- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
select a course
Washington, DC - July 22 - 31, 2008
- Event Location & Info
- Faculty
- Vendor Expo
- General Info
Excellent conference I have a ton of stuff to bring back to my company and clients.
-John S. Macy, Network Design Associates
Special Events
SANSFIRE 2008 Keynotes
Registration "Popcorn" Reception
- Wednesday, July 23, 2008 * 5:00pm-7:00pm
- Convention Desk Foyer
Joint Podcast with pauldotcom and ISC
- Paul Asadoorian, Joel Esler, Johannes Ullrich, ISC Handlers
- Wednesday, July 23, 2008 * 8:00pm
Live joint podcast from PaulDotCom Security Weekly and the Internet Storm Center, with topics relating to the monthly Internet Threats.
Is Troy Burning? An analysis of targeted cyber attacks.
- Maarten Van Horenbeeck, SANS ISC
- Thursday, July 24, 2008 * 7:00pm
The use of trojans in targeted attacks has been known dating back to at least 2002. However, only since 2005 has their use and methodology become relatively widespread and better understood. Recently some of the more notorious attacks, especially those on governments, have been widely discussed in the media, but little technical information is available.
This presentation is based on private investigations of targeted attacks against various organizations, and provides a detailed view on the methodologies, both from a technical as a social engineering perspective, most popular in these attacks. In addition, it briefly touches on how effective today's protection mechanisms are and to what degree these attacks can be mitigated and detected.
Welcome To SANS Talk - General Session
- Dr. Eric Cole
- Thursday, July 24, 2008 * 8:15am-8:45am
SANS Technology Institute Brief
- Stephen Northcutt
- Saturday, July 26, 2008 * 7:00pm-8:00pm
DoD Directive 8570 Overview
- Eric Bassel
- Sunday, July 27, 2008 * 6:00pm-7:00pm
The overview will provide you with recent changes and additions to the Department of Defense Directive 8570. Learn how this directive affects you and your organization and learn practical tips on how other organizations are meeting this stringent requirement.
GIAC Brief
- Jeff Frisk
- Sunday, July 27, 2008 * 7:00pm-8:00pm
SANS Technology Institute Master of Science degree programs offer candidates an unparalleled opportunity to excel in the two aspects of security that are most important to the success of their employer and their own careers: management skills and technical mastery.
Over the next 20 years, information technology will become so central to all aspects of our lives, from recreation to warfare, that information security will rise in importance and scale. It will become a profession with more than 500,000, and perhaps 1,000,000 people employed in positions in which they have significant roles in shaping the security of their employers' systems. Those people need managers - technical directors and chief information security officers who are deeply skilled in the technology and who have excellent management skills.
If you aspire to help lead your organization's or your country's information security program, and you have the qualifications, organizational backing, and personal drive to excel in these challenging degree programs, we will welcome you into the program.
The following SANS Technology Institute (STI) master's students will be making the following presentations as part of their graduation requirements:
Creating a Remote Command Shell Using Default Windows Command Line Tools
- Kevin Bong
- Monday, July 28, 2008 * 6:30pm - 7:10pm
- Wilson A
You may think your windows machines are free of backdoors because your users cannot install any software and your antivirus tells you the systems are clean. This presentation will show how the default windows command line applications FTP.EXE and NSLOOKUP.EXE can be used to "shovel" a command shell from a Windows machine out to another host using FTP and DNS protocols. No malware or netcat needed, just a little creativity and you can turn a windows box into a zombie waiting to do its remote master's bidding.
Bio:
Kevin Bong is the Vice President of Network and Data Security for Johnson Financial Group. Kevin has a BS in Physics and Computer Science from Carroll College, WI, and has earned the GIAC GSE. Kevin is also an amateur astronomer, beekeeper, SANS community instructor, and a pretty neat Dad.
Security Awareness Training Using an Actual Incident
- Russell Meyer
- Monday, July 28, 2008 * 7:20pm-8:00pm
- Wilson A
Companies practice evacuations in case of fire, disaster recovery simulations, and testing of generators in case of power failure; so why not also practice security incident handling?
In this talk you will learn how information security awareness training can be delivered to IT staff like developers, management and helpdesk personnel. The staff will work in teams to investigate an actual compromised system recreated on a VMware image. Using this hands-on approach, the teams will examine the system, find the vulnerabilities, the hidden folders and files, and practice cleaning up the system and removing the vulnerabilities -- all the while documenting their findings and following the proper incident handling procedures. Attendees will learn how a hands-on approach in a lab setting can be an effective learning tool.
Bio:
Russell Meyer has over 15 years experience in compliance, network security, programming and project implementations. He holds several GIAC certifications as well as the CISSP, MCSE, MCNE. He is currently a SANS Technology Institute Master of Science degree candidate.
Finding Success with a SIM: Uncovering What You Need to Analyze
- Jim Voorhees
- Monday, July 28, 2008 * 8:10pm-8:50pm
- Wilson A
This briefing will show you how to use a SIM to help you find what matters. You'll see how the author used ArcSight Enterprise Security Manager (ESM) to find events that were of primary importance. Specifically, you will learn how he found violations of agency policy, misconfigurations, and even an unauthorized network. The incidents demonstrated the power of easy methods to get value out of a SIM. As part of the presentation you'll learn some of the uses and limitations of a SIM.
Bio:
Jim Voorhees, a candidate for the Master of Science Degree inInformation Security at SANS Technology Institute, is a security analyst forAdvanced Concepts, Inc. He has almost a decade of experience in information technology and has worked in information security since 2002. His experience with ArcSight began more than three years ago at the FBI. He is now making it work at the IRS. Jim holds multiple GIAC certifications.
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy