Northeast Ohio Information Security Forum

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday April 20, 2016
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Advanced Operating Systems & Their Offspring
by Nathaniel Alcock

The free descendants of Unix have developed a number of interesting technologies. OpenSSH, LibreSSL, Bhyve, Jails, Zones, ZFS, and DTrace are just a few of the tools forged in BSD and Illumos.
Nathaniel will provide a quick overview of what these communities.  Spending time talking about what these tools are, and how they canbe used outside of the systems they were designed in (ZFS in Linux, DTrace on Mac, etc.).

Nathaniel’s BIO:
Nathaniel Alcock is a web developer in Cleveland, Ohio. New to the area and NEOSIF, you can spot him talking functional programming, security, and weird tech.

Your Logs Are Talking… But Are You Listening?
by Mick Douglas from Binary Defense

Many folks don’t realize what a wealth of information log sources can be.  Learn some tricks to quickly squeeze maximum value out of your best kept secrets… your logs!

Don’t Forget to Lock the Back Door!
A Characterization of IPv6 Network SecurityPolicy
by: Mark Allman

There is growing operational awareness of the challenges in securely operating IPv6 networks. Through a measurement study of 520,000 dual-stack servers and 25,000 dual-stack routers, we examine the extent to which security policy codified in IPv4 has also been deployed in IPv6. We find several high-value target applications with a comparatively open security policy in IPv6 including: (i) SSH, Telnet, SNMP, are more than twice as open in IPv6 as they are in IPv4, (ii) nearly half of routers with BGP open, were only open in IPv6, (iii) in the server dataset, SMB was twice as open in IPv6 as in IPv4. We conduct a detailed study of where port blocking policy is being applied and find that protocol openness discrepancies are consistent within network boundaries, suggesting a systemic failure in organizations to deploy consistent security policy. We successfully communicate our findings with ten different network operators and all ten confirm that the relative openness was unintentional. Eight of the ten immediately deployed a congruent IPv6 security policy, reflecting real operational concern. Finally, we revisit the belief that the security impact of this comparative openness in IPv6 is mitigated by the infeasibility of IPv6 network-wide scanning\textemdash we find that, for both of our datasets, host addressing practices make discovering these high-value hosts feasible by scanning alone. To help operators accurately measure their own IPv6 security posture, we make our scanning system publicly available.

Mark’s Bio:
Mark Allman is a senior scientist with the International Computer Science Institute (ICSI) and adjunct faculty in EECS at Case Western Reserve University.  His current research work is in the areas network architecture, security, transport protocols, congestion control and network measurement.  Prior to his appointment at ICSI, he conducted research on internetworking in satellite networks for BBN Technologies at NASA’s Glenn Research Center.  His professional activities include chairing and serving on numerous conference steering and program committees, as well as numerous leadership roles within the Internet Engineering Task Force.  He is a member of the ACM and holds B.S. and M.S. degrees in computer science from Ohio University.

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday March 16, 2016
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Tool Time and Latest Trends in INFOSEC
by David Kennedy from Binary Defense

Today’s NEOISF meeting, Dave, will be going through crackmapexec – a tool for WMI post exploitation and how effective it is for traditional pentesting. Additionally, he will be running through the latest trends in INFOSEC and what’s happening in the news.

Dave’s BIO:
Giver of hugs.

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday February 17, 2016
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Python: Journey into Mastery (We’ll Do It Live!)
by Charles Yost from Binary Defense

A 45 minute overview, starting with basic project layout and editor selection and finishing with a live programming demo. Targeted towards non-programmers who want to learn the basics of Python in order to utilize it for daily tasks. Other resource for continued learning will be covered as well.

Charles’s, BIO:
Charles Yost is currently a Security Developer at Binary Defense Systems. He has worked in the IT industry for over 10 years in a wide variety of roles including: Printer Technician, VoIP Systems Administrator, .Net Developer, and Web Developer. Throughout his life his number one passion is learning new skills. He can often be found researching and learning, attempting to keep up with the quickly evolving field of technology. Charles enjoys teaching and talking to others about technology and it’s many uses. He is a member of NEOISF, and attends as many InfoSec conferences as he can justify with his wife.

The DDoS War Story
By Jeremy Mio

Jeremy’s Bio”
Jeremy Mio currently works at Cuyahoga County of Ohio directing the Security and Research Department responsible for informational and physical security systems for all County agencies, Boards, Jails, and regionalized municipalities and systems. Jeremy is also co-founder of CodeRed LLC where he is the Principal Cyber Security Consultant. He has been on the Northeast Ohio InfraGard executive board and currently IT Sector Chief.  He also serves as Co-Chair for workgroups within the Center of Internet Security and works on various threat data projects for various entities.  He previously worked in the Fortune 500 space within Risk Management and Security focusing on Identity and Access Management. He presents at various conferences addressing cyber security threats in local government and participates in other local/nation security organizations such as the IACSP, OTOA, CCDC, NEOISF, ISC2, ClevelSec, BSides, FBI Citizens Academy,  CSOXchange​, Ohio Cyber Day, and the Ohio Information Security Summit.  On his spare time he enjoys conducting research on Drone capabilities within the evolution of security convergence, working as a tactical weapons instructor, and scuba diving.

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday January 20, 2016
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Port Scanning the Hermit Kingdom: Or What NMAP Can Teach Us About Geopolitics
by Thomas Pieragastini

This talk will center on a project that has been active since July, which involves attempting to understand internal North Korean conditions through the use of nmap, and the scanning of the entire North Korean IP range. In the process of undertaking this project not only was some interesting information gathered about North Korean internal political practices, postures and responses to crisis, but also a significant amount was learned about port scanning hostile and well defended networks, as well as learning a little bit about code on the side.  In this presentation the lessons learned and the challenges encountered will be reviewed within the wider discussion of the importance of the use of technical tools to understand the world outside of the technical realm.

Thomas’s bio:
Thomas Pieragastini currently works in threat intelligence, a background in independent security research, surveillance and security studies and holds a PhD in Philosophy.  Coming from academic studies in geopolitical dynamics and political theory he developed an interest in the technical realm, eventually transitioning into working in infosec full time, and developing an obsession with all things offensive security related.

History of WRT and Wireless Mesh protocols
by Alex Kot

This talk will go over the history of WRT firmware and the vast amount of projects created from the open source contributors.  I will also mention other router firmware projects (Non-WRT).  After that I will go into the history of MANET (Wireless Mesh protocols).  I will mention the various development the open source community provided to modern routing.

Alex’s bio:
Currently works at a Credit Union and has been in information technology for about 10 years.  He is fond of modifying embedded devices, low level concepts, and weird science.

Don’t forget to come early, starting at 6:00 PM, for food and soda.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –