Past Meeting - September 18, 2003
Learn about Hacking 2003: Beyond Viruses and Trojan Horses
Thursday, September 18, 2003
6:30 P.M. - 8:00 P.M.
Sun Microsystems
Sun Building SAN09
2nd Floor, "Whales" Conference Rooms
9525 Towne Centre Drive
San Diego, CA 92121
SUMMARY
After the usual networking, announcements, and door prizes (including a $1000 pass to the upcoming USENIX conference), Dr. Berghel gave a riveting 90 minute talk on what bad things can happen to unprotected computers.
He started by showing how easy it is to crack a WiFi network ... with a Pringles can, a WiFi sniffer, and a standard issue automobile, he was able to map a dozen networks, including their SSIDs, MAC addresses valid on the networks, and so on. Bottom line: all WiFi networks are easy targets -- either use VPNs or lose your data.
We were also treated to a barrage of methods of compromising our connected machines, including port scans, network mapping, viruses, and Trojan horses. and so on. Bottom line: the Internet is not safe, there are plenty of scary people out there making names for themselves, and the opportunities for mischief are seemingly infinite.
Dr. Berghel left us with numerous URLs:
tools to find out all about you
interesting web resources
useful CGI scripts
Dr. Berghel's mountain of articlesABSTRACT
The same Internet that provides us with access to enormous repositories of information, sustains e-commerce, and provides global interactivity, also exposes us to a wide range of vulnerabilities. This talk will discuss such vulnerabilities from basic Internet reconnaissance (e.g., Whois, NSLookup) to the more advanced tactics involving Web-based Hacking Support Sites, War Dialing, War Driving, Port Scanners, packet sniffers, pseudo proxy servers, network mapping and OS fingerprinting, to name but a few). Illustrations of such reconnaissance will be given.
In addition, several categories of exploits will be discussed and illustrated, including, but not limited to, packet crafting, packet sniffing, packet fragmentation attacks, SYN floods, ACK storms, DOS and DDOS attacks, buffer overflows, ping wars and packet storms.
PRESENTER BIO:
Dr. Berghel is currently Professor and Chair of Computer Science at the University of Nevada at Las Vegas. He has held a variety of research and administrative positions in industry and academia during his twenty-five year career in computing. His current research focuses on Internet and Web technologies, interactive and participatory computing environments, including the design of virtual communities, and electronic information management. His research work appears frequently in a variety of scientific and technical venues, and his columns, editorials, and articles appear regularly in such publications as Computer, the Communications of the ACM, and Networker.
Berghel chairs the ACM Technology Outreach Program and Electronic Communities Committees, and serves on the ACM Publications Board as well as Vice Chair of the ACM Member Activities Board. Berghel also publishes extensively on cyberspace in a wide variety of scholarly publications, and has designed or developed countless interactive Websites for applications as diverse as the World Wide Web Test Pattern, networked gaming, digital ballot boxes, interactive CGI programming support, digital publications, the ACM's Web-based Graduate Assistantship Directory, and the new ACM Interactive Timeline of Computing Website, to name but a few.
Berghel has been selected as ACM Outstanding Lecturer of the Year three times (1996, 1997 and 1998), and has also been twice selected as an IEEE Distinguished Visitor on behalf of the IEEE Computer Society (1995-8 and 1998-2001). His many awards and recognition's include the 1996 ACM Distinguished Service Award and induction as both Fellow of the ACM and Fellow of the IEEE.
Dr. Berghel has published articles on hacking and computer security in the Communications of the ACM magazine, and another of his articles will be published in the December issue. called, "August, 2003: SoBig, W32/Blaster and Malware Month of the Millenium."
