G'day from Sansfire2009
Last Updated: 2009-06-20 18:46:03 UTC
by Mark Hofman (Version: 1)
Well SANSFIRE 2009 is drawing to a close. As you may know SANSFIRE is the SANS conference hosted by the Storm Center. A number of the handlers give presentations and it allows us to meet face to face, usually over a beer or two. Yes we do talk about normal stuff, but there is a fair amount of geek speak during these meetings. It is a nice opportunity to shoot the breeze, share ideas and even do some planning. A number of us have never met face to face so it was very nice to put a face to the email/IM or diary entry.
The various handler talks were webcast and should be available online I'll put a link in as soon as I know where.
A number of us attended classes and sessions. Steve H was in 709 Developing Exploits for Penetration Testers and Security Researchers, his head did not explode, he seems to have goten through quite nicely. One of the highlights for me was the scapy workshop presented by Judy Novak. I had played a little with the tool previously, but this was something else. She makes it very simple and from the responses in the room it was very well received. It might be a bit short to do the workshop in Canberra, but we'll schedule it for Sydney if we can. Scapy allows you to craft your own packets, it is very flexible and easy to use. Well worth a look if you need to test an IDS, firewall or just send some packets and play with results.
Anyways, time to pack up and start heading for a plane.