.

CSI 2007

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Mon Sep 24, 2007 2:24 pm

CSI 2007

CSI 2007
November 3-9
Washington, DC


CSI 2007 is the only conference that delivers a business-focused overview of enterprise security. It will convene 1,500+ delegates, 80 exhibitors and features 100+ sessions/seminars providing a roadmap for integrating policies and procedures with new tools and techniques.  Register now for savings on conference fees and/or free exhibits admission.

Register Now:
https://www.cmpevents.com/CSI34/a.asp?option=B&SC=ANNHP

For more Info:
http://www.csiannual.com

Venue

Hyatt Regency Crystal City
2799 Jefferson Davis Highway
Arlington VA 22202
Phone: 703-418-1234 or 800-233-1234
http://crystalcity.hyatt.com/

Don
Last edited by don on Mon Sep 24, 2007 2:29 pm, edited 1 time in total.
CISSP, MCSE, CSTA, Security+ SME
<<

g00d_4sh

User avatar

Sr. Member
Sr. Member

Posts: 394

Joined: Tue Sep 18, 2007 1:50 pm

Location: Guayaquil, Ecuador

Post Fri Oct 12, 2007 1:10 pm

Re: CSI 2007

Kind of a 'left field' question for you guys.  But since we're on the topic of security expos and such, I was wondering if anyone else here is going to the SecureWorld Expo October 30-31st in Seattle? My job is 'hopefully' covering it, but I figured it would be a decent time to network if anyone else is going. 
"Bad.. Good?  I'm the guy with the gun"
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Mon Nov 05, 2007 4:49 pm

Re: CSI 2007

Hope everyone is having a good time this week in DC. Feel free to share your thoughts and experiences of this or any previous CSI Annual Conference.

This is yet another event sponsored by EH-Net this year as we strive to support the security community.

Have fun,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Tue Nov 06, 2007 9:30 am

Re: CSI 2007

                                                                   
Hello everyone,

I've been having a blast so far. Just getting use to the weather and all since you might know I'm from the Caribbean. Anyways, I began my conference experience by attending the so call Novemberfest on Sunday where I had the chance to meet the exhibitors showcasing their latest products/technology while having some refreshment, eatery... and oh yeah, beer!! There were a couple of security solutions that caught my eye that my company is considering implementing or currently evaluating. So it was worth while attending the exhibitions so I can bring back some feedback to my boss.

As far as the hotel  accommodation and service go, it has been great. They even have a shuttle to and from the Metro Station, that was a plus especially for me since I'm staying at a friend's apartment in DC. 

Anyways, I have to go now but when I have time I'll write up some more about the conference. Later...
Last edited by blackazarro on Mon Nov 12, 2007 10:33 pm, edited 1 time in total.
Security+, OSCP, CEH
<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Mon Nov 12, 2007 10:32 pm

Re: CSI 2007

Hey back again, sorry I didn't post sooner I just been busy with my new job. Anyways, this year CSI was a wonderful experience. Met a lot of cool people from different parts of the world.

The courses I took mainly focused on computer forensic and attacks & countermeasures. The most interesting course for me was the "Malware Reverse Engineering and Behavioral Analysis" taught by Visveswaran Chidambaram from Infosys Technologies. This session through live demos taught us how to unearth malware's secrets by studying its behavior on a safe lab environment using Vmware and several tools such as Regmon and Filemon from Sysinternals and Ollydbg.

Another interesting course was the "Web Site Vulnerabilities: Trends, Business Effects, How to Fight Them" taught by Jeremiah Grossman from WhiteHat Security, Inc and also the coauthor of "Cross Site Scripting Attacks: Xss Exploits and Defense". I've learned that 9 out of 10 websites are vulnerable to attacks and if your work for a financial institution like I do, you might be interested to know that the top 3 vulnerabilities for banking websites are XSS, SQL Injection and Information leakage.

Last but not least, I would also like to mention the "VoIP Attacks!" course taught by  Dustin Trammel a security researcher. He spoke about current attacks against VoIP systems and tools that are helping hackers launch these attacks. A couple of tools he mentioned was written by him. Dustin is an interesting character. This guy likes green. From his head to his toe and even his laptop is green. Anyways this session was an interesting and intuitive course and overall a good presentation.

I also for the first time, participated in a Capture the Flag event using EH-Net BackTrack. What I've learned from this challenge is that I have to improve on my speed. Damn! these people are fast. Oh well, better luck next time.
Last edited by blackazarro on Sat Nov 24, 2007 5:01 pm, edited 1 time in total.
Security+, OSCP, CEH
<<

LSOChris

Post Tue Nov 13, 2007 8:30 am

Re: CSI 2007

so are we going to see a remote root for VoIP type stuff or only listening to phone calls and data stealing?
<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Sat Nov 24, 2007 5:05 pm

Re: CSI 2007

If anybody is interested, you can now download some of the presentations given in the conference. Here's the link:

CSI 2007

Enjoy!!
Security+, OSCP, CEH
<<

sedated

User avatar

Newbie
Newbie

Posts: 37

Joined: Sun Oct 07, 2007 11:36 pm

Post Sat Nov 24, 2007 5:10 pm

Re: CSI 2007

thanks for the link blankzarro will download them now.
<<

LSOChris

Post Sat Nov 24, 2007 7:29 pm

Re: CSI 2007

answer my question! >:(
<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Sat Nov 24, 2007 8:27 pm

Re: CSI 2007

Chris,

As far as I can remember from the VOIP Attacks! session, mainly DOS, MITM and Information disclosure attack. The speaker did not mention anything on gaining remote root.

For additional info, download the presentation in pdf:

VOIP Attacks!

Sorry I didn't answer earlier it just that sometimes I don't know when you are serious or just joking around.
Security+, OSCP, CEH
<<

LSOChris

Post Sat Nov 24, 2007 8:33 pm

Re: CSI 2007

well that's my bad then, i really did want to know what the speaker said about it, especially on the where VoIP vulns are going.

thanks for the link blackazarro, i'll check it out

Return to Calendar Of Events

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software