Register now for SANS Cyber Defense Initiative 2016 and save $400.

Network Security 2012

Las Vegas, NV | Sun, Sep 16 - Mon, Sep 24, 2012

Malware Analysis Essentials using REMnux

  • Lenny Zeltser
  • Wednesday, September 19th, 7:15pm - 8:15pm

Though some tasks for analyzing Windows malware are best performed on Windows laboratory systems, there is a lot you can do on Linux with the help of free and powerful tools. REMnux is an Ubuntu distribution that incorporates many such utilities. This practical session presents some of the most useful REMnux tools. Lenny Zeltser, who teaches SANS' reverse-engineering malware course, will share how you can use the utilities installed on REMnux to:

  • Study network interactions of malicious programs
  • Analyze malicious websites and obfuscated JavaScript
  • Examine malicious PDF documents
  • Explore important aspects of suspicious Windows executables
  • Identify malware artifacts in memory snapshot files

If you haven't experimented with Linux-based tools for malware analysis, you've been missing out. And if you've been meaning to begin exploring the field of malware analysis, this talk will help you get started.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
Monday, September 17
Session Speaker Time Type
General Session - Welcome to SANS Dr. Eric Cole Monday, September 17th, 8:15am - 8:45am Special Events
Forescout Monday, September 17th, 12:30pm - 1:15pm Lunch and Learn
Infogressive/Fortinet Monday, September 17th, 12:30pm - 1:15pm Lunch and Learn
Fidelis Security Systems, Inc. Monday, September 17th, 12:30pm - 1:15pm Lunch and Learn
Tenable Network Security Monday, September 17th, 12:30pm - 1:15pm Lunch and Learn
The SANS360: The Security Crystal Ball Rob Lee, Moderator Monday, September 17th, 7:15pm - 8:30pm Special Events
GIAC Program Overview Jeff Frisk, GIAC Director Monday, September 17th, 8:30pm - 9:30pm Special Events
Tuesday, September 18
Session Speaker Time Type
Vendor Sponsored Lunch Session Tuesday, September 18th, 12:00pm - 1:30pm Vendor Event
Vendor Expo Tuesday, September 18th, 12:00pm - 1:30pm
Tuesday, September 18th, 5:00pm - 7:00pm
Vendor Event
Vendor Welcome Reception Tuesday, September 18th, 5:00pm - 7:00pm Vendor Event
Please Keep Your Brain Juice Off My Enigma: A True Story Ed Skoudis & Josh Wright Tuesday, September 18th, 6:45pm - 7:45pm SANS@Night
New Legal Methods for Collecting and Authenticating Cyber Investigation Evidence Ben Wright Tuesday, September 18th, 7:15pm - 8:15pm SANS@Night
Securing The Kids Lance Spitzner Tuesday, September 18th, 7:15pm - 8:15pm SANS@Night
Evolving Threats Paul Henry Tuesday, September 18th, 8:15pm - 9:15pm SANS@Night
Securing The Human Lance Spitzner Tuesday, September 18th, 8:15pm - 9:15pm SANS@Night
Gone in 60 Minutes David Hoelzer Tuesday, September 18th, 8:15pm - 9:15pm SANS@Night
Wednesday, September 19
Session Speaker Time Type
PhishMe Wednesday, September 19th, 12:30pm - 1:15pm Lunch and Learn
Open Mic Night Untrusted Input Wednesday, September 19th, 7:00pm - 11:00pm Special Events
Intrusion Detection is Dead Dr. Johannes Ullrich Wednesday, September 19th, 7:15pm - 8:15pm SANS@Night
Malware Analysis Essentials using REMnux Lenny Zeltser Wednesday, September 19th, 7:15pm - 8:15pm SANS@Night
SANS Technology Institute Master's Presentation Aron Warren Wednesday, September 19th, 7:15pm - 7:55pm Special Events
What's New in Windows 8 and Server 2012? Jason Fossen Wednesday, September 19th, 8:15pm - 9:15pm SANS@Night
Thursday, September 20
Session Speaker Time Type
Netwars Competition at SANS Network Security 2012 Ed Skoudis Thursday, September 20th, 6:30pm - 9:30pm Special Events
SANS Technology Institute Open House Dr. Ray Davidson, Professor of Practice Thursday, September 20th, 7:15pm - 8:15pm Special Events
Linux Forensics for Non-Linux Folks Hal Pomeranz Thursday, September 20th, 7:15pm - 8:15pm SANS@Night
Windows Exploratory Surgery with Process Hacker Jason Fossen Thursday, September 20th, 7:15pm - 8:45pm SANS@Night
Everything They Told Me About Security Was Wrong John Strand Thursday, September 20th, 8:15pm - 9:15pm SANS@Night
Ninja Assessments: Stealth Security Testing for Organizations Kevin Johnson Thursday, September 20th, 8:15pm - 9:15pm SANS@Night
Friday, September 21
Session Speaker Time Type
Netwars Competition at SANS Network Security 2012 Ed Skoudis Friday, September 21st, 6:30pm - 9:30pm Special Events
Practice - Practice - Practice Neal Bridges Friday, September 21st, 7:15pm - 8:15pm SANS@Night