Transcript Own or be Pwned” – A little goes a long way..

“Own or be Pwned” – A little goes a long way..
Date: Nov 22, 2007
Time: 6:30 to 7:30 PM
Location: Room T130, Algonquin College, Woodroffe Campus
Please RSVP to [email protected]
By:
Ozan Gonenc
Ryan Thomas
ABSTRACT
Own your destiny. No system can ever be 100% secure. Security holes in corporate and campus networks are
increasingly targeted by thieves and hackers alike for fun and for profit. Security breaches happen every day. Most of
them untold, yet the ones that hit the mainstream have touched almost all of us.
This presentation includes a demonstration of the tools used and the effort required for a successful hack. The handson, live demonstration is followed by the lessons learned and an introduction to some of the types of safeguard
strategies that can help minimize the risk to those systems that host not just corporate secrets worth millions, but
your personal information as well.
Speaker Bios
Ozan Gonenc has acquired GIAC’s Certified Incident Handling
and ISC2’s CISSP certificates. He currently works as a Manager
in the Deloitte’s Security and Privacy Practice. His area of
focus includes Vulnerability Management.
Ryan Thomas is a Certified Ethical Hacker and CISSP with
many years of experience in information security. He is
currently a Senior Security Consultant with Deloitte’s Security
and Privacy Practice in Ottawa, Canada.
Proudly Organized and
Sponsored By:
IEEE Alliance of Consultants Network (AICN)
IEEE Women in Engineering (WIE)
IEEE Reliability Society (RS)
IEEE Antennas & Propagation Society / Microwave
Theory & Techniques Society (AP/MTT)
IEEE Algonquin College Student Branch
“Fools Gold or Pay Dirt - Is Network Scanning Detection a Worthwhile Activity?”
Date: Nov 29, 2007
Time: 6:30 to 7:30 PM
Location: Room T130, Algonquin College, Woodroffe Campus
Please RSVP to [email protected]
By:
David Whyte
ABSTRACT
Networks are constantly bombarded by backscatter packets, incessant probes from auto rooters, malware infected
systems (e.g. worms), and Internet cartographers. It can be argued that given the volume of nonproductive network
traffic on the Internet, a network operator would be better served focusing on ensuring the latest patches have been
installed rather than wasting their time engaging in quixotic endeavors such as network scan detection.
In this talk, I will briefly discuss my latest progress on the development of dark port scanning detection technique.
Specifically, I will discuss how the network-centric knowledge gained by the dark port technique allows for precise,
faster, and finer-grained detection of scanning activity that directly threatens publicly available network services. I
will argue that network scanning detection should be an essential part of any network operator's "virtual IT security
toolbox".
Proudly Organized and
Sponsored By:
IEEE Alliance of Consultants Network (AICN)
Speaker Bio
David Whyte is a member of the Digital Security Group at
Carleton University (Ottawa, Canada). He is currently a Ph.D.
candidate in Computer Science and his research interests
include computer worm defenses and network-based
intrusion detection.
IEEE Women in Engineering (WIE)
IEEE Reliability Society (RS)
IEEE Antennas & Propagation Society / Microwave
Theory & Techniques Society (AP/MTT)
IEEE Algonquin College Student Branch