Post Sat Feb 16, 2008 1:33 am

shmoocon 08 Day1

hard to believe a year has gone by since the last shmoocon, but it has, here is a quick recap of Day1.

Day 1 started out really good.
Here is the schedule: http://www.shmoocon.org/schedule.html

probably the coolest talk that i caught was H1kari's on cracking GSM A 5/1 Traffic.  him and his company essentially built a monster GSM session hash generator and cracker.  its currently creating the tables (2 more months to go) and they built a high horsepower lookup computer too all using pico/FPGA cards.  really really cool.  a little expensive for the average "hacker" but a neat project.  The impact is that with their cracker they will be able to crack the session key in about 30 seconds and at that point can intercept and listen to calls over the GSM network.  not a whole ton of details on how all that "could" work but i'm sure they have it figured out.

I missed most of the other talks except for the phishing one, which was basically about a guy that did an unauthorized phishing training awareness webpage and campaign and how he did it, nothing spectacular.

There were tons of cool people running around, some of the guys from the chicago 2600 were there, Muts and the BackTrack/off-sec guys were there, met Chris Hoff (rational security), Ed, Jay and all the intelguardians, the hak5 guys recorded a show live, the guys from Iron::Guard security were there, of course Joe from LearnSecurityOnline, great networking going on which is always a big part of the con experience.

Hit up some of the vendors, the coolest vendor i talked to was the Blue Coat guys.  Blue Coat is a proxy that basically does an authorized MITM of all the traffic entering and leaving your network, the big thing with that is that it can do SSL on the fly and allow you to stick a device in the middle and check out the traffic flying by, it also will check to make sure that the protocols are matching up so it will verify for you that if data is leaving your network on 21 or 80 that that traffic really is ftp traffic or http traffic instead of someone just using those allowed outbound ports to do evil things.  pretty neat. 

Anyway, talks I want to catch tomorrow will be Jay Beale's Client Side Penetration talk, the two SIP talks and probably the Citrix talk.

thanks again Don for letting me cover the event.
Last edited by LSOChris on Sat Feb 16, 2008 1:35 am, edited 1 time in total.