Last Updated 10.10.00
Kaos has created this killer graphic for DEF CON 7.0


DEF CON 7.0 was July 9-11th, 1999, in Las Vegas Nevada USA

03-26-00 NEW: Fixed missing Ira Winkler speech.
10-10-00 NEW: Added Techno Pagan and M0dify's speeches.


Before the Con
During the Con
The DJs
Events

BEFORE

DURING
  • Pictures - Other peoples home pages with images they took at the con.
      •  
        Richard Windmann has his DC-7 photo stash here.
        Berk has a directory of photos here on dis.org.
        Flea has sorted his pictures between the good ones, and everything else.
        mexicans.org has three directories of pictures, [123]
        Professor Feedlebom has a picture page here.
        The Legions crew has a picture page up here.
        Necromantic has a great Babes of Defcon page set up.  Sorry, no voting here, though.
        Kitetoa has a web site section devoted to DEF CON 7.0 in French, here.
  • Events:
  • Hacker Jeopardy:
      •  
        Here are the questions from Friday.

        Here are the questions for Saturday, including Final Jeopardy.
         

  • Booths:
    •  
        Hac-Sec.org had a booth, with cool tapes, shirts, and they even have an archive of Live Video as well.
        01 Graphix had some great shirts, and were selling them in the DJ room.
        Ira's Fun Farm-o-Death was selling all kinds of crazy gear.. who bought the battle field RADAR unit?
  • Real Media (Un-Edited) Files.  See speakers section for more complete ones.
Speakers
Cult of the Dead Cow - BO2K!

What will we be doing?  R0xiN the HAU-aus, BIzaTch!!!@@!2121lf... But that goes with out saying.  In addition to the rocking of the aforementioned house, we will also be releasing BO2k.  We won't reveal our sekrets of BO-Fu, but trust me when we tell you that it will make BackOrifice v1.0 look like LOGO for the TI99/4a.

Founded in 1984, the Cult of the Dead Cow (cDc) is the oldest group still active in the computer underground; the only group (aside from a few layme p1RaT3 gR0oPzZz) with a female group member; the only group to host its own annual HoHoCon hacker convention; and, with over 300 text files in circulation, the most prolific group. cDc is definitely cooler than the Legion of Doom (LoD), and more importantly, our T-shirts are more colorful. We also have stickers.

Great, you may say, but have we ever disrupted communications on two continents by moving telecommunications satellites? Mhm. Hacked computing resources belonging to the three-letter agencies and the Pentagon? Yep. Altered environmental controls in local malls via modem? Done that. But unlike other hacker groups you've undoubtedly read about, we've never been caught.

With qualifications like these, it's not surprising that over the past few years, the media has looked to us as the darling boy (and girl) torch-bearers of the DIY-cyber-hacker-underground movement. It's our unfortunate cross to bear. But as the whole of Generation X follows our lead into the new millennium, we feel it is our duty to our peers to maintain the struggle and "raise high our freak flag," as it were.  On their behalf, we intend to dominate and subvert the media wherever possible. Information is a virus. And we intend to infect all of you.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Ira Winkler - The myths associated with hiring hackers.

While Ira Winkler is not an advocate of hiring your off the street hacker, he has come to the opinion that many of them are more useful than people who call themselves security professionals.  He believes that compounding the problems are bureaucrats who don't understand the problem, and try to form solutions without thinking.  For example, the Critical Infrastructure Assurance Office (CIAO), formed by a Presidential Directive to help protect the Critical Infrastructure, was considering a plan to recruit a group of teenagers who they would guide through their college careers to be the Info Warriors of the future.

Ira talks about the myths associated with hiring hackers and security professionals, as well as the problems with the efforts to supposedly protect the Infrastructure.  An "Are you Clueless?" test for "Security professionals" is given.  Also recommendations to excel in the corporate world are given for hackers who are really skilled.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Ian Goldberg - Zer0knowledge Network (zks.net)  Using the Internet Pseudonymously: One Year Later

Last year we told you about the plans for the Freedom network from Zero-Knowledge Systems: user-trivial, strong-crypto, pseudonymous use of the Internet.  See how far we've gotten now.  We will present the current status of the network, and discuss the challenges and obstacles we've encountered along the way.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Jericho- Fakes Walk Among Us.

