Walter Belgers (Origin) & Hans van de Looy
The attendees of the SANE 2000 conference will probably all be White
Hats, or simply 'the good guys'. This lecture will give the Black
Hats viewpoint, i.e. that of the hackers who are trying to break
in to your computers. As somebody once said: "the amount of clue on the Internet is a fixed constant". Indeed, the percentage of people on the Internet who are really hacking is decreasing. However, the bad thing is that we now have a new phenomenon: the script kiddies. Using standard exploit scripts and detailed descriptions they can easily attack thousands of systems with only minimal effort. This Black Hats Session will highlight the problems that exist in present operating systems, application software and how administrators set up and work with these issues. Not only will these problems be discussed on a high level (buffer overflows, denial of service attacks, privileges, sniffing, security through obscurity, etc.) but also on a tangible level (ypx, insecure default settings, portmapper, sendmail, etc.). The session will follow intruders from the data-gathering stage, to the actual break-in and beyond, demonstrating the ease at which this can be done using actual systems. Not only will we talk about the problems, we will also give hints on how to prevent your systems from being vulnerable. A large part of the lecture will therefore be about ways to prevent break-in attempts. After the lecture, attendees will have an insight into the methods that are being used to break in to computer systems, and common examples of these methods. The attendees will also have a set of tools and methods that can help prevent, detect and limit the effects of break-ins.
Who should NOT attend
|
Walter Belgers Walter Belgers (30) lives in Eindhoven, the technological centre of the Netherlands. His interest for the Internet and UNIX started in 1988. In 1994, he got his degree in Computing Science and started working as Internet Specialist for what is now Origin, the largest Dutch IT company. Walter now mainly works on secure access (firewalls, VPN) and scalable remote management. He has given tutorials at conferences like SANE and FIRST. His interests include security in its broadest sense (including things such as lockpicking), music, sailing and swimming.
Hans van de Looy
|