Check out the new USENIX Web site.
12TH SYSTEMS ADMINISTRATION CONFERENCE (LISA '98) - Dec 6-11, 1998 - Marriott Copley Place Hotel, Boston, Massachusetts
 
Register for LISA 98! Program at-a-Glance Program Committee Table of Contents Questions? Contact the USENIX Conference Office
- Full-day Class -   SUNDAY
 

S9   Network Security Profiles: What Every Hacker Knows About You and How They Do It
Jon Rochlis and Brad Johnson, SystemExperts Corp.

Who should attend: Network, system, and firewall administrators; security auditors or audit recipients; people involved with responding to intrusions or responsible for network-based applications or systems which might be targets for hackers. Participants should understand the basics of TCP/IP networking. Examples may use UNIX commands or include C or scripting languages.

This course will be useful for people with any type of TCP/IP based system: whether it is a UNIX, Windows, NT, or mainframe based operating system or whether it is a router, firewall, or gateway network host.

There are common stages to network-based host attacks - whether it comes from the Internet, extranet, or intranet: reconnaissance, vulnerability research, and exploitation. This tutorial will review the tools and techniques hackers use in performing these types of activities. You will learn how to be prepared for such attacks by becoming familiar with the methods they use. Specifically, the course will focus on how to generate profiles of your own systems over the network. Additionally, it will show some of the business implications of these network-based probes.

The course will focus primarily on tools that exploit many of the common TCP/IP based protocols (such as WWW, SSL, DNS, ICMP, SNMP) which support virtually all of the Internet applications, including web technologies, network management, and remote file systems. Many topics will be addressed at a detailed technical and administrative level. This course will primarily use examples of public domain tools because they are widely available and commonly used in these situations.

Topics will include:

-    Review of attack methodology: reconnaissance, target selection, and exploitation
-    Profiles: what does an attack look like
-    Techniques: scanning, CERTs, TCP/IP protocol "mis"uses, denial of service, and hacking clubs
-    Tools: scotty, strobe, netcat, SATAN, ISS, ToneLOC, SSLeay/upget, etc.
-    Business exposures: integrity and confidentiality, audits, and intrusion resolution
 

Jon Rochlis   is a senior consultant for SystemExperts, where he provides high level advice to businesses on network security, distributed systems design and management, high-availability, and electronic commerce. Before joining SystemExperts, Jon was engineering manager with BBN Planet, a major national Internet service provider.

Brad Johnson   is a well known authority in the field of distributed systems. He has participated in seminal industry initiatives including the Open Software Foundation, X/Open, and the IETF, and has published often about open systems. At SystemExperts Brad has led numerous security probes for major companies, revealing significant unrealized exposures. Prior to joining SystemExperts, Brad was one of the original members of the OSF DCE Evaluation Team, the group that identified, evaluated and selected technology to become the industry's first true interoperable middleware.

 

Program at-a-Glance - Tutorials - Technical Sessions - Registration -
Birds-of-a-Feather - Activities & Services - Hotel & Travel Info - Conference Home 		Conference Index
Events Calendar
USENIX home