Remember when networks represented interesting targets, when TCP/IP was itself a vector for messiness, when packet crafting was a required skill? In this thoroughly retro talk, we're going to play with systems the old fashioned way, cobbling together various interesting behaviors with the last few shreds of what low level networking has to offer. Here's a few things to expect:
DNS might show up, and applications are going to be poked at. But this will be an old style networking talk, through and through.
Dan Kaminsky is a well known security researcher. He formerly worked for Cisco , Avaya, and IOActive, where he was the Director of Penetration Testing. He is known among computer security experts for his work on DNS cache poisoning (AKA "The Kaminsky Bug"), and for showing that the Sony Rootkit had infected at least 568,200 computers and for his talks at the Black Hat Briefings. In June 2010, Dan released Interpolique, a beta framework for addressing injection attacks such as SQL Injection and Cross Site Scripting in a manner comfortable to developers. On June 16, 2010, Dan was named by ICANN as one of the Trusted Community Representatives for the DNSSEC root.