The recent explosion of the security industry has found itself littered with newcomers, all 'experts' in the field. Unfortunately, many of these 'experts' are nothing more than self proclaimed windbags that are no more qualified to help you with security than your local 6 year old. How do these charlatans manage to find work? Why are they accepted? More important, how do you distinguish legitimate security professionals from the fakes? These are valid concerns in today's security community. Answers to follow?

Jericho is a security consultant (read: not an expert) working almost full time these days. His travel has taken him to standard corporate networks, to consulting for wacky spooks that everyone fears. On top of run-of-the-mill consulting, he has participated in network analysis via penetration testing, computer forensics and more. He hates crowds. :)


Simple Nomad - Overview of activities at the Nomad Mobile Research Centre.

Simple Nomad will give an overview of activities at the Nomad Mobile Research Centre, provide status on several projects, and give a detailed overview of NMRC's latest Netware hacking tool, Pandora. The new version of Pandora sports a "point, click, and attack" GUI interface, and works against Novell Netware versions 4.x and 5.x.

Simple Nomad is the author of several FAQs on hacking, including "The Hack FAQ" which is a combined FAQ covering Netware, NT, Unix, and web  technologies. The Nomad Mobile Research Centre is a non-profit organization dedicated to independent computer security research, with a focus on corporate-deployed commercial file servers.


Jason Scott - TEXTFILES, G-PHILES, AND LOG FILES: Remembering the 1980's Through ASCII

In the 1980's, life started to move online, bringing with it all the wonder, terror, and breadth of human nature.  Most markedly, an entire generation of teenagers turned their energies and efforts onto this growing culture and turned the world of Bulletin Board Systems into a combination street corner and clubhouse, sharing their knowledge, lying and bragging into infamy, and  creating a shared experience that lasts in their hearts and minds to this day as they become the foundation of the Internet Society.

While the unique forces that combined to make BBSes the experience they were have since shifted and formed other cultures in the years since, a feel for the 1980's can be found in the Textfiles (also known as g-files or 'philes') that nearly every self-respecting BBS traded, offered, or created as a matter of gaining notoriety (and more importantly, callers) in a sea of similar voices. In these textfiles, readers can reminisce or learn anew about what the BBS experience meant to those who lived through it, and easy parallels can be drawn to the 'scenes' that are now thriving online today.

This talk will attempt to give historical perspective and narrative to the BBS 'scene' of the 1980's, presented by a user who was around for a good portion of it and took notes. Expect shouted refutations from the audience and eerily familiar battles waged across the message boards to live again.

Jason Scott (Formerly The Slipped Disk) has been an observer and participant in the world of BBSs since about 1982, cutting his teeth on Boards such as OSUNY, Sherwood Forest II and III, Milliways/Outland, The Dark Side of The Moon AE/BBS, as well as hundreds of others. His experience in BBS culture of the 80's ranges from Compuserve and The Source to Deversi-dials, AE Lines and anything else that gave a carrier when you called it. He is best known as the SysOp of The Works BBS, a textfile-only board that he ran from 1986-1988 before switching to SysOp-At-Large from 1989 to the present. Realizing an entire generation's shared lore was being diluted and lost, he has started  the site www.textfiles.com, dedicated to preserving all things ASCII from the 1980's. This web site is slowly killing him.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


John Q. Newman - Personal Privacy and big brother databases.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Cyber - How to use BSD to set up a firewall/gateway.

This talk will cover the basics of using free software to setup a firewall/gateway machine.  Basic concepts will be reviewed, and why certain things are important will be covered.  Ideal setups as  well as practical solutions will be discussed.  Step by step instruction with examples will be given.  Q/A will be done time permitting, slides will be availible online.

Erik has done computer security for a number of years.  He has added crypto layers to existing products, as well as designed and implementedthe security authentication and authorization model for an internal account control system for a major US bank.  He currently works as a consultant for KPMG LLP.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Freaky - Introduction to macintosh security.

