James C. Foster and Vincent T. Liu: Catch Me If You Can:Exploiting Encase, Microsoft, Computer Associates, and the rest of the bunch.

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

Black Hat / CMP and Jeff Moss에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Black Hat / CMP and Jeff Moss 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.

18y ago 57:41

MP3•에피소드 홈

Don't get caught. Building off of Foster's log manipulation and bypassing forensics session at BlackHat Windows 2004, James C. Foster and Vincent T. Liu will share over eighteen months of continued private forensic research with the Black Hat audience including ground-breaking vulnerabilities and key weaknesses in some of the most popular tools used by forensic examiners including EnCase, CA eTrustAudit, and Microsoft ISA Server. Watch live demonstrations as Foster and Vinnie detail how to leverage these weaknesses to avoid being detected, and discover the theory and practice behind the most effective and cutting-edge anti-forensics techniques. Finally, learn how to turn a forensic analyst's training against himself by joining the speakers in a lively discussion of the "Top 10 Ways to Exploit a Forensic Examiner". This talk should be required viewing for all those on both sides of the fence, so come prepared to watch trusted forensics tools crumble. James C. Foster, Fellow, is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation. Foster is responsible for directing and managing the vision, technology, and operational design for CSC's global security services. Prior to joining CSC, Foster was the Director of Research and Development for Foundstone Inc (acquired by McAfee). and was responsible for all aspects of product, consulting, and corporate Rresearch and developmentD initiatives. Prior to joining Foundstone, Foster was a Senior Advisor and Research Scientist with Guardent Inc (acquired by Verisign) and an editor at Information Security Magazine(acquired by TechTarget Media), subsequent to working as an Information Security and Research Specialist for the Department of Defense. Foster's core competencies include high-tech management, international software development and expansion, web-based application security, cryptography, protocol analysis, and search algorithm technology. Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial and government cryptography implementations. Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, BlackHat, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been cited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist. Foster holds degrees in Business Administration, Software Engineering, and Management of Information Systems and has attended the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania's Wharton School of Business. Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include "Snort 2.0", "Snort 2.1" 2nd Edition, "Hacking Exposed" 4th Ed and 5th Ed, "Special Ops Security", "Anti-Hacker Toolkit" 2nd Ed, "Advanced Intrusion Detection", "Hacking the Code", "Anti-Spam Toolkit", "Programmer's Ultimate Security DeskRef", "Google for Penetration Testers", "Buffer Overflow Attacks", and "Sockets, Shellcode, Porting, and Coding". Vincent Liu is an IT security specialist at a Fortune 100 company where he is responsible for assessing the security of the enterprise network infrastructure and participating as a member of the global incident response team.Before moving to his current position, Vincent worked as a consultant with the Ernst and Young Advanced Security Center and as an analyst at the National Security Agency. His specialties include penetration testing, web application assessments, incident response, binary reverse engineering, and exploit development. Vincent holds a degree in Computer Science and Engineering from the University of Pennsylvania. While at Penn, Vincent taught courses on operating system implementation and C programming, and was involved with DARPA-funded research into advanced intrusion detection techniques. He is currently a contributor to the Metasploit project, and is a contributing author for Sockets, Shellcode, Porting, and Coding. Vincent has also studied at the University of Maryland and the University of Kentucky.>

61 에피소드