2009s Focuses on Professional Hacking & Social Engineering  

If you are taking one of our training courses, then the Ethical Hacking Conference is included in the price of your class. If not, you may purchase a Conference Only Ticket for Just $100. Only 200 Conference Only Tickets are being made available, so get yours NOW!! 

ChicagoCon 2009s will feature security-focused boot camps, exams on-site followed by a two-day ethical hacking conference. Learn from the pros and network with peers in order to advance your InfoSec career. Here's the schedule in a nutshell:

Friday May 8

2:00 PM - Keynote: Raffael Marty, Chief Security Strategist for Splunk
3:00 PM - Ryan Jones, Lares Consulting
4:00 PM - Tim Rosenberg, White Wolf Security
5:00 PM - Pizza Party
6:00 PM - CtF Sponsored by Core Security

Saturday May 9

9:00 AM - Keynote: Dr. Marc Rogers, Cyber Forensics Program at Purdue
10:00 AM - Chris Gates (CG) & Vince Marvelli (g0ne), Full Scope Security
11:00 AM - Craig Heffner & Derek Yap, SourceSec Research Group
12:00 Noon - Ryan Linn & Brian Wilson, The Ethical Hacker Network
1:00 PM - Lunch
2:00 PM - 5:00 PM - Exotic Liability Live!
6:00 PM - Closing

And the Extra-Curriculars...

• Workshop: Hacking the Web 2.0 with HP's Rafal Los (Starts at 2:30 on Sat)
• "The Doctor Is In" Career Counseling with Mike Murray (All Day Sat)
• "Lock Picking 101" with Defcon Veteran Karen Maeda (All Day Sat)
• Evening Entertainment

Attendee Bags Provided by Symantec

Thursday May 7 - Check-In at MicroTrain 6:00 PM - 8:00 PM
Friday May 8 - Check-In at MicroTrain Starting at 11:00 AM

Friday May 8 - Keynote 2:00 PM

Raffael Marty
Chief Security Strategist, Splunk

Measuring Risk For Fun And Profit

Risk management is an often talked about topic. However, very few organization have concrete, measurable programs in place to quantify risk. Why is this? Are we just not ready yet to implement risk management practices? Why is the debate still raging on measuring security in order to quantify risk? There are two main reasons: data, and knowledge. Companies simply cannot get to the data they need to define working metrics and in turn, risk cannot be quantified. Without the data, knowledge has not been built up, research and models have not been developed, and quantitative risk management is almost nonexistent. I am going to explore the data management problem and introduce the concept of a maturity scale, which will show a way towards actionable risk management programs.

As chief security strategist and director of application product management, Raffy Marty is customer advocate and guardian - expert on all things security and log analysis at Splunk. Starting with IBM Research and Price Waterhouse Coopers Consulting, then ArcSight and Splunk, Raffy has been in the log management and analysis world for many years. He has built numerous log analysis systems and implemented use- cases for hundreds of customers that deal with log management challenges on a daily basis. Currently he uses his skills in data visualization, log management, intrusion detection, and compliance to solve problems and create solutions for Splunk customers. Fully immersed in industry initiatives, standards efforts and activities, Raffy lives and breathes security and visualization. His passion for visualization is evident in the many presentations he gives at conferences around the world and his book: "Applied Security Visualization". In addition, Raffy is the author of AfterGlow, founder of the security visualization portal http://secviz.org, and contributing author to a number of books on security and visualization.

Friday May 8 - 3:00 PM

Chris Nickerson, CEO
Lares Consulting

Red Team Basic Training

You've had your penetration tests on your network and applications. But what's next? What assessment will show the TRUE risk to your company's lifeblood? This presentation will describe Red Team testing, which drives out true risk using techniques such as social engineering, lock picking, phishing, and hacking. This topic will discuss the methodology of these tests and show that there is more to being secure than compliance, "check box" auditing, and vulnerability scans.

Chris Nickerson, CEO of Lares Consulting, is a CISSP whose main area of expertise is focused on information security in order to help companies better defend and protect their critical data and key information systems. He has created a unique process to assess, implement, and manage information security strategy, architecture, policies, and procedures in the real world. Chris leads a team of security consultants who conduct Security Risk Assessments, which can cover everything from penetration testing and vulnerability assessments, to policy design, computer forensics, and regulatory compliance. Chris's prior experiences include Developing and managing the Security Services practice at Alternative Technology, Chris was a Sr. Auditor for SOX compliance at KPMG, Chief Security Architect at Sprint Corporate Security, and developed an enterprise security design as network engineer for an international law firm. Chris also served in the U.S Navy. Chris is a member of OWASP, ISACA Denver and is also a featured member of TruTV's Tiger Team, a 30 minute reality television program showing the activities of actual penetration tests and active assessments.

Friday May 8 - 4:00 PM

Tim Rosenberg
President & CEO, White Wolf Security

The Hacker Metaverse: A Permanent Online Lab for InfoSec Training and Cyber Exercises

For the last year, White Wolf Security has been building an online lab to facilitate information security training and cyber exercises. This lab, open to the public, will be providing content and lab exercises in a permanent, 24/7 online environment. Tim will discuss the overall design and features of the metaverse and discuss captured data, and future plans. An information security specialist with a strong legal background, Tim is presently responsible for developing and delivering high impact Information Security courses and cyber exercises tailored for his clients. As President, and CEO, of White Wolf Security, Tim leads the company in its development of advanced cyber exercises. These exercises consist of real-time computer network attack and defend scenarios. In 2008, White Wolf Security was the first to integrate VoIP and SCADA into its exercises.

