World-class instructors teaching today's, critical cyber skills - SANS Online Training


To attend this webcast, login to your SANS Account or create your Account.

Active Defense Harbinger Distribution - Defense is Cool Again

  • Monday, February 18, 2013 at 2:00 PM EST (2013-02-18 19:00:00 UTC)
  • John Strand, Paul Asadoorian


  • Fortinet, Inc.

You can now attend the webcast using your mobile device!



After weeks of what we can only describe as a labor of love, the Active Defense Harbinger Distrobution (ADHD) has been released. This is a full live environment with all of the best Active Defense tools we could find included.

You can find the disto here:

In this webcast we will cover the best tools on the distribution. We will cover more legal issues in Active Defense and hacking back. All attendees get a full walkthrough of Active Defense Tools ranging from Annoyance, Attribution and Attack.

Below are just some of the cool things we will cover:

  • Callback Word documents
  • Nova for easy honeypot deployment
  • Honeybadger to geolocate attackers
  • Honeyports
  • Infinitely recursive web directories
  • And more.

The best part? You can follow along. Because now, we have a Active Defense Live distro to share ideas and improve security beyond simple IDS/IPS and AV strategies.

Webcast sponsored by SANS SEC464: Hacker Guard vLive! class delivered by John Strand on Tuesday and Wednesday, April 23 - 24

To Download a copy of Fortinet's 2013 Cybercrime report, go to

Speaker Bios

Paul Asadoorian

Paul Asadoorian GCIA, GCIH, Founder & Chief Executive Officer Paul Asadoorian has over 5 years experience working in the information security field. His work experience covers both major corporations and academic institutions. He currently holds two GIAC (Global Information Assurance Certification) certifications in intrusion detection (GCIA, GIAC Certified Intrusion Analyst) and incident response (GCIH, GIAC Certified Incident Handler). Paul also sits on the GCIA advisory board, has spent one year as a GCIA authorized grader, and continues to stay involved in the SANS (SysAdmin, Audit, Network, Security) Institute. His research has appeared in the book Network Intrusion Detection, 3rd edition, and also in the SANS Reading Room web site. Paul has presented for numerous organizations and conferences, including MIT Security Camp, and ISACA (Information Systems Audit and Control Association). Paul graduated from Bryant College with a bachelor of science in Computer Information Systems.

John Strand

John Strand is a senior instructor with the SANS Institute. He teaches SEC504: Hacker Techniques, Exploits, and Incident Handling; SEC560: Network Penetration Testing and Ethical Hacking; SEC580: Metasploit Kung Fu for Enterprise Pen Testing; and SEC464: Hacker Guard: Security Baseline Training for IT Administrators and Operations with Continuing Education. John is the course author for SEC464: Hacker Guard: Security Baseline Training for IT Administrators and Operations with Continuing Education and the co-author for SEC580: Metasploit Kung Fu for Enterprise Pen Testing. When not teaching for SANS, John co-hosts PaulDotCom Security Weekly, the world's largest computer security podcast. He also is also the owner of Black Hills Information Security, specializing in penetration testing and security architecture services. He has presented for the FBI, NASA, the NSA, and at DefCon. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.