[OWASP-NewJersey] OWASP Upcoming Topics

Kevin Reiter kevin at penguinnetwerx.net
Tue Sep 12 21:53:26 EDT 2006


This email is to update you that of the topics for the final 2 meetings 
for NJ OWASP:

9/25/2006 Meeting (NJIT)

http://www.owasp.org/index.php/New_Jersey

TOPIC A: ENDPOINT CONTROL This talk will focus on basic 
components/capabilities of controling the endpoints in the network and 
the developing standards that you should be aware of. Speaker: Larry Fermi

TOPIC B: SESSION MANAGEMENT This talk will highlight of weaknesses in 
3rd party token generation algorithms, session fixation and weaknesses 
in expiration. Speaker: James Landis

TOPIC C: WIRELESS INSECURITY For enterprises with wireless LAN 
networks,as well as those without, Wi-Fi brings a new set of security 
threats that cannot be protected against by your current firewall and 
VPN security systems. This talk will cover a current wireless computer 
security vunerability attack vectors and provide a live demo of the 
problems and the hacks. Round table discussion will follow concerning 
risk mitigation of the issues for business and personal. Speaker: 
Anthony Paladino

TOPIC D: OWASP LABRAT Project This talk will provide a updated on LabRat 
= The first version Application Security Testing CD developed with the 
OWASP project leader: Joshua Perrymon. Download the Alpha ISO and burn a 
copy LABRAT <http://www.packetfocus.com/hackos> . Be sure to bring it 
with you to the event. Speaker: Tom Brennan

========================================================================


12/7/2006 Meeting (Jersey City)

http://www.owasp.org/index.php/New_Jersey

TOPIC A: THE RULES OF INFORMATION SECURITY HAVE CHANGED A view on 
current state of cyber warfare, counter-terrorism, communications and 
intelligence.

Speaker: Gunnery Sergeant M. Sedano Reynolds, United States Marine Corps

TOPIC B: METASPLOIT FRAMEWORK AND BUFFER OVERFLOWS Got Root? This talk 
will cover the Open-Source Exploit Framework Metasploit 
<http://www.metasploit.org/donate.html>  with how-to information and 
details on using it to exploit authorized systems. Learn tips, tricks

Speaker: Paul Battista

TOPIC C: HACKING THE PAYMENT GATEWAY & EFFECTIVE COUNTERMEASURES Payment 
gateways give merchants the ability to perform real-time credit card and 
check authorizations from a website over the Internet. 0-day exploits in 
the wild will be revealed

Speaker: Tom Ryan

TOPIC D: KARMA This presentation will discuss and demonstrate KARMA 
<http://www.theta44.org/karma/index.html> an open-source assessment 
framework that demonstrates wireless risk with a modified wireless 
driver that responds as any network that a client may be looking for, a 
set of rogue services to capture client credentials, and client-side 
exploits. Dino will also provide insight into the vulnerabilities 
revealed in some wireless drivers such as the one demonstrated at 
BlackHat by David Maynor and Johnny Cache.

Speaker: Dino Dai Zovi

TOPIC E: INCIDENT RESPONSE After this meeting you will need to know it ;)

Our final speaker will cover 7-Things you need to know to respond to 
respond effectively to a computer security incident at your 
organization. This talk will cover both wireless, wired and 
applications. Don't miss this one as a result of this meeting... this 
information will be very helpful

Speaker: FBI Special Agent Tim O'Brien

Unoffical XMas Party ;) DORRIANS <http://www.dorrians.com/jc/priv.html> 
  Just several doors down from the meeting is DORRIANS, take this time 
to raise a toast with your peers and plan OWASP talks, elections, 
locations and speakers for 2007'

Visit : http://www.owasp.org/index.php/New_Jersey for full details




More information about the Owasp-nynjmetro mailing list