From the Author of Freaks Macintosh Archives, Freak will be hosting a topic this year at the con about macintosh security, the programs out there and their flaws. Some new programs will be released for the macintosh platform to help secure your MacOS. And more programs will be released to Exploit your mac and many other platforms.

See It! Real Media(surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Security Experts Panel

Growing on the popularity of last years panel discussion of security issues and audience Q&A, this years panel will be organized by Alhambra, and currently includes the following speakers:


Sarah Gordon - Viruses on (and off) the Internet. Panel Session.

Computer viruses are currently freely available on the Internet, as well as via various mailing lists.  The recent Melissa virus incident has focused attention on some issues surrounding the public availability of viruses. The panel (representing virus writers, antivirus product developers, open source advocates and academics) will represent a wide range of views on topics such as: "Is it cool to make viruses available via the Internet? Is posting of viral source code to mailing lists as a 'necessary evil' which can force developers to improve products. Should virus writing itself be illegal?".  We want to hear *your* views, too, so the session will end with Q&A Interactive.

Sarah Gordon graduated from Indiana University with special projects in both UNIX system security and ethical issues in technology. She currently works with the anti-virus science and technology R&D team at IBM Thomas J. Watson Research Center. Her current research projects include development of antivirus product certification standards, test criteria, and testing models. She has been featured in publications such as Forbes, IEEE Monitor, The Wall Street Journal, and WIRED, and is published regularly in publications such as Computers & Security, Network Security Advisor and Virus Bulletin. She has won several awards for her work in various aspects of computing technology, and volunteers in an advisory capacity to Virus Bulletin, The WildList Organization, and The European Institute for Computer Antivirus Research. 

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Prof. Feedlebom- Followup on Micropower Radio.

Last DefCon, Prof. Feedlebom led a discussion on Micropower Radio that kinda glossed over a lot of the technical details.  This year, he returns to discuss in more detail some of the things required to place a micropower station on the air.  Will also include a short synopsis on the current state of Micropower Radio, including the effort to legalize it in the United States. Handouts from last year's session will be available for those who did not recieve them in the mail (sorry).

Prof. Feedlebom has operated The Voice of Mercury and the Desert Crossing Radio broadcasts for the last five years.  While he's taking the year off this year from the Big Broadcast, he has been responsible for strange radio emissions that have been heard in Los Angeles and Kern Counties on a variety of frequencies.  He also acts as the chief engineer for Radio Invasion, a former micropower station now broadcasting through Real Audio.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Dr. Byte- IPv6: Who/What/When/Where/How/Why.

The Internet Protocol has undergone substantial changes in past few years from version 4 (Classical IP) to version 6 (Next Generation IP).  This presentation will overview who's using the new protocol, what the new protocol's features are, when it will become mainstream, where it's being deployed, how the transition from IPv4 to IPv6 is planned, and why we need a new fundamental protocol on the Internet.  This speech will contain many technical details and will assume the knowledge of the basics of TCP/IP.

Dr. Byte is a Ph.D. candidate in Computer Engineering and an instructor of Computer Engineering at a major university.  He received his B.S. and M.S. in Computer Engineering in 1994 and 1997 respectively.  For his M.S.,  he worked with a real time bit error rate simulator, and developed a next generation real time hardware system for bit error rate simulations.  He has developed a 16 bit RISC microprocessor in VHDL in a Field Programmable Gate Array (FPGA) able to run compiled 'C' code.   His research interests include developing a taxonomy of attacks and applying it to different network environments.  He has co-authored 3 papers on IEEE 802.11 and IPv6. 

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Christian Hedegaard-Schou - What is opensource?

This talk will focus on what opensource is, what it isn't, debunking some myths, showing some examples, and giving reasons why opensource is ready for the real world. This talk is primarily aimed at government and corporate IS/MIS/IT staff and managers, but anyone who's curious as to what this "open source" thing is they've heard so much about in the past months are encouraged to attend.

Christian Hedegaard-Schou I is a private contractor and consultant who first embraced opensource about 5 years ago when he discovered linux and installed it over his DOS partition. He's never gone back. Since he first discovered linux he also played with FreeBSD and NetBSD on various architectures, and has been a proponent of Free software, GNU, and the newly defined "open source" movement.


