Toorcon 2005 Slides Available
I’ve never been able to get to a Toorcon but from reading the Toorcon 2005 slides it seems they have a number of quality speakers. The three highlights from this years sessions seem to be Introducing the Bastille Hardening Assessment Tool by Jay Beale, How Big is that Foot in the Door by Foofus and Simple Nomads How Hackers Get Caught.
The intro to Bastille does both a good job of explaining why you should care about hardening, which includes some great quotes: The NSA’s Information Assurance Directorate evaluated a system locked-down following CIS’s Windows 2000 guide. 90 percent of all the vulnerabilities in this platform were mitigated by the guide. It also introduces some of the knowledge required to add your own Bastille checks.
Foofus’s talk is an ideas spring board and well worth a read. His slides show mapping out relationships between machines and how a single compromised password can bring down a large chunk of your infrastructure. I can’t wait for a canned tool, sysadmin friendly, that I can use for this.
Simple Nomads talk is less technically focused but more entertaining. He covers some of the back and forth of attacking and the stupid thing skiddies do. It’s worth a read and serves as an amusing refresher.