- Secure Development Lifecycle -Jamil Valliani
- Beyond NX: An attackers guide to anti-exploitation technology for Windows - Ben Nagy
- Hackers Methodology & Incident Handling - Faiz Ahmad Shuja
- Identifying Cyber Crime - Pakistan's Response - Jawad Sarwana
- Bank Scams: Latest Threat to Pakistani Online Banking - Pakistan Honeynet Project
- X.25 Security - Emmanuel Gadaix
- Exploring the World of Threats in eBanking of Pakistan - Nizar Diamond Ali
- IDS Evasion - Attack and Detection - Sumit Siddharth
- Web Applications: Attack and Defense - Muhammad Ahmed Siddqui
- Computer Forensic 101 - Dewan Chowdhury
- 0day: Heap-based Format String Bug in Real-/Helix-players on *nix - c0ntex
- Malware: The Inside Story - Ahmad Elkhatib
- Metasploit Framework - The Exploitation Machine - Omar Khan and Jahanzaib Sarfaraz
- Secure Development Lifecycle -Jamil Valliani
The Trustworthy Computing Security Development Lifecycle (or SDL) is a process that Microsoft has adopted for the development of software that needs to withstand malicious attack. The process encompasses the addition of a series of security-focused activities and deliverables to each of the phases of Microsoft's software development process. Before software subject to the SDL can be released, it must undergo a Final Security Review by a team independent from its development group. When compared to software that has not been subject to the SDL, software that has undergone the SDL has experienced a significantly reduced rate of external discovery of security vulnerabilities.
Jamil Valliani is a Security Program Manager in Microsoft's Secure Windows Initiative (SWI) team. In this role, he has played a key role in developing and rolling out the Security Development Lifecycle (SDL) across Microsoft. He has helped enforce the SDL throughout the company by implementing ship-stopping mechanisms for products that do not pass security review. Jamil worked at several companies in Silicon Valley before joining Microsoft. He holds a B.S. in Computer Science and Computer & Systems Engineering from Rensselaer Polytechnic Institute.
- Beyond NX: An attackers guide to anti-exploitation technology for Windows - Ben Nagy
In an effort to complicate the exploitation of memory corruption
vulnerabilities, Microsoft have introduced several new technologies in
Windows XPSP2 and Windows 2003. Support for NX (No eXecute) memory is
the most often discussed, but is also the least used because of the
hardware support required. However, new technology has also been added
to protect the stack, the heap, improve exception handling and to
complicate exploitation by removing or randomizing some interesting
pointers at fixed memory addresses.
Although groundbreaking research work exists in terms of attacking the individual technologies like Safe SEH, /GS stack protection, Heap Cookies and NX itself, it is very difficult to obtain a unified view of how the technologies work together against real world attacks. If you're comfortable with stacks and heaps and have a passing familiarity with x86 assembler and CPU architecture then join us as we attempt to clarify the operation of all the new protection features, alone and in combination, and then see what attacks remain viable.
- Ben Nagy was born in Australia but has spent the last several years working with eEye Digital Security in Switzerland and Thailand. With a strong background in most areas of network security and several sets of pretty letters, he has been particularly interested in firewalls, crypto, and software vulnerability research. Ben loves rambling on about security and has presented at several conferences in Europe and Asia, as well as hosting eEye's monthly Vulnerability Expert Forum.
Hackers Methodology & Incident Handling - Faiz Ahmad Shuja
- Sooner or later your organization is going to be attacked. Do you know what to do when incident happens? Most of the organizations have had attacks and some who did not know how to handle incidents properly were badly affected. Presentation will go through latest attacks, tools and techniques used by attackers to break into systems and most importantly how to detect, prevent, and respond to attacks. Speaker will guide you how to correctly handle an incident and how to design an effective incident response plan for your organization. Presentation will walk you through a six incident handling phases step by step.
Faiz, founder of the Pakistan Honeynet Project, is a Sr. Information Security Consultant at Cyber Internet Services (Pvt.) Ltd, Pakistan's largest ISP. CYBERNET also offers various security services ranging from vulnerability assessment to managed security services. He has extensive security experience and has been involved in information security management, intrusion detection/prevention systems, firewalls, honeynets, vulnerability assessments, penetration testing, forensics analysis and incident handling and reporting for the last four years. He has spoken at various conferences and organizations, including NSA, DoD, and IEEEP. He is also an active member of Honeynet Project Research Alliance. Faiz holds a Bachelors degree in Computer Science from the University of Karachi and SANS GSEC and GCIH Certifications.