V1RU5 , Stephen Wadlow, Gurney Halleck, and *Hobbit*- Lock Picking explored.

14 years as a professional magician, V1rus will assist on the Lock picking class and will talk about Hand cuffs, and how to improv picks.  Video explores a cut away pin tumbling lock made by *Hobbit*, the door cut away with a bunch of locks in it, and a lenghtly discussion.  Good stuff!

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Craig H. Rowland -  How to be aware of security problems on your network.

A critical component of network security is being aware of what is occurring on your systems so you can spot security problems before they become a big headache. The Abacus Project is a suite of free security tools that allows administrators to monitor critical aspects of system operations on a variety of Unix hosts to help increase their awareness.

The core components of the project attempt to address the more common indicators of an attack such as:
1) Strange messages in audit files indicating errors or invalid input that indicate security problems.
2) Port probes that are a pre-cursor to attack and compromise.
3) Compromised user accounts and suspicious user activity.

The three currently released tools address the above issues using generic techniques that work on a number systems. These tools are: Logcheck, PortSentry, and HostSentry.

This talk will detail why it is important to watch your systems closely for problems and how these and other free security tools can help bolster your site security using a variety of simple techniques. 

Craig H. Rowland is a security software developer and consultant currently working for Cisco Systems Inc. His area of focus falls into network attack tool programming and intrusion detection systems. He is the author of several free security tools on the Internet and maintains the Psionic Software website to distribute security tools, papers, and advice. 

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Steven Alexander- Firewalls: Trends and Problems.

This talk will cover some of the new firewalling trends and how many of them are detrimental to security.  The focus of this talk will be on how the discussed trends  work and how they can be used by an attacker  to defeat security, and how security problems can be avoided.  The discussion will not cover specific products in order to allow anyone to apply the subject matter
to their current configuration.

Steven works for a small ISP, attends his local college as a math major and spends his free time studying cryptography.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Robert Lupo - Introduction to computer Viruses.

This class covers how different virus work and how to defend agent them, including: Boot Sector Virus, File infecters, Multi parti, Macro, and Fakes in the world.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Michael J. Martinez - Hackers and the Media: A Love-Hate Thing.

For hackers, contact with the media is both exciting and frustrating. Everybody loves to grab that 15 minutes of fame and set the record straight, but the media has this annoying habit of getting things wrong, at least from a hacker's point of view. Mainstream reporters feel the same way -- hacking is cool, sexy, and guarantees readership. But hackers are so evasive, way too full of themselves, and then there's this godawful technology to try to understand. How can reporters and hackers work together, or at least understand each other?

Michael J. Martinez reports on technology for ABCNEWS.com. In addition to covering more mainstream issues, Martinez has written about hacker culture, the VX community, the Pentagon's "cyberwar" problems, and the Melissa virus. His articles have been featured on Slashdot and the Hacker News Network.
 


Steve Mann -  Inventor of the so-called "wearable computer"

Steve Mann, inventor of the so-called "wearable computer" (WearComp) and of the EyeTap video camera and reality mediator (WearCam), is currently a faculty member at University of Toronto, Department of Electrical and Computer Engineering.

Dr. Mann has been working on his WearComp invention for more than 20 years, dating back to his high school days in the 1970s. He brought his inventions and ideas to the Massachusetts Institute of Technology in 1991, founding, what was to later become the MIT Wearable Computing Project. He also built the world's first covert fully functional WearComp with display and camera concealed in ordinary eyeglasses in 1995, for the creation of his award winning documentary ShootingBack. He received his PhD degree from MIT in 1997 in the new field he had initiated.  He is also the inventor of the chirplet transform, a new mathematical framework for signal processing.  Mann was both the founder and the Publications Chair of the first IEEE International Symposium on Wearable Computing (ISWC97).

