Objectives About Us Sponsors News Past Events Contact Us
Login G-TEC CC Mirror Forums Links

 

 

SIG^2 Event: An Evening with SyScAN Speakers, SIG^2 Internet Weather Forecast Centre && HITBSecConf 2004 CtF Experience Sharing

Thanks to Steven, Eugene and Rick, and even more thanks to our invited syScAN speakers for an entertaining event, specially to: Philippe Biondi, The Grugq, Anthony Zboralski, S.K. Chong, Dug Song, Kamal Hilmi Othman, Yann Berthier, and Nicolas Fischbach,

 

Downloads
Photos!
Presentation 1
Presentation 2

Presentation 1

Title: The SIG^2 Internet Weather Forecast Centre cum Honeynet Project
Presenter: Steven Sim Kok Leong

Abstract
SIG^2 has embarked on one of her most ambitious projects - to do a long-term study on Honeynet and to setup an Internet Weather Forecast Centre. The first call for participation came in the AGM on 25 July 2003. However the project really only started after the inauguration of the SIG^2 G-TEC Security Test Lab in mid-2004. Recently, the project was accepted into the Honeynet Alliance.

The objectives of this project is not only to deploy honeynets country-wide as sensors to our Internet Weather Forecast Centre where early warnings on security threats can be disseminated quickly to our members but also to study blackhat behaviors and trends as well as contribute new honeynet techniques that can help to implement both passive and proactive security defences to the local community.

Biodata of speaker
Steven is the Principal Investigator and Team Lead of the SIG^2 G-TEC Internet Weather Forecast Centre cum Honeynet Project team. He is also a member of the ITSC NSSWG (Network Security Standards Working Group) and an advisory member at the SANS GCFW advisory board.

 
Presentation 2

Title: HITBSecConf 2004 CtF: Attack and Defence
Presenter: Eugene Teo and Rick Zhong

Abstract
HITBSecConf's Capture the Flag (CtF) game is one of the security hacking games in Asia that is worth waiting for. This year's CtF had rules that were very different from last year's game. This time round, the game focused on both attack and defence, and the reference distributions preinstalled were current release versions. We hope to describe our experience surviving the HITBSecConf 2004 CtF game, and share some of our lessons learnt.

Biodata of speaker
Eugene is the Principal Investigator of the SIG^2 G-TEC Capture the Flag team, and Deputy Principal Investigator of the SIG^2 G-TEC Internet Weather Forecast Centre (IWFC). He previously sat on the Executive Committee of SIG^2 1st Elected Committee. He enjoys playing Capture the Flag game, and was in a team that won a couple of CtF games from BlackOPS HackAttack Challenge 2004 and HITBSecConf 2004.

Rick is the Deputy Principal Investigator of the SIG^2 G-TEC Capture the Flag team. He was a part-time FreeBSD administrator and actively involved in a number of IT security-related research projects during university days. He has a keen interest in new technologies and enjoys the exploring process. His latest achievement includes representing SIG2 as part of the Red Puffer CtF team and coming in as the first runner-up in HITBSecConf 2004 CtF.

 
Who is Philippe Biondi?

Philippe Biondi is a security expert and a security consultant working for EADS/CRC in France. He is member of the French Honeynet Project. He was co-author of LIDS (http://www.lids.org). He is the author of Scapy (http://www.secdev.org/projects/scapy) and Shellforge (http://www.secdev.org/projects/shellforge) and a lot of other tools (http://www.secdev.org/). He wrote several article for MISC, a French security magazine.

 
Who is The Grugq?

The Grugq has been researching anti-forensics for almost 5 years. Grugq has worked to secure the networks and hosts of global corporations, and he's also worked for security consulting companies. His work as a security consultant was cut short by the publication of an article on anti-forensics. Currently, he slaves for a start-up, designing and writing IPS software. Grugq has presented to the UK's largest forensic practitioner group where he scared the police. In his spare time, Grugq likes to drink and rant.

 
Who is Dug Song?

Dug Song is Principal Security Architect at Arbor Networks, where he is responsible for the research and development of Arbor's network security products deployed at Tier 1 service provider, Fortune 100 enterprise, and government and defense networks around the world.

Before joining Arbor, Dug was a Research Scientist at the University of Michigan's Center for Information Technology Integration, where his work focused on distributed file systems, security middleware, and network auditing and penetration techniques. Previously, he was Senior Security Engineer at Anzen Computing, where he led the development of a network anomaly detection system, and consulted for various Fortune 100, government, and defense clients.

Dug is the author of several popular network penetration-testing tools, and a contributor to other open-source security software projects. He is also a founding member of monkey.org, an international online monkey cult.

 
Who is S.K. Chong?

SK is Co-Founder and (in)Security Consultant of SCAN Associates. Hacking into banks, ISP, military and government sectors is part of his job. He wrote a few security whitepapers on how to break network with SQL Injection, Buffer Overflow, Shellcode and stuff, including one of which published in Phrack E-zine #62. His presentation was heard in Blackhat (Singapore) 2003, RuxC0n2004 (Australia), XCon2004 (China) and HITBSecConf2004 (KL). He enjoys playing Capture the Flag game, and was in a team that won several CtF games from HITB2002 and Blackhat Asia 2003.

 
Who is Anthony Zboralski aka gaius?

Anthony Zboralski leads Bellua Asia Pacific, an Information Security consulting company based In Jakarta, Indonesia. He has more than 9 years of experience performing penetration tests, assessments, forensics and related services for some of the largest banks in Asia and a dozen Fortune 500 companies including Aerospatiale, Air France, Allianz, AXA, Electricite de France, Lagardere-Matra...

Also known as "gaius", cofounder of the Hacker Emergency Response Team (hert.org); Anthony got involved into security & hacking back in 1989 (x25, social eng., etc.)

 
Who is Kamal Hilmi Othman?

Kamal Hilmi Othman is currently a systems engineer at NISER, focusing in the areas of perimeter defense, detection and intrusion analysis. He was previously a lecturer at a local Malaysian college; however, he now prefers to sit in as guest speaker for 'information security' classes at local Universities instead. His talk was heard at cansecwest/core04/LT, USENIX04/UseBSD and HITB04 beside many other local events and workshops. He is also an active member of the HITB Conference Organizing Committee.

 
Who is Yann Berthier?

Yann is a network security consultant working for HSC, a french consulting agency. The need to dig through big amounts of network traces during forensic analysis led him to look at the tools used for years by the network community. His interest for NetFlow applications has not diminished since then. He his a member of the French Honeynet Project http://honeynet.rstack.org where he has also the opportunity to do network forensics.

 
Who is Nicolas Fischbach?

Nicolas is a senior manager - IP Engineering/Security, working for COLT Telecom. He is the co-founder of the French Honeynet Project http://honeynet.rstack.org.

 
Acknowledgements
Thanks to our sponsor, IDA for providing the venue for this event.

For your info, the SyScAN 2004 conference will be held in Singapore from 16-17 Dec 2004. For more details, visit their website.

 
CPE
Please note that members who are SSCP/CISSP can accrue CPE credits by attending this event.

Created: 11/12/2004
webmaster@security.org.sg