Black Hat Briefings and Training USA 2003

July 29 • Informal gathering at 18:00. Gather at the Registration Desk.
This is a great time to meet and network with friends, colleagues and the speakers.

Day 1 • July 30, 2003

07:00 - 08:00

Registration and Continental Breakfast: Fourth Floor Palace Tower Promenade

sponsored by

07:50 - 08:00

Introduction, Jeff Moss

08:00 - 08:50

Keynote: Philip R. Zimmermann, Creator, Pretty Good Privacy

08:50 - 09:00

Break

Application Security

Routing & Infrastructure

Policy, Law & Society

Panels

Firewalls, Access Control, Physical Security

Location & Times

Palace Ballroom 1

Emperor's Ballroom

Florentine Ballroom

Palace Ballroom 2

Palace Ballroom 3

09:00 - 10:15

Variations in Exploit Methods Between Linux and Windows

David Litchfield

IPsec: Opportunistic Encryption using DNSSEC

Paul Wouters

Running the Matrix

Curtis E.A. Karnow

A Proposed Process for Handling Vulnerability Information

Panel

Masquerades: Tricking Modern Authentication Systems

Rick Smith

10:15 - 10:30

Coffee Service: Fourth Floor Palace Tower Promenade

sponsored by

10:30 - 12:00

Advanced in ELF Runtime Binary Encryption - Shiva

Neel Mehta

Stack Black Ops

Dan Kaminsky

Modern Intrusion Practices

Gerardo Richarte

Hiring Trends In Information Security

Panel

Technical Security Countermeasures

Jeffrey Prusan

12:00 - 13:30

Lunch: Pavilion at Caesars

sponsored by

Luncheon: International Hacking: When The Cooperation is The Only Cure
Dario Forte, CFE, CISM, Security Advisor, European Electronic Crimes Task Force (EECTF)

13:30 - 14:45

Notes on Domino

Aldora Louw

Man In The Middle Attacks

Marco Valleri & Alberto Ornaghi

Criminal Copyright Infringement and Warez Trading

Eric Goldman

Adversary Characterization and Scoring Systems

Panel

Enterprise Security for Converging Technologies

Lee Sutterfield

14:45 -15:00

Break

15:00 - 16:30

Brute Forcing Terminal Server Logons with TSGrinder

Timothy Mullen and Ryan Russell

BGP Vulnerability Testing

Matthew Franz and Sean Convery

Introduction to Corporate Information Security Law

Andrea M. Matwyshyn

The Law of Vulnerabilities

Gerhard Eschelbeck

OSI Layer 1 Security

Michael D. Glasser

16:30 - 16:45

Coffee Service: Fourth Floor Palace Tower Promenade

sponsored by

16:45 - 18:00

Automated Detection of COM Vulnerabilities

Frederic Bret-Mounet

The Superworm Manifesto

Brandon Wiley

Lawful Interception of IP: the European Context

Jaya Baloo

Hacker Court

Part 1

Panel

Java Card 101

Bruce Potter

18:00 - 20:00

Hosted Gala Reception: Eat, Drink, Network and be Merry!
Location: Palace Tower Promenade

Reception sponsored by

Continuation of Hacker Court

BOOK SIGNING for "Stealing the Network: How to Own the Box". Ryan Russell, FX, Thor, Dan "Effugas" Kaminsky, Mark Burnett and Jeff Moss will be available to sign. The event will start at 18:00 and close at 18:30. A Limited number of books will be available for purchase from our official onsite bookseller, Breakpoint Books, during the USA 2002 Briefings.

Join in lively discussion with experts and peers who share the same interests in the "Four Corners" during the reception.

Day 2 • July 31, 2003

07:00 - 08:00

Continental Breakfast: Fourth Floor Palace Tower Promenade

sponsored by

Application Security

Incident Response & Computer Forensics

Core Services

Privacy & Anonymity

Intrusion Detection, Log Analysis

Location & Times

Palace Ballroom 1

Emperor's Ballroom

Palace Ballroom 2

Florentine Ballroom

Palace Ballroom 3

08:00 - 08:50

Keynote: Following the Money: Security Proxies and Agenda
Bruce Schneier, Founder and Chief Technical Officer, Counterpane Internet Security

08:50 - 09:00

Break

09:00 - 10:15

Click to Continue

Chris Paget

Latest Advances in Honeynet Technologies

The Honeynet Project

Security Issues with Fibre Channel Storage Networks (SANs)

Himanshu Dwivedi

Covering Your Tracks

Simple Nomad

Revolutionizing Operating System Fingerprinting

Ofir Arkin

10:15 - 10:30

Coffee Service: Fourth Floor Palace Tower Promenade

sponsored by

10:30 - 12:00

Locking Down Mac OS X

Jay Beale

Forensics With Linux 101

Chuck Willis

More (Vulnerable) Embedded Systems

Attacks on Anonymity Systems (Theory)

Len Sassaman & Roger Dingledine

Leave the Theory Behind and Embrace the Code

David Maynor

12:00 - 13:30

Lunch: Pavilion at Caesars

sponsored by

Luncheon: Building a Global Culture of Security
Marcus Sachs, P.E., Cyber Program Director, Information Analysis and Infrastructure Protection, US Department of Homeland Security

13:30 - 14:45

Java Decompilation and Application Security

Kevin Spett

Digital Information, User Tokens, Privacy and Forensics Investigations

Larry Leibrock

Putting The Tea Back Into CyberTerrorism

SensePost

Attacks on Anonymity Systems (Practice)

Len Sassaman & Roger Dingledine

SPIDeR

Patrick Miller

14:45 -15:00

Break

15:00 - 16:30

.NET from the Hacker's Perspective: Part 2

Drew Miller

Web Based Email Forensics

Thomas Akin

Hardening Windows CE

Josh Daymont

Identity: Economics, Security, and Terrorism

Adam Shostack

Advanced Windows 2000 Rootkits Detection

Jan K. Rutkowski

16:30 - 16:45

Coffee Service: Fourth Floor Palace Tower Promenade

sponsored by

16:45 - 18:00

Runtime Decompilation

Greg Hoglund

Honeypots

Lance Spitzner

Opensource Kernel Auditing/Exploitation

Silvio Cesare

The Law of 'Sploits

Jennifer Stisa Granick

HTTP Fingerprinting and Advanced Assessment Techniques

Saumil Shah

Note that this schedule is subject to change.

Wireless internet access is available during the show. Bring your 802.11b cards!

Attendees must wear badges at all times in the conference areas.
Badges and/or conference proceedings that are lost or reported stolen will incur a $500 replacement fee.

All attendees must be 18 years of age or older to be on the conference floor.
Professionally recorded audio and video will be available for purchase onsite from the Sound of Knowledge.