[Owasp-newjersey] [OWASP-NewJersey] OWASP Upcoming Topics

Thu Sep 14 16:19:17 EDT 2006

Thanks Kevin! 

All - The chapter mailing list is now restored/fixed for OWASP NJ thanks
to Eric Sheridan

-----Original Message-----
From: owasp-newjersey-bounces at lists.sourceforge.net
[mailto:owasp-newjersey-bounces at lists.sourceforge.net] On Behalf Of
Kevin Reiter
Sent: Tuesday, September 12, 2006 9:53 PM
To: OWASP-NJ
Subject: [OWASP-NewJersey] OWASP Upcoming Topics

This email is to update you that of the topics for the final 2 meetings
for NJ OWASP:

9/25/2006 Meeting (NJIT)

http://www.owasp.org/index.php/New_Jersey

TOPIC A: ENDPOINT CONTROL This talk will focus on basic
components/capabilities of controling the endpoints in the network and
the developing standards that you should be aware of. Speaker: Larry
Fermi

TOPIC B: SESSION MANAGEMENT This talk will highlight of weaknesses in
3rd party token generation algorithms, session fixation and weaknesses
in expiration. Speaker: James Landis

TOPIC C: WIRELESS INSECURITY For enterprises with wireless LAN
networks,as well as those without, Wi-Fi brings a new set of security
threats that cannot be protected against by your current firewall and
VPN security systems. This talk will cover a current wireless computer
security vunerability attack vectors and provide a live demo of the
problems and the hacks. Round table discussion will follow concerning
risk mitigation of the issues for business and personal. Speaker: 
Anthony Paladino

TOPIC D: OWASP LABRAT Project This talk will provide a updated on LabRat
= The first version Application Security Testing CD developed with the
OWASP project leader: Joshua Perrymon. Download the Alpha ISO and burn a
copy LABRAT <http://www.packetfocus.com/hackos> . Be sure to bring it
with you to the event. Speaker: Tom Brennan

========================================================================

12/7/2006 Meeting (Jersey City)

http://www.owasp.org/index.php/New_Jersey

TOPIC A: THE RULES OF INFORMATION SECURITY HAVE CHANGED A view on
current state of cyber warfare, counter-terrorism, communications and
intelligence.

Speaker: Gunnery Sergeant M. Sedano Reynolds, United States Marine Corps

TOPIC B: METASPLOIT FRAMEWORK AND BUFFER OVERFLOWS Got Root? This talk
will cover the Open-Source Exploit Framework Metasploit
<http://www.metasploit.org/donate.html>  with how-to information and
details on using it to exploit authorized systems. Learn tips, tricks

Speaker: Paul Battista

TOPIC C: HACKING THE PAYMENT GATEWAY & EFFECTIVE COUNTERMEASURES Payment
gateways give merchants the ability to perform real-time credit card and
check authorizations from a website over the Internet. 0-day exploits in
the wild will be revealed

Speaker: Tom Ryan

TOPIC D: KARMA This presentation will discuss and demonstrate KARMA
<http://www.theta44.org/karma/index.html> an open-source assessment
framework that demonstrates wireless risk with a modified wireless
driver that responds as any network that a client may be looking for, a
set of rogue services to capture client credentials, and client-side
exploits. Dino will also provide insight into the vulnerabilities
revealed in some wireless drivers such as the one demonstrated at
BlackHat by David Maynor and Johnny Cache.

Speaker: Dino Dai Zovi

TOPIC E: INCIDENT RESPONSE After this meeting you will need to know it
;)

Our final speaker will cover 7-Things you need to know to respond to
respond effectively to a computer security incident at your
organization. This talk will cover both wireless, wired and
applications. Don't miss this one as a result of this meeting... this
information will be very helpful

Speaker: FBI Special Agent Tim O'Brien

Unoffical XMas Party ;) DORRIANS <http://www.dorrians.com/jc/priv.html>
  Just several doors down from the meeting is DORRIANS, take this time
to raise a toast with your peers and plan OWASP talks, elections,
locations and speakers for 2007'

Visit : http://www.owasp.org/index.php/New_Jersey for full details