- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
select a course
Washington, DC - December 9 - 16, 2006
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
Excellent conference I have a ton of stuff to bring back to my company and clients.
-John S. Macy, Network Design Associates
Special Offer: Register for CDI East 2006 and receive 10% discount on Secure Storage & Encryption Summit. Send your CDIEAST2006 invoice number to tuition@sans.org and request your discount.
SANS @Night
The Hidden Risks of Bluetooth
- Tuesday, December 12th: 7:00pm - 9:00pm
- Joshua Wright, Aruba Networks
IDC reports that the number of Bluetooth devices shipped worldwide will exceed 1 billion in 2006. Declared "dead" on more than one occasion, Bluetooth technology is rapidly gaining adoption worldwide as a networking topology and a generic cable replacement technology. Despite the popularity of Bluetooth, many organizations don't realize their exposure to this popular wireless technology, thinking that Bluetooth is limited to short-range communications or doesn't expose sensitive data or access to network resources.
In this presentation, wireless security researcher Joshua Wright will disclose the risks and vulnerabilities of Bluetooth, dispelling common misconceptions. Focusing on actual attack tools and implementations, Joshua will demonstrate Bluetooth attacks in a live environment, and demonstrate how an attacker can abuse Bluetooth devices.
More Windows Command Line Kung Fu - Hands-On
- Wednesday, December 13th: 7:00pm - 9:00pm
- Ed Skoudis
To maximize their value in handling the latest generation of spyware and related threats, security personnel should wield some Windows command-line Kung Fu. Many people do not realize the power of the Windows command-line and have confined themselves inside the prison of the Windows GUI. But, sometimes, in the face of extremely nasty malware that disables GUI-based tools, security personnel are forced to the command line to analyze an infestation.
Don't fret! In this fun and engaging session, we'll discuss some of the most powerful command-line tools out there; wmic, sc, tasklist, and netsh, and how they can greatly improve the capabilities of security personnel, incident handlers, and even auditors. For example, do you know how to kill a bunch of processes based on their name across the network using only built-in Windows tools? How about finding out whether a given patch is installed, the date it was installed, and the user who installed it, again remotely, and using only built-in features? What if your GUI is shot by a rootkit, and you want to see which services are associated with each process, and which DLLs those processes have loaded? Know how to reboot a Windows box from the command line? Change the IP address? Alter the initial IP TTL and TCP Window Size? After this SANS@Night, you will be able to do all of this and more... much more.
If you've seen Ed's Windows Kung Fu sessions before, don't skip this one, as he'll cover more than ever before (for serious Windows work), all in a hands-on format. For this session, have a Windows XP Pro or Windows 2003 box handy and get ready for some serious Kung Fu.