- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
select a course
San Francisco, CA - April 19 - 21, 2009
- Event Location & Info
- Faculty
- Vendor Expo
- General Info
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
The perfect balance of theory and hands on experience.
-James d. Perry II, University of Tennessee
Security 517
2 Day Course
(Portal Account Required)
For GIAC STAR
If you register for the full course, you may register to seek your STAR .
Online exam issued with 4-month deadline 7-10 days following conference.
Additional information:
STAR Information
GIAC FAQ
Fee Information
For OnDemand Bundles
You can bundle SANS OnDemand online training and assessment package for an additional $99.00 US when registering for the full course. Additional information can be found at the OnDemand Bundles page and the OnDemand FAQ.
For more information, please visit:
www.rsaconference.com
www.rsaconference.com
Cutting-Edge Hacking Techniques
Sunday, April 19, 2009 - Monday, April 20, 2009 : 9am - 5pmJohn Strand, SANS Certified Instructor
6 CPE Credits
As computer attackers ramp up their abilities, information security professionals must also keep our skills sharp in preventing, detecting, and responding to attacks. Based on the experiences of the SANS Internet Storm Center incident handling team, this session provides hands-on experience with attack and defense methodologies from the real-world released in the past twelve months. We'll also analyze emerging attack vectors that incident handlers are just starting to cope with in the wild. Each attack will be covered from an incident handlers' mindset, with a detailed and lively discussion of how to respond when an organization comes under fire. Also, numerous hands-on exercises will help incident handlers get into the mindset of attackers so they can counter the bad guys' moves.
Hands-on exercises throughout the session will build to a capture the flag event during the last half of the second day. In this engaging challenge, attendees will work in teams to apply what they have learned in a reality-based, hands-on attack scenario, with prizes awarded to the winning team.
- Who Should Attend
- Incident handlers charged with responding to computer and network attacks
- Information security practitioners who need to understand and counter attacks
- System administrators who need to fortify their systems to prevent attack
- Pre-Requisite Knowledge
- A fundamental knowledge of TCP/IP (three-way handshake, fragmentation, etc.)
- An understanding of how the stack functions under buffer overflow conditions
- Basic Linux and Windows navigation skills (logging in, running programs, etc.)
- No software programming skills are required, but an understanding of computer architectures (e.g., stack, heap, boot sequence, etc.) is helpful
- Tutorial Objectives
- Analyze how recent attacks function from a hands-on perspective so that incident handlers can respond to them in their environment
- Understand how to prevent these attacks from occurring
- Evaluate how to detect attacks that bypass security controls
- Gain hands-on experience with the attacks and defenses during the capture the flag challenge
- A Sampling of Topics
- Advanced Google searches to find vulnerable systems
- Going beyond ARP cache poisoning and MAC flooding: new layer-2 attacks
- IPS fingerprinting and locating, as well as the possibility of IPS/IDS kill packets
- Browser exploitation through scripting and how it can lead to undermining an enterprise's infrastructure
- Recent bot functionality and how to counter it, including the evolution of bot command-and-control, business models, and technical functionality
- The latest rootkits, burrowing into firmware and virtual machines
- The evolving spyware menace, and methodologies for thwarting it by leveraging infrastructure components such as DNS, web proxies, and Active Directory
- Virtual machine attacks, including detection and the possibility of escaping from the Matrix into a host machine
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy