punkwalrus (punkwalrus) wrote,

Security - ToorCon: Toronto computer security conference

I am reading about some of these conferences because I plan on going to Shmoocon in February. I have gotten a lot of people interested in this con, and I hope to start gathering people who will actually go. I got my badge hash in the mail, and my tee-shirt is supposedly on its way (benefits of signing up early). Here's kind of review of ToorCon:


Choice quote:

On a "red vs. Blue" Hack-off competition: What is the craziest defense that Scott Kennedy has seen? In order to stop kernel exploits, one team actually deleted the OS kernel on their Sun box, which worked very well until they needed to reboot the machine. Servers don't boot too well when the kernel is missing. Clever! You could have a PXE as well, so that when it boots, it gets a script with adds the kernel, launches the OS, and then deletes it when it's done. Of course, if the hacker keeps rebooting the machine on you... or just puts in their OWN kernel to replace the empty space... There was also a clever mention of someone preventing a website hack that copied the website from a mounted CD-ROM via a cron job every few seconds. You can't hack the CD-ROM, and whatever changes you make to the website will be overwritten within seconds.
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded