shmoocon – simple nomad and clarke

More Shmoocon 2007 presentations.

Hacker Potpourri – Simple Nomad.mp4 – Simple Nomad (old skewl) talks about some greylisting of spam mail, OS fingerprinting using PPTP, finding firewalling devices (using FIN flags, UDP port 0 packets, hop counting) and DVR hacking, but the real meat of this talk is about profiling IDS/IPS systems which starts at 32:45. You can use reverse-lookups to profile some IDS/IPS systems, the timing of reports, and whether admins are doing manual checks. Can fiddle with the DNS replies to profile the investigator some more. Abuse the signature sets to further narrow what IDS is in use or how they block things (vulnerability vs exploit). You can really do a lot of information gathering by knowing signatures for various IDS products and doing tests to see if your attacks are either blocked, allowed, or logged and then either manually or automatically investigated. Very cool.

Extend Your Code Into the Real World – Ryan Clarke.mp4 – I really dig Clarke’s enthusiasm and energy. I’d love to hang out with this guy and tinker with electronics and hardware on the weekends. His talk is a beginner blitz into hardware hacking. I consider this talk mandatory for any security or tech guys as Clarke really shows off where some things are going. Very exciting!

When it comes to computers and “hacking” and electronics, I can’t do everything despite my desires and best efforts, but for the things I’m not diving into at the time, I love talks like this because they can give me a nice taste of what I’m missing and keep me at a level that I could dive in if my life ever finds me in a place where I can do it (or have friends who do it that I can learn from).