l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 20: Web Application Hacking: How to Make and Break Security on the Web
Next Installfest:
TBD
Latest News:
Oct. 10: LUGOD Installfests coming again soon
Page last updated:
2010 Jun 04 08:29

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox] Fwd: SVLUG June 2nd meeting: Hijacking Web 2.0 Sites withSSLstrip and Slowloris]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox] Fwd: SVLUG June 2nd meeting: Hijacking Web 2.0 Sites withSSLstrip and Slowloris]



----- Forwarded message from Rick Moen <rick@linuxmafia.com> -----

Date: Wed, 2 Jun 2010 00:48:16 -0700
From: Rick Moen <rick@linuxmafia.com>
Subject: [svlug-announce] SVLUG June 2nd meeting: Hijacking Web 2.0 Sites
	with SSLstrip and	Slowloris
To: svlug-announce@lists.svlug.org

(This only feels like a Tuesday, on account of the holiday weekend.)


WHEN:

  Wednesday, June 2nd, 2010
  7pm-9pm


MAIN PRESENTATION

  TOPIC:
    Hijacking Web 2.0 Sites with SSLstrip and Slowloris

  PRESENTED BY:
    Sam Bowne 

  TOPIC SUMMARY:
    Many Web sites mix secure and insecure content on the same page,
    as does Facebook.  This makes it possible to steal all the data
    entered on such a page easily, using Moxie Marlinspike's SSLstrip
    tool.  Sam will explain and demonstrate this attack.

    Slowloris is a very new layer-7 denial-of-service attack created by
    RSnake that stops Apache Web servers completely, with very low
    bandwidth -- one packet every 2 seconds.  The Apache developers were
    notified of this vulnerability, and decided it was unimportant and
    not worth patching.  Sam will explain and demonstrate this attack,
    and discuss various ways to protect your Apache HTTPd servers.

    Complete instructions, so that anyone can easily set up both these
    attacks on their own machines, will be discussed.

  ABOUT THE PRESENTER:
    Sam Bowne has been teaching computer networking and security classes
    at City College of San Francisco since 2000.  He has given talks at
    DEFCON and Toorcon on ethical hacking, and taught classes and
    seminars at many other schools and teaching conferences.

    He has a B.S. in Physics from Edinboro University of Pennsylvania
    and a Ph.D. in Physics from University of Illinois,
    Urbana-Champaign.  His industry certifications are:  Certified
    Ethical Hacker, Microsoft: MCP, MCDST, MCTS: Vista; Network+, 
    Security+, Certified Fiber Optic Technician.


LOCATION:

  Symantec
  VCAFE Facility
  350 Ellis Street (near E. Middlefield Road)
  Mountain View, CA 94043

  Directions on how to get there are listed at:

    http://www.svlug.org/directions/veritas.php

  We've tried our very best for these directions to be accurate.
  If you have any improvements to make, please let SVLUG's volunteers know!
  webmaster at svlug.org

POST-MEETING GATHERING:

  If you just can't get enough, a smaller group usually goes to a local
  restaurant/diner after the meeting.  We'll announce the restaurant
  selection at the meeting.

We look forward to seeing you there!


_______________________________________________
svlug-announce mailing list
svlug-announce@lists.svlug.org
http://lists.svlug.org/lists/listinfo/svlug-announce

----- End forwarded message -----

-- 
-bill!
Sent from my computer
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!