK AND BUFFER OVERFLOWS Got Root? This talk
will cover the Open-Source Exploit Framework Metasploit
<http://www.metasploit.org/donate.html>  with how-to information and
details on using it to exploit authorized systems. Learn tips, tricks

Speaker: Paul Battista

TOPIC C: HACKING THE PAYMENT GATEWAY & EFFECTIVE COUNTERMEASURES Payment
gateways give merchants the ability to perform real-time credit card and
check authorizations from a website over the Internet. 0-day exploits in
the wild will be revealed

Speaker: Tom Ryan

TOPIC D: KARMA This presentation will discuss and demonstrate KARMA
<http://www.theta44.org/karma/index.html> an open-source assessment
framework that demonstrates wireless risk with a modified wireless
driver that responds as any network that a client may be looking for, a
set of rogue services to capture client credentials, and client-side
exploits. Dino will also provide insight into the vulnerabilities
revealed in some wireless drivers such as the one demonstrated at
BlackHat by David Maynor and Johnny Cache.

Speaker: Dino Dai Zovi

TOPIC E: INCIDENT RESPONSE After this meeting you will need to know it ;)

Our final speaker will cover 7-Things you need to know to respond to
respond effectively to a computer security incident at your
organization. This talk will cover both wireless, wired and
applications. Don't miss this one as a result of this meeting... this
information will be very helpful

Speaker: FBI Special Agent Tim O'Brien

Unoffical XMas Party ;) DORRIANS <http://www.dorrians.com/jc/priv.html>
  Just several doors down from the meeting is DORRIANS, take this time
to raise a toast with your peers and plan OWASP talks, elections,
locations and speakers for 2007'

Visit : http://www.owasp.org/index.php/New_Jersey for full details




More information about the Owasp-nynjmetro mailing list