[Dshield] Shmoocon

Jon R. Kibler Jon.Kibler at aset.com
Tue Jan 10 16:39:25 GMT 2006


Joe Stewart wrote:
> 
> On Monday 09 January 2006 09:11 pm, Jim McCullough wrote:
> > Why no one ever come to SC????? We aint that bad are we?????
> > You just have to look out for the Windows Southern Edition and the
> > road kill.
> 
> I agree. Here in Myrtle Beach we have a pretty kick-ass convention
> center within walking (ok, jogging) distance from the ocean. Someone
> should definitely look at holding a SANS show here.
> 
> And I'll be at ShmooCon - speaking on the first day.
> 
> -Joe

Joe,

I had marked your session on sandnets as one that I was planning to attend -- but did not correlate your name to DShield. Two issues that I was hoping to hear you address:
   1) A comparison of the sandnet analysis technology to the honeynet technology -- especially from the perspective of trapping and analysis of network traffic.
   2) How running in a VM environment effects the malware (for example: attempts to write to BIOS or raw disk, making NIC promiscuous, privilege escalation, installing and running services, how to keep the malware from compromising the VM or host O/S, etc.)

Also, about MB Sec Conferences...

TechSec puts on a BIG security conference in MB each June or July (forget which) that I have been told is really good. They apparently have a strong slant towards law enforcement and forensics. I have been meaning to go for a couple of years, but never have time.

I gave a keynote recently at the Northern California Information Security Conference, and the detective that did the computer forensics in the Scott Peterson case also gave a keynote at the conference. He told me at the speakers dinner after the conference that the TechSec conference is one of the better ones he as attended.

If anyone else has been, would appreciate your thoughts on the conference.

Jon
-- 
Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



More information about the list mailing list