Thursday, 24 October 2013

DeepSEC - Effective IDS/IPS Auditing And Testing With Finux

DeepSEC - Effective IDS/IPS Auditing And Testing With Finux – Arron 'f1nux' Finnon

There comes a time in your life when you have to walk the walk! As a public speaker, I’ve done my share of talking the talk, and those that know me, know I have recently been conducting a lot of small training courses and workshops on effective NIDS/NIPS auditing and testing.

Truth be told, I’ve been doing this for two reasons. The first reason, is no matter how much I talk about this issue, nothing is going to help people more than sitting down and working with them. The second reason I’ve been on the road so much is getting myself in shape for DeepSEC training. Now, if you have to ask why getting myself fighting fit for DeepSEC is so important to me then you've either not been to the conference, or frankly you have no idea what on earth you're talking about.

I've always had a great love and respect for the crew of DeepSEC, and I have never hid that. I've been to a lot of conferences and frankly a lot of conferences like to boast about being the best in Europe, DeepSEC doesn't need to boast! I believe DeepSEC to be the best full-stop! The lack of egotistical babel; the beautiful city of Vienna; the amazing speakers and trainers; the warm and friendly family feeling you get there; and most importantly the crew that manages it, shows that bigging yourself up doesn't count for anything, doing it does!

So that being said, time to big up our training offering. So yes, of course ours is the best training offering ever! Of course you should hurry right now and purchase a ticket before they sell-out, in fact buy two or three, I mean every geek has at least one friend! Yeah, it will be biblical and we'll shove so much information into your brains that you'll be crying pcap files till new years day, blar, blar, blar. Seriously though, we have put together something special. Hand on my heart as I swear to God himself, we have taken everything we've learned about NIDS/NIPS testing and put together a course that will actually help. No silver bullets to be found here (we're based in Scotland, we sold the silver a very long time ago!), just what's needed to actually make a test of a NIDS/NIPS worthwhile. We cover everything in the Open Source Network Intrusion Framework (OSNIF) Top5, so NIDS/NIPS Evasion Techniques, False-Positive Issues, Protocol Ambiguities, Detection Rates, and Misconfiguration and Invisible Traffic Issues. We cover why sacrificial host testing with NIDS/NIPS has some serious flaws, and how to produce clean sample attack traffic to test attacks. However, we do have something very special indeed planned for the second day of training.

Now this part is where I get to be mean, I’m not actually going to tell you the actual details of the second day. All I’m going to say is we're going to take an issue that faces enterprise networks everyday, and we're going to analyse and build an effective defence against it. Now the details are interesting, and without doubt everyone there will learn a lot. However, more importantly we'll show attendees how easy it is to take a threat, no matter how big the hype is, and actually defend against it.

This training course will be of benefit to testers as well as defenders. Whilst I’m here, I’m going to put this out there too. This is the début of our OSNIF Top5 training in Europe, it hasn't been done here, it has never been done, EVER, with a two day practical defence module. We will be dropping a new open source project on the second day too. So buy your tickets now for DeepSEC, come do the training, and come see me and Gavin's talk whilst you’re there too.

Visit DeepSEC training pages for more information.