BSIDES PITTSBURGH 2012

June 1st, 2012
Left Field Meeting Space

BsidesPittsburgh is a free, volunteer-run computer security conference to be held in Pittsburgh on Friday, June 1, 2012. Security Bsides is part of a global series of community-driven conferences presenting a wide range of information security topics from technical topics, such as dissecting network protocols, to policy issues such as managing information leakage via social networks. In keeping with the community-driven theme and to help minimize event costs, the conference format, talks, and activities are agreed upon by all attendees. We’re currently looking for presenters, ideas and topics. Please post your ideas at the BsidesPittsburgh website.

Pittsburgh has a flourishing information security community; this is a great chance to meet each other, share ideas and work together. Many of those professionals in Pittsburgh as well as nationally recognized experts are doing awesome things in the field; let's get together to learn, collaborate, and protect. Please see our web page for more information, to RSVP, or to submit a talk or suggestion. The event is free – even the food and drinks – and held in full view of the City of Pittsburgh and PNC Park at the Left Field Meeting Space on the north shore.

Other Activities

Lockpick Village

BSides Pittsburgh once again welcomes the Pittsburgh Lockpick Club, who will be demonstrating their skills and giving attendees a chance to try it, throughout the day.

Speakers and Talks

8:30 - Bharat Jogi - Reversing Patches for Exploit Creation, Pen-Testing or Just Fun!

How many times have you wondered what really gets fixed in the security patches released by vendors? Are you curious to find new vulnerabilities that could be introduced due to faulty patches? This talk will go over some basic reversing techniques that anyone can use to read what exactly gets fixed in patches. These techniques can be used to write your own exploit which can be helpful for pen-testing. Malware authors use similar techniques to create malware that targets unpatched systems. This is a fast and very cost effective approach and has been used extensively by malware authors. The talk will demonstrate how easy it is to reverse patches and will highlight the urgent need to apply patches to protect against such attacks.

9:30 - Julian Zottl - SCADA: Not just for water and electricity

One of the hottest topics in security is SCADA and what vulnerabilities are out there. This talk will focus on some SCADA networks that some may have not considered, such as the network that controls the cars that we drive every single day. We'll dive in to the structure of the traffic on the network, why security has been so lax, and how we might fix it. We'll cover some legitimate reasons for modifying the traffic and end points on the network, as well as some of the nefarious reasons.

10:30 - Kevin Gennuso (@kevvyg) - The use of network flows for better network visibility and incident response.

Knowing which hosts are involved in a security incident is vital information in the midst of a breach. The faster the attackers and their targets can be identified, the quicker the incident can be contained. Collecting this information from disparate logging systems can be difficult and time consuming, and capturing and storing every packet sent across the network for long periods of time isn’t technically feasible in most cases. Fortunately, most modern networking hardware has the ability to track and export network flows. A well--tuned network flow collection gives the incident response team a clear view into all past and present conversations between hosts, allowing for fast identification of attacking or infected machines. Network flows can also demonstrate what "normal" and "abnormal" network conditions look like and can help identify outliers or potential data leaks. This capability can be a valuable tool used throughout the incident handling process to help bring clarity and visibility during the "fog of war".

11:30 - Local Interest Briefs: ISSA, Infragard, Hack Pittsburgh, FBI Cyber Crime Squad

2:00 - David McGuire (@davidmcguire) - Maturing The Penetration Testing Profession

How do you define a penetration test, or identify a penetration tester? Generally, highly skilled professions have well defined requirements of both the professionals and the work they provide. Penetration testing, however, has virtually no definition, requirements or standardization and can cover anything from vulnerability scans to exploit development. While not the only profession in the information security field to lack definition, it is arguably the worst. The end result is often low quality, unsatisfactory assessments that leave organizations still vulnerable to unsophisticated attacks.

This talk will cover the current efforts of some groups organized to assist in professionalizing the penetration testing field, including the National Board of Information Security Examiners (NBISE) Operational Security Testers (OST) panel and the Council for Registered Ethical Security Testers (CREST). While different initiatives, the end goals of these groups are to provide frameworks for penetration testers, managers and customers to operate within, hopefully ensuring more consistent and measurable tests.

3:00 - Michael Egenlauf (@securityconnect) - Social Engineering 2012

Can you really patch human stupidity? Sure you can. This talk will discuss what social engineering is, what has changed in recent years, policy and training components to help mitigate some of the common tactics used by social engineers. We’ll also discuss some information gathering techniques and 2011 – 2012 attacks and how they happened.

4:00 - Eric Mikulas (@erockpgh) - QR code experiment

QRCodes will be printed on stickers, and placed in random area, such as bathroom stalls, telephone poles, signs etc. The QR code will point to a good sounding domain name, upon connection to the website, cellphone location will be requested, and random metrics will be collected. The site will only have a PSA about he dangers of scanning random QR codes, and an option to fill out a survey to try to gain more insight into QR scanning, and possibly gauge the success of a QR based attack on smart phones.

Planners

Dan Klinedinst (@dklinedinst)

Joe Wynn (@wynnjoe)

Scott Kriebel

Alex Meyers (@amattress)

Scott Thomas (@notscottthomas)