[Owasp-bayarea] Reminder - OWASP Bay Area Meetup on 2/21

Garrett Gee list at srtek.org
Thu Feb 21 13:20:28 EST 2008


Greetings IT Professionals,

OWASP Bay Area will host its next meeting at Robert Half International
on Thursday, February 21st.  As usual attendance is free and food and
beverages will be provided.  This will be an awesome event and a great
opportunity to network with industry peers.  The event is open to the
public; please forward this invite to your colleagues and friends who
are interested in computer and application security.

Agenda and Presentations:
6:00pm - 6:30pm ... Check-in and Reception (food & beverages)
6:30pm - 7:15pm ... Your Client-Side Security Sucks. Stop Using It. –
Kurt Grutzmacher
7:15pm - 8:00pm ... NTLM attacks and countermeasures - Eric Rachner
8:00pm - 8:30pm ... Networking Session

Venue:
Robert Half International
5720 Stoneridge Dr
Pleasanton CA 94588

Your Client-Side Security Sucks. Stop Using It.
Presented by: Kurt Grutzmacher

Abstract: Browser-based security has been used for many years to
'protect' back-end systems from attack or to enhance the user
experience. This should not be your only protection and can even open
your application to business logic flaws that scanning tools can not
detect nor report upon! This talk will show some real world examples
of client-side security and the failures they introduced. Business
logic flaws such as the MacWorld Expo Platinum Pass will be examined
in depth.

Bio: Kurt Grutzmacher has been performing Penetration Testing for a
"very large financial institution" for nearly a decade and recently
moved to a "very large utility company" to start their internal
testing program. For two years in a row he has exposed the methods
required to obtain free Platinum Passes to MacWorld and is hoping
they'll get it right the third time, he's tired of explaining it to
them. Kurt contributes to the Metasploit project occasionally and is
currently working on enhancing the project's support for NTLM in
web-based attacks. He also randomly blogs at
http://grutztopia.jingojango.net/ -- very randomly.

NTLM attacks and countermeasures.
Presented by: Eric Rachner

Abstract: Eric will demonstrate the NTLM relay attack, in which an
attacker accesses arbitrary web sites and file shares using the
credentials of any user who can be lured into visiting the attacker's
web site. Since NTLM is enabled by default as part of the Windows
integrated authentication protocol suite, this attack is a potential
concern in any enterprise where Windows is widely used.  Following the
demonstration, we will explore the history and mechanics of the attack,
as well as mitigation options.

Bio: Eric Rachner is a security researcher and lead consultant
specializing in threat analysis, vulnerability assessment and
penetrating testing of complex mission critical applications and
systems.  Mr. Rachner began his career in IT at Microsoft in 1994.  As a
senior member of Microsoft's Security Team, Eric led several projects
including application penetration testing, code reviews, design reviews
and security awareness training for internal application teams
throughout Microsoft's global IT organization. In 2005, Eric became an
independent security consultant and researcher providing services to
large global enterprises in North America and Europe.  Away from the
office Eric has many hobbies; he also participated as a core member of
the hacking team that won the prestigious "Capture the Flag" contest at
Def Con three years in a row.

Please RSVP at http://owaspfeb2008.eventbrite.com

Special thanks to Robert Half International for hosting this event and
to Cenzic and AppSec Consulting for sponsoring.


More information about the Owasp-bayarea mailing list