I have ideas for two new TaoSecurity classes for 2006. I'd like to hear what you think of both concepts. These classes are in the planning phase now, but I will be more confident of advancing their progress if I receive positive feedback. The first class is TCP/IP Weapons School. I plan at least four days of material. The idea behind TCP/IP Weapons School is to teach TCP/IP packet analysis, with a twist -- all traffic will be generated by network security reconnaissance, exploitation, and communications tools. (The name is related to the US Air Force Weapons School.) This course is for attendees closer to the beginning of their network security career. It will be a cool way to learn TCP/IP, without the boring aspects of a typical "fundamentals" class. I plan to cover the most popular protocols seen when performing network security monitoring, intrusion detection, and network forensics. As a class participant, you'll learn how to interpret network traffic -- but also understand how security tools look when seen on the wire. I will probably teach this course solo, and I hope to introduce at least part of it at USENIX 2006 and potentially USENIX Security 2006.
The second class is Network Stealth. I plan at least two days of material. The idea behind Network Stealth is to teach how to evade network access control and detection systems. This course is for attendees with intermediate knowledge of packet analysis, such as TCP/IP Weapons School graduates. The core of the class will be network-based; there may be some host-level issues if people find that interesting. I plan to cover evasion and insertion attacks, a wide variety of covert channels, timing and volume attacks, and related ways to make life tough for security analysts. As a class participant, you'll learn how attackers can bypass your IDS, IPS, firewall, and other security measures so you can better deal with those events. I am currently brainstorming with a very skilled security analyst who I expect to teach the course with me. I hope to introduce this course at Black Hat USA 2006.
So what do you think? Do these sound like interesting classes?
0 komentar:
Posting Komentar