Detecting Compromised Hosts Using OHIDS
- Tom Webb
- Wednesday, October 16th, 8:15pm - 8:55pm
This presentation will cover the features of the new software Open Source Host Intrusion Detection System or OHIDS. The overall architecture and design is covered followed by a walkthrough of detecting a computer infected with malware.
Speaker Bio: Tom Webb has 13 years of experience in IT and 7 years dedicated to security. Tom has worked for state law enforcement and in the education sector. He is currently employed by a University as the security operations manager. His role includes leading a team that performs incident response and forensics investigations, penetration testing, and vulnerability management.
Tom has a B.S in Information Management from the University of South Carolina and is a candidate for the Masterās Degree in Information Security Engineering at SANS Technology Institute. He holds various certifications including: GREM, GXPN, GCIA, GCFA, and GCIH. Tom has contributed to the SANS forensic blog and the Internet Storm Center.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
|General Session - Welcome to SANS||Dr. Eric Cole||Monday, October 14th, 8:15am - 8:45am||Special Events|
|APT: It is Time to Act||Dr. Eric Cole||Monday, October 14th, 7:15pm - 9:15pm||Keynote|
|An Introduction to PowerShell for Security Assessments||James Tarala||Tuesday, October 15th, 7:15pm - 8:15pm||SANS@Night|
|The Security Impact of IPv6||Johannes Ullrich||Tuesday, October 15th, 8:15pm - 9:15pm||SANS@Night|
|Hacking as an Act of War||G. Mark Hardy||Wednesday, October 16th, 7:15pm - 8:15pm||SANS@Night|
|Introducing the CompTIA CASP Exam||Seth Misenar||Wednesday, October 16th, 8:15pm - 9:15pm||SANS@Night|
|Detecting Compromised Hosts Using OHIDS||Tom Webb||Wednesday, October 16th, 8:15pm - 8:55pm||Special Events|
|GIAC Program Overview||Dr. Eric Cole||Thursday, October 17th, 7:15pm - 7:45pm||Special Events|
|Tales from the Crypt: TrueCrypt Analysis||Hal Pomeranz, Deer Run Associates||Thursday, October 17th, 7:15pm - 8:15pm||SANS@Night|
|SANS Technology Institute Open House||Dr. Eric Cole||Thursday, October 17th, 7:45pm - 8:15pm||Special Events|