Mann has chaired the first Special Issue on Wearable Computing in Personal Technologies Journal, and has given numerous Keynote Addresses on the subject, including the Keynote at the first International Conference on Wearable Computing, the Keynote at the Virtual Reality conference, and the Keynote at the McLuhan Conference on Culture and Technology, on the subject of Privacy issues and Wearable Computers.  He can be reached via e-mail at mann@eecg.toronto.edu

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Cyber - How to set up a firewall with xBSD O/S

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Peter Shipley - Intro to TCP/IP exploits.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Gh0st - Phreaking and PBX tricks

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Dead Addict  - Currency systems, credit systems and associations.

After working for The Man (TM) for several years, DA is finally working for the little guy - implementing worldwide financial systems for multinational banking corporations.

He will speak on currency systems, credit systems and associations, SET technology, its message flow, crypto usage, implementation issues, and surrounding industry issues.  He will alsobriefly discuss security issues with current ecommerce implementations.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Winn Schwartau -  HERF Guns, EMP Bombs and Weapons of Mass Disruption (UnClassified)

At DefCon III, Winn Schwartau talked about High Energy Radio Frequency Guns, Electromagnetic Pulse Bombs and assorted nefarious weapons. Trouble is, the government doesn’t admit to a thing. However, through constant research, he has found more than the government would like.

The August issue of Popular Science, due out on or about July 15 will feature Schwartau’s article on these emerging devices – but you will get an early peek at DefCon 7 on Saturday afternoon.  Russian HERF and EMP devices for sale world wide. Some are even on the Internet!  Terrorist level weapons made in a garage for less than $500 and put out an E field in excess of 1MV/meter.  A video of real HERF at work. Be ready with your questions and Schwartau, as usual, will have answers.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Deanna Peugeot  - Embedded systems hacking.

Embedded systems can often go where the average hacker cannot.  They don't reside on the server to be detected by a vigilant sysop, nor do they need the dedicated resources of a computer.  But no one in the hacking community seems to be taking advantage of this arena.  This will cover the possible uses for a custom embedded system and how to go about creating it.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Bennett Haselton and possibly Brian Ristuccia - The "Anti-Censorship Proxy" and technological circumvention of Internet censorship.

Brian Ristuccia's Anti-Censorship Proxy (ACP) is a tool for circumventing network-level Internet censorship.  It combines functionality of older software such as PGP, Anonymizer, and steganography software, enabling Internet users to bypass firewalls and proxy servers without detection. ACP can be used to circumvent firewalls used by China and Saudi Arabia to block criticism of their governments, or to bypass software used in American schools to censor pages about contraception, animal rights, and many non-Christian religions.

These countries and institutions are likely to crack down on the use of such software, provoking an "arms race" between ACP developers and their opponents.  (The use of strong encryption in ACP may even conflict with some countries' import/export regulations.)  This talk will describe the ACP and look at some of the directions that such an "arms race" might take, as well as describing real-world implementations of network-level censorship (in China, Serbia, the Middle East, as well as many U.S. schools), what kind of content is censored, and how the ACP could be used to bypass these restrictions.  More information at http://ians.978.org or http://www.peacefire.org/bypass/Proxy/

Bennett Haselton has been publishing studies of Internet censorship software since 1996.  His reports have been used as evidence in First Amendment court cases filed by the ACLU and People For the American Way, and he has been invited to speak on Internet censorship at Computers Freedom and Privacy 99, the American Library Association national conference, the ACLU of Ohio annual conference, InfoWarCon 99, and Spring Internet World 99.  Peacefire's reports criticizing censorship software have been featured on CNN financial news, MTV, Court TV, and MSNBC.


R - The Defcon Proxy Server.

R will give an overview of the Defcon Proxy Server - what it is, how it came to be, and how to access and use it.  Don't want your boss to know where you're surfing to on his dime?  Would you like to anonymously view your artwork after the fact?  If this is you, don't miss this informational talk.  It will cover new features and access policies.

Rstarted out in life as a BBS operator in 1989. After setting up Unix boxes to provide Usenet and Email via UUCP for his customers, he gave out shell accounts on the same machines - and after cleaning up that mess, he was a Security Expert!  He also authored the first Windows based email application and roaming code for American Mobile Satellite Corporation and the Trimble C/GPS transceiver, and was head of Network Security for Telegroup, Inc.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Mr Phillip J. Loranger - The United States Army.   The ethics/morality/practicality/patriotism of hacking.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Angus Blitter - Fear and Loathing in Cyberspace: The art and science of enemy profiling

Quickly identifying your opponent, in any conflict, can mean the difference between success and failure. Knowing their capabilities, resources and limitations can provide the tactical advantage. The lack of this type of decision support is a serious deficiency in most information warrior's arsenals. Relying on single source intelligence is pure folly.  Charlatans and carpetbaggers are salivating at the millions in government and corporate dollars earmarked for such a competitive advantage. Our discussion will provide a working definition for "profiling", how it is used and why it effects everyone!

Angus Blitter is the founder and Grand Poopa of HSK.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Daremoe - The Firewall Appliance: Friend or Foe?

An introduction to appliance firewalls. What they are, how they work and what you can expect when you encounter them in the wild. These "new breed" firewalls are popping up everywhere, so be prepared when you meet them...

Daremoe is the Alpha-Dog of the WolfPak, a "614 based group of security minded individuals". He is an independent computer security consultant with over ten years experience in e-commerce. He has just completed a comprehensive evaluation of appliance firewalls and their market.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Charles Faulkner - Hacking Human Minds

Human expertise is not found in the sum of explicit practices or algorithms. It's in the experience, mental models and heuristics of individuals. Invisible to current Knowledge Engineering, psychology and (most) linguistics, these 'rules of thumb' are available (can be hacked) through specific pragmatic, syntactic, and semantic 'filters/handles' that can be detected, influenced, and transferred. Applications / instantiations to humans achieved. Computing and human/computer interface applications sought.

Charles Faulkner is a hacker (modeler, in polite society) of human experience and expertise whose projects have included language acquisition, futures trading, metaphoric communication, and object oriented software testing.


Michael Peros -Privacy Electronics - Detecting wiretaps

This year I would like to speak about how to identify body wires, recorders and government informants.
Also I have  verified from a very reliable source that President Clinton passed a wiretap bill through executive order of the White House allowing the Federal Government to Wiretap and intercept electronic-oral communication without a warrant.  This came into law as of January of 1999. He did not have to go in front of the congress to bring this into law.

Michael Peros can be reached via email


Gail Thackeray - Maricopa Count Prosecutor,AZ - 
Kevin Higgins - Nevada Attorney General's Office - 

Eache will do a  brief thing  on a topic near & dear to their hearts, and then open the session to  an "ask the prosecutor" Q & A so people with Burning Questions can ask about whatever  interests them.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


James Jorasch - "Hacking Las Vegas."

If you missed it lasst year, don't miss it this year.  Excellent.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Peter Stephenson -  Principle consultant of the Intrusion Management and Forensics Group (IMF).  Introduction to Cyber Forensic Analysis

This session will address the techniques used to investigate network-based intrusions, especially those originating from the public Internet.  Emphasis will be on techniques that provide an acceptable chain of evidence for use by law enforcement or in anticipation of civil litigation.  We will cover back-tracing, forensic tools, end-to-end tracing and evidence collection and preservation as well as the forensic use of RMON2-based tools for documenting the path of an attack.

Peter Stephenson is a well-known writer, consultant and lecturer with an international reputation in large scale computer networks and information protection. He has lectured extensively on network planning, implementation, technology and security.  He has written or co-authored 14 books (including foreign language translations) and several hundred articles in major national and international trade publications. He is the principle consultant for InfoSEC Technologies division of Sanda International Corp.

Mr. Stephenson has participated in investigations of computer system intrusions, Internet misuse and abuse and has performed forensic analysis of computer disk drives as well as backtracing analysis of intrusions coming from the Internet. He has used forensic techniques to recover lost data from computer disk drives. 

Stephenson is a member of the Information Systems Audit and Control Association (ISACA), the Information Systems Security Association (ISSA) and the High Technology Crime Investigation Association (HTCIA). He provides volunteer assistance on request to the Michigan State Police and other law enforcement agencies.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Natasha Grigori - Founder, Anti Child Porn Militia (ACPM) - ACPM Grand Announcement

The Anti Child Pornography Militia will be making a showing at the 7th Annual DefCon Conference in Las Vegas, Nevada on July 9th - 11th. The ACPM will be actively recruiting individuals sympathetic to our cause and willing to take an active role in the battle to eliminate child pornography from the Internet.

