[ mainpage :: register :: conference :: training :: the venue ]
[ capture the flag (CTF) :: hitb cinema :: lock picking village :: zone-h/hitb hacking challenge :: bzflag ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]

Conference Materials: http://conference.hitb.org/hitbsecconf2007kl/materials/

Official Photos: http://photos.hitb.org

TECH TRAINING 3 - Structured Network Threat Analysis and Forensics

Filed under: Main Page — Administrator @ 11:05 am

Title: Structured Network Threat Analysis and Forensics
Trainer: Meling Mudin (spoonfork) & Lee Chin Sheng (geek00l)
Capacity: 24 pax
Seats left: REGISTRATION CLOSED
Duration: 2 days
Cost: (per pax) MYR2899 (early bird) / MYR3299 (non early-bird)

Content:

The weary analyst battles the Internet: portscans are coming at you left and right, worms are spreading like wildfire, servers are compromised and confidential data are lost and stolen. This is a familiar scene, one that could be detected, prevented and and if it has already happened, contained.

This a hands-on class that will teach you on how to detect, analyze, and perform incident response and handling. We will throw at you tons of packet capture files, and we will show you how to analyze them using Open Source tools. When we say analyze, we mean: looking for signs of attacks, determining the source and attack destination, and detecting targetted vulnerabilities. We will also show you how to build, deploy and manage NSM (Network Security Monitoring) architecture.

— At the end of the two-day session, you should be able to

* Perform structured network traffic and threat analysis
* Build, deploy, and manage NSM architecture
* Collect evidence and perform network and server forensic
* Use Open Source tools for SNT/TA effectively
* Build a defensible network using NSM
* Know WHAT to do when given packet capture files

— Whom this training is for

* Security analysts
* System administrators
* Anyone who is interested in building defensible networks
* Anyone who is interested in building NSM architecture

— Prerequisites

* Intermediate to advanced knowledge of TCP/IP
* Knowledge of Unix and Windows system
* Participants must bring their own laptop
* Participants must have administrative rights to install software programs on their laptop
* The laptop must have at least 4 Gb of free space, and with at least 512MB RAM
* VMWare images will be provided. VMWare-Player will also be provided, or participants can install it prior to the training.
* Choice of Operating System is optional (either Windows XP or Linux)

About Meling Mudin

Mel has been in the computer security industry for the past five years. He was previously a system architect at SCAN Associates where he was responsible for developing the Malaysian government’s largest network security monitoring center. He has also been involved with the organization of HITBSecConf conference for the last three years, specifically, in running its popular Capture the Flag hacking competition. In the past five years in the industry, he has been involved in various aspects of computer security including penetration testing, software and product development, training, network defense, system administration, and as well as being a freelance consultant. He currently runs a start-up company that develops vulnerability and patch management software.

About Lee Chin Sheng

C.S.Lee has been working in cyber security industry for the recent 3 years, he was previously CEH trainer and adapting in wireless hacking and pentesting. However he starts to adapt to the art of detecion while fascinated by the framework of Network Security Monitoring(NSM). He is NSM practitioner who believes in using Open Source Power Tool to complete his task. On and on he writes how to decode and performing packet analysis in his blog. He is currently working in Exabytes as System Engineer and involving in vulnerability assessment, network incident handling and response as well as network forensic.



Event Organizer


Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By


Malaysian Communications and Multimedia Commission (MCMC)


Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors


Microsoft Corporation

Gold Sponsors


SCANIT ME LLC

Official Airline Partner


Internet Bandwidth Sponsor


Global Transit

CTF Sponsor


Scan Associates

CTF Prize Sponsor


Scan Associates

Sponsor for Zone-H/HITB Hacking Challenge


Ascendsys

HITB Cinema Sponsor


Avenuz Sdn. Bhd.

Official Creation Station


The Womb.com

Our Speakers are Supported By


F-Secure Corporation


Arbor Networks


Mediaservice.net


Bellua Asia Pacific


ERNW GmbH


Mozilla Corporation


Mu Security

Supporting Media:

Virus Bulletin

Virus Bulletin (VB)

InfoSec News

(ISN) InfoSec News

InfoSec News

XAKEP (Russia)

Insecure Magazine

PHRACK Magazine

Hakin9 Magazine

Supporting Organizations


Chaos Computer Club


ISECOM - Insititue for Security and Open Methodologies


ISACA


IT Underground


X-Focus China

Zone-H Defacement Mirror


Xatrix Security


Special Interest Group in Security & Information InteGrity Singapore


Syscan