Identifying Cyber Crime - Pakistan's Response - Jawad Sarwana
- The majority of Developing countries have introduced new laws to
prosecute cyber crime in the internet age. In the year 2003, the
Government of Pakistan also circulated a draft Cyber Crimes Bill which
has gone through several amendments but has yet to be finalized. What is
cyber crime? Can we adopt existing law to meet the new challenges of the
Internet? Are we in need of new laws in a rapidly changing environment?
What protection is currently available to the average computer user
against an incident of cyber crime in Pakistan? During this session the
speaker will highlight Pakistan's response or lack thereof to
prosecuting cyber crime ranging from reviewing the new legislation to
identifying the issues and challenges for effective law enforcement of
the Internet and computer related crimes.
Jawad Sarwana, is an Advocate of the High Court of Sindh and Senior Associate with Abraham & Sarwana. He earned his BA Degree from Southwestern University, Georgetown, Texas and his LLB (Honors) Degree from the University of Buckingham. Jawad has been practicing law since 1997 and has advised several International Clients in the Banking and IT Sector on Electronic Commerce and Cyber Crime Laws of Pakistan. He has also assisted in the preparation of the Pakistan Chapter on Electronic Commerce in the Digest of Commercial Laws of the World published by Oceana Publications, Inc.
Bank Scams: Latest Threat to Pakistani Online Banking - Pakistan Honeynet Project
There have been lots of researches done by Honeynet Project and Research Alliance about credit card frauds, botnets, and phishing. You will find that most of them have covered technical details about how these attacks are executed and what are the motives behind such attacks. Also, some will cover details about who are involved in these attacks, what is motivation, how attackers operate and communicate but all of them are based on western countries attackers. To date, almost all of the attacks and trends Honeynet Project has published have been primarily based on data colleted in North America and Europe. There still hasn’t been any publication about the black hack community in eastern countries. This presentation will cover details about how black hat community operates in Pakistan and is based on the research done by Pakistan Honeynet Project. It will be based on the motives and tactics of Pakistani black hat community.
There have been lots of phishing attacks being continuously launched by attackers in Pakistan. They have been scanning for vulnerable systems to launch phishing attacks. Since online banking is growing in Pakistan, it is the next target for attackers to run such scams and frauds. Recently, Pakistan Honeynet Project has identified a group of attackers who run organized local bank scams, exchange stolen bank accounts and credit cards. Presentation will cover details about who were involved in these attacks, what was the motivation behind it, how group operated and communicated.
Pakistan Honeynet Project is a non-profit, all-volunteer organization dedicated to Honeynet research. Their goal is to learn and raise awareness about the motives and tactics of the Black Hat community targeting Pakistan's networks. They aim to share and dissipate knowledge about the various tools and hacker practices in use on the Internet today. In this way, they can serve the federal government, the private sector, state and local governments and higher education establishments countrywide.
The project is based on principles and guidelines given by the Honeynet Research Project, and it is a part of the Honeynet Research Project’s Alliance.
X.25 Security - Emmanuel Gadaix
- Everybody knows about the Internet and how to hack it. But who
remembers about X.25?
This global packet-switching network has been implemented by telcos decades ago, and is still in use today. Unlike the Internet, it is not crowded by script kiddies and wannabe hackers. Banks, telecom companies, governments and even military still use it actively today. Many hackers of the "pre-web" generation have learned their trade exploring X.25 networks.
The presentation will focus on X.25 security issues, positioned in nowadays’ context and problems. The main intention is to bring personal and professional know-how, background and X.25 penetration testing experiences to the auditorium, with real-life case studies.
• Why are we talking about X.25 in year 2005 ?
• Introduction to X.25
• Access and Addressing
• Attack points
• Historical problems
• Internet VS X.25: key differences
• X.25 common targets
• Attackers’ profiling
• Today: some numbers to get the idea of the problem
• Getting help: where, how ?