"We have big plans for DefCon", says Natasha Gregori, founder of the ACPM, "Not only will we be recruiting from a Hospitality Suite at the Convention, and seeking sponsors and allies;  Plans are in the works for ACPM to make a presentation during the three day event, and be introduced by a major personality in the community."

The Defcon Conference will also signify the commencement of operations for ACPM, after 5 months of preparation, organization, and amazing growth from its original one-woman cause.

"I feel confident that the kick-off will be a success," Lawless, Director of ACPM Education, "from there, we will begin entering the political arena, lobbying for tougher enforcement against child pornography online, while assisting in any way possible with current enforcement."

The Anti Child-Pornography Militia (ACPM) is an organization committed to removing child pornography from the Internet. Child Pornography is readily available on the Internet from Usenet, web sites, and chatchannels.  These photographs of children, used to feed the grotesque sexual desires of pedophiles, contribute to the rising numbers in child sexual abuse cases world wide by emboldening and enticing potential perpetrators into committing acts of child abuse. The ACPM will be working to achieve its goal of Zero Child Pornography through legal, political, and legal technical means. The ACPM in no way promotes or condones illegal attacks against individuals or computers connected to the Internet.


Tom -  from because-we-can.com.  Security problems associated with client-side scripting in popular web-based services.

This info will also be appearing in Wired magazine around the same time as Defcon so it's good timing, and extends the 'shorts' in Business Week (may 17, p8) and NY Times (thurs of same week).See this link for the story..

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Kevin Poulsen & Jennifer Grannick - The Legalities and Practicalities of Searches and Interrogations.

You all know who Kevin Poulsen is.  If you don't, please go learn.

Jennifer Stisa Granick is a criminal defense attorney in San Francisco, California.  She defends people charged with computer-related crimes, as well as other offenses.  Jennifer has been published in Wired and the magazine for the National Association of Criminal Defense Lawyers.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Vic Vandal - Hacking Oracle 101

So you've hacked your way into your "test" O/S.  What are you going to do now?  All the really fun data is stored in a database, probably an Oracle database. This talk will discuss some of the gory details of Oracle security and insecurity.

Vic Vandal is a certified information security professional.  He has been providing enterprise-level security design and implementation for U.S. government and military entities for the past 10 years.  He currently works for a major consulting firm as a Senior Information Security Engineer.  His areas of expertise are;  O/S security, database security, network security, application security, firewalls, encryption, VPN's, and digital signatures.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


David Sobel - General Counsel to the Electronic Privacy Information Center - "Internet Anonymity Under Assault: The 'John Doe' Lawsuits"

Several recent court cases around the country highlight an increasingly popular litigation tactic: the use of civil discovery to unmask the identities of anonymous Internet posters.  In the last few months, a growing number of corporations have issued subpoenas to Internet service providers (ISPs) and operators of online message boards seeking to identify and locate individuals who posted material that the
companies, for one reason or another, find objectionable. A spokesman for Lycos recently told Salon Magazine that the firm receives subpoenas on "pretty close to a regular basis."  The underlying allegations in these cases include defamation, misappropri- ation of trade secrets and securities law violations.  Many observers worry, however, that the legal tactic can easily be used to intimidate potential critics into silence and destroy the anonymity that has contributed to the Internet's explosive growth.  David Sobel will discuss these cases and efforts to protect online anonymity.

David Sobel is General Counsel to the Electronic Privacy Information Center in Washington, DC, where he has litigated numerous cases under the Freedom of Information Act (FOIA) seeking the disclosure of government information on cryptography and privacy policy. Among his cases are those involving Operation Sun Devil, the Clipper Chip, the FBI's Digital Telephony wiretap proposal and the Secret Service's Pentagon City 2600 raid.  David served on the Association for Computing Machinery's Special Panel on Cryptography Policy, which produced the report "Codes, Keys, and Conflicts: Issues in U.S. Crypto Policy."

