NEWS FROM THE LAB - Friday, July 29, 2005

Black Hat 2005, Day 2 Posted by Ero @ 03:42 GMT

More interesting presentations today. Among the ones I had the chance to check were:

Stopping Injection Attacks Using Computational Theory was fairly interesting showing strong techniques to prevent this typical kind of attacks for which traditional regexp techniques prove insufficient to stop.

Google Hacking for Penetration Testers did live up to the expectations of a completely packed conference room. Johnny Long showed hilarious and scary examples of what's possible to come up with by properly data mining what's probably the largest database of public information (and some which should definitely be not so public...)

Beyond Ethereal: Crafting a Tivo For Security showed new visual tools for analysis of network data. With several types of visualizations certain patterns become obvious and it was possible to spot abnormal activity from large amounts of data by just browsing through it. Very interesting tools and methods with a huge potential for further development.

Other talks were on the effectiveness of the NX protection some processors will soon incorporate to prevent certain attacks relying on writing to memory which should not be accessible; as usual, not a complete solution but might mitigate some problems if implemented correctly. And another on routing in anonymous P2P networks.

So Black Hat has just ended. It has been two days of lots of interesting talks and tomorrow DEFCON starts...