Emmanuel was born in Western Europe and has been living in Asia for almost 15 years. He runs the Telecom Security Task Force, a loose organization of information security misfits that specializes in telecom security. Current and former interests include VoIP hacking, SS7 insecurity, X.25 and blueboxing. Emmanuel is also actively involved in alternative energy projects across Asia and Europe.
Exploring the World of Threats in eBanking of Pakistan - Nizar Diamond Ali
- Banking is in its booming stage in Pakistan, especially the years
2003 to 2005 have seen new banks coming up, lots of branches, ATM and
online banking and much more. Since banking is one of the most important
sector in any country, with reference to governance, extending finances
for the businesses and more importantly, reaching out to the customers
(the layman), its imperative to have a sound and secure banking system
This study aims at highlighting and exposing those areas of prevalent banking which can lead to a number of frauds in different scenarios. The frauds can directly or indirectly lead to losses to a consumer and bank. In case of consumer, the losses could be both in monetary terms and in terms of goodwill. And in the case of bank, it is financial loss.
Nizar Diamond Ali is currently working as Manager Quality Assurance at PIBAS Pakistan (Pvt.) Ltd – one of the leading core and online banking solution provider in Pakistan with a growing international clientele. His experience of SQA also includes the time spent at CDC – Central Depository Company of Pakistan, working on NCSS – National Clearing and Settlement System.
Having over 200 articles published in national and international print / electronic media, he is currently associated with Dawn group of newspapers writing regular columns for Sci-Tech World and Spider Internet Magazine focusing mainly on issues pertaining to security. His interest in network security started with his independent study ‘Vulnerability analysis of Pakistani networks’ as part of MS course work. He has continued his collaboration with experts in IT industry to identify loopholes in banking practices in Pakistan, particularly in the arena of e-banking.
He has done his BS from University of Karachi, MS from SZABIST and is a certified Lead Auditor, by virtue of which he also holds the cap of QMR – Quality Management Representative at his current job.
IDS Evasion - Attack and Detection - Sumit Siddharth
- Attacks for evading intrusion detection systems (IDS) have been seen for quite some time now. Different approaches have been documented for eluding Network IDS which include Evasion, Insertion and Denial of Service (DoS) attacks. The paper describes one approach for evading NIDS and also looks at various factors which make IDS evasion attacks very difficult to detect. It also looks at the various parameters available with NIDS, which are often overlooked and which could result in an evasion attack and also about the parameters which, if included with NIDS, may help in preventing/detecting the attack and also aid in using correlation techniques.
- Sumit Siddharth is a security analyst with NII Consulting. NII (www.nii.co.in) is one of the leading information security consulting companies in India. His areas of interest include intrusion analysis, forensics, and penetration testing. Sumit is a graduate from India's most prestigious engineering college - IIT Kanpur.
Web Applications: Attacks and Defense -
Muhammad Ahmed Siddiqui
- Web applications are growing rapidly on the Internet. Most of the
Business Applications are now being delivered over HTTP/HTTPS. Since
vendors are becoming more skilled at writing secure code, developing and
distributing patches to counter traditional forms of attack (e.g. buffer
overflows), attackers are now targeting web applications to a great
extent. Today more than 70% of attacks are launched against application
level. Your network is protected by various security devices but still
your web application is vulnerable to serious attacks. Presentation will
go through various techniques used by attackers to exploit your web
applications and how you can protect from such attacks. Also, witness
some of the high profile Pakistani websites vulnerable to such attacks.
Computer Forensic 101 - Dewan Chowdhury
- What is Computer Forensic?
The way a hard drive functions
If I delete something is it really deleted?
How and where to acquire missing data?
Is it possible to do counter-forensic?
Dewan Chowdhury is a Snr. Security Analyst for DNC CORP. Dewan started his early career in network security in the world of SOC (Security Operation Center) and CERT (Computer Emergency Response Team) for some of the biggest Telecommunication and ISP companies in the world. His knowledge in intrusion detection let him to track down attackers worldwide for many law enforcement agencies. His interest in computer forensic led him to world of CCI (Cyber Crime Investigation) where helped many international law enforcement agencies prosecute criminals.
top ^0day: Heap-based Format String Bug in Real-/Helix-players on *nix - c0ntex