Notes from the Virtual Study Conference 2010
Last Saturday I spent at home attending the Security Track the the Virtual Study Conference 2010.
The conference was the first edition of this virtual, worldwide conference and consisted of tracks in both Polish and English.
After reviewing the different tracks I decided to go for the securitytrack that sounded very promising, and belive me it really went above and beyond my expectations..
The first Session Thomas Shinder heldt on DirectAccess and Microsoft Forefront Unified Access Gateway 2010 was a good walkthrough of the technologies and possibilities Microsoft provides for remote access.
The second was a great and detailed explanation by Tomek Onyszko on how Kerberos authentication works.
The next session was called Cybercrime: The Gathering Storm! By Andy Malone, and I must admit that this was the session I was most looking forward to.
A description of the latest trends regarding cybercriminal sophistication, the impact of the credit crunch and Chinese ”hacking schools” and their latest targets.
Packed with demos of the tools available for information gathering, Phishing site “generators”, and other malicious tools a cybercriminal has in his toolbox.
This session was truly amazing and I am happy to be able to link to the same presentation held at TechEd earlier this year.
- Andy Malone: Cybercrime, the Gathering Storm
Don’t try these tools at home, kids…
Christopher Davis held a session on how botnets work and what YOU can do to contribute to getting them of line. A little effort by sysadmins regards to reading their logs and notifying the ISP of the offending IP-address can go a long way.
I was also looking forward to Paula Januszkiewicz presentation on Passwords, but I had no idea on what I was in for.
Paula showed techniques for revealing passwords on servers ( including computer account passwords) and what you can extract from the network with a little sniffing.
These were all done on Windows Server 2008 R2 and independent of any zero-day exploits.
Very scary stuff.
She also gave us the answers on how to secure ourselves from this kind of security nightmare.
I’m not sure if I would have linked to the presentation even if it was online – really mindboggling stuff.
This was a free conference with very high quality sessions, Not a bad way to spend a Saturday night at all (just don’t overdo it 
Check out Andy Malones session and/ or come to Oslo in September where he will be doing several sessions during the Cybercrime Security Forum Conference.