David also served as co-counsel in ACLU v. Reno, the successful constitutional challenge to the Communications Decency Act decided by the U.S. Supreme Court in 1997.   He has been profiled as a "Newsmaker" by CNET's NEWS.COM for his work on
Internet liberties issues.

David has a longstanding interest in national security and civil liberties issues and has written and lectured on these issues frequently since 1981.  He was formerly counsel to the National Security Archive, and his FOIA clients have included Coretta Scott King, former Ambassador Kenneth Rush, the Nation magazine and ABC News.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Rooster - Insecurities in Networking Devices

Routers and switches.  These devices make up the core of what is networking.  Devastatingly important, this infrastructure is key to a properly working environment.  Amazingly, many administrators don't know the weaknesses and holes that are being exposed to the Internet.  This talk will discuss the most common security issues in routers and switches, how they can be exploited, what a person gains from this, and how to prevent people from gaining access to your network equipment.

Rooster has extensive knowledge of systems and networking.  his experience includes all manner of networking and systems including; ATM, BGP, GigabitEthernet, FDDI, etc. Rooster is currently a network engineer at a fortune 500 company where he maintains the Internet connectivity.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Jonathan Wignall - Extra Border Hacking - How a company can be hacked without the hacker ever picking on that companies machine.

Companies may defend themselves from hacking attacks from the internet by using firewalls and other defences, but what about their
defences beyond their site's boundary?  Can attacks here cause damage? or enable an intruder to break into their sites?  This presentation will outline what tricks can happen on the internet and how you can defend yourself outside your normal area of control, without resorting to illegal measures.

An experienced college lecturer despite being under Thirty years of age. Is well used to public speaking and his research interest is in the field of Internet Security. Head of programme for higher education courses in Computer Networking at St Helens college, he is also actively tring to establish simular courses on Information Security.

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Mojo - Hacking Windows registries and shares

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Swift - IP V.6 Overview

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


M0dify - Introduction to scanning

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


Techno Pagan - Radio and Computers

See It! Real Media (surestream video file)
Hear it! Real Audio (28k-isdn surestream)


 
Other People's DEF CON Resources
Other groups and people have set up pages to help people out or for their own events.  It's groups like these that make the convention happen! e-mail DT and have a link added here.
  • The Dismembered Youth Corps! (TDYC!) has a resource page up at their home page.
  • cyb0rg/asm of hackcanada has put up resources for the PalmPilot for this years con. So far I've just got a map of the area around the hotel, but I plan on adding the Events Schedule, maybe some restaurant lists, and whatever else I can come up with that would be useful in Vegas this summer.  Pretty much the whole Hack Canada crew is planning on being there too.

  • Hack Factor X (HFX) has a DEF CON 7.0 resource page up as well as a call for event contest (See Below)
"Official" Events
  • The Fourth Annual Black and White Ball - 
  • Hacker Death Match! - 
  • Quake2/3 battle net - The irQconflict ( http://collusion.org/conflict ) will be in setting up for a Quake2/3 battle royal...so don't forget your gaming rig!  The irQconflict is a unique experience, providing a gathering spot for gamers to compete for hundreds of dollars in prizes in a tournament setting unavailable to the average gamer geek sitting at home or gaming on his handi-hub with his 4 friends.
  • Hack Factor X is issuing a call for contest ideas to be held at DEF CON.  They are giving away cool prizes to the people who submit the best ideas.  Check out this page for more information!  Welp, the submission date is over, but stop by the site and see who the runner ups are!
  • Live Band action -We have enough space that an area just for live bands is being set up.  Email noid at defcon d0t org if you want to DJ or have your band perform.  Currently the following acts are booked.  Now, this is only the list of booked DJs/Bands..this IS NOT the set list, so don't get yer panties in a bind.The Official DEFCON Shoot (3rd Annual!) is happening again. As soon as we get a word where the page is we will let you know!   It's slated for Saturday morning at 8AM round up to go off to the shooting site.  Please visit the web site linked above for complete information on safety requirements, responsibilities, and what to bring.  Be awake!


AFTER