Tim Rosenberg has presented material at a variety of international conferences including: RSA 2002, 2003, and 2005, InfowarCon, the American Bar Association's Annual Conference, NW3C Economic Crime Summit, the FBI National Academy at Quantico, Air Force's Information Warfare Conference and several Electronic Crime Task Forces. Tim has also been a guest lecturer at the U.S. Military Academy at West Point, the Army War College Center for Strategic Leadership, and the Villanova University School of Law. Tim has been an Associate Research Professor at the George Washington University where he taught Information Warfare and Computer Security courses as well as being an Adjunct for Georgetown University's Security Studies Program. Tim and White Wolf Security's futures research includes presenting material and exercises to the Proteus Management Group(US), Proteus Canada, the Navy's Strategic Studies Group and the Cyber Conflict Studies Association.

Friday May 8 - 5:00 PM
Pizza Party

Friday May 8 - 6:00 PM - Until Tim Gets Tired!
Capture the Flag with Core IMPACT Pro and BackTrack 4 Beta

This two and a half hour event will provide ChicagoCon attendees with an opportunity to attack systems across a network. A variety of servers and desktops will be configured and placed on a network. Over the course of the event, participants will have to scan, identify and attack systems. Points will be awarded to attackers based on: 1) their ability to compromise the system and achieve execute privileges, 2) corrupt specific flags, 3) identify their compromise method. This will be held in a classroom stocked with computers and pre-loaded with everything needed for the contest. White Wolf Security's Tim Rosenberg will be on hand as your live instructor. Challenging for the experienced yet accessible to the beginner. Prizes will be awarded.

Friday May 8 - 7:00 PM
Video Entertainment in Auditorium (It's a surprise and may just be audience determined)

Additional Premium Sponsors

Saturday May 9 - Additional Check-In Starting at 8:00 AM

Saturday May 9 - Keynote 9:00 AM

Marcus K. Rogers, Ph.D., CISSP, CCCI
Director of the Cyber Forensics Program in the Dept. of Computer and Information Technology at Purdue University

The Evolution of Social Engineering: From Persuasion to Social Malware

The presentation will examine how social engineering (SE) in the InfoSec domain has developed in the past decade. The historical roots, present day context, and possible future manifestation of SE will be discussed. The talk will also look at how the synergy between malware, the new culture of social networks, anonymity and virtual trust relationships will influence the evolution of SE and what if anything can be done to mitigate SE's current and future impact.

Marc Rogers is a Professor, Faculty Scholar and a research faculty member at the Center for Education and Research in Information Assurance and Security (CERIAS). Dr. Rogers is a member of the quality assurance board for (ISC)2's SCCP designation, the International Chair of the Law, Regulations, Compliance and Investigation Domain of the Common Body of Knowledge (CBK) committee, Chair - Ethics Committee Digital & Multimedia Sciences Section - American Academy of Forensic Sciences, and Chair - Certification Committee Digital Forensics Certification Board. Dr. Rogers is the Editor-in-Chief of the Journal of Digital Forensic Practice and sits on the editorial board for several other professional journals. He is also a member of other various national and international committees focusing on digital forensic science and digital evidence. Dr. Rogers is the author of numerous book chapters, and journal publications in the field of digital forensics and applied psychological analysis. His research interests include applied cyber forensics, social engineering, psychological digital crime scene analysis, and cyber terrorism.

Saturday May 9 - 10:00 AM

Chris Gates (CG) & Vince Marvelli (g0ne)
Full Scope Security

Attacking Layer 8: Client Side Penetration Testing

Do you have good perimeter security keeping bad guys from coming in the front door? Unfortunately for you, there are other ways of gaining access. Specifically, having your untrained users browse to places they shouldn't, open emails they shouldn't, and downloading and executing things they shouldn't. This presentation will address some of those issues and and describe why and how to go about testing your environment for this very likely vulnerability. Client Sides are the new remote exploit. If you aren't allowing client side attacks during your vulnerability assessments or penetration tests your are ignoring a huge attack vector and the current attack method. You are also failing to exercise your internal and host based exploitation countermeasures (HIDS/HIPS), you ability to test and respond to client side attacks and internal attackers and missing a valuable opportunity for user awareness training. This talk will focus on justifying why you should be allowing client side penetration testing, giving penetration testers a basic methodology to conduct client side attacks during their penetration test, and give (mostly real-world) examples we used during client side penetration tests to go with our methodology.

Chris Gates (CG) - Founder Full Scope Security performing full scope penetration testing and security engineering. Previous jobs includes full scope penetration tester for one of the DoD Red Teams and Army Signal Officer spending gobs of time in layer 2 and layer 3 land. EthicalHacker.net columnist and security blogger.
http://carnal0wnage.blogspot.com

Vince Marvelli (g0ne) - Founder Full Scope Security performing full scope penetration testing and security engineering. Previous jobs includes full scope penetration tester for one of the DoD Red Teams, SOC architect and principal engineer, IDS architect and analyst, general IT security analyst and security blogger.
https://g0ne.wordpress.com

Saturday May 9 - 11:00 AM

Craig Heffner & Derek Yap
SourceSec Research Group

Hacking The Network Inside Out

Despite numerous known vulnerabilities, direct attacks against SOHO routers are largely ignored, either due to their percieved impracticality, or a lack of tools/skills. This talk will address the current state of security in SOHO routers, and how router vulnerabilities can provide outside attackers with access to the LAN that the router was designed to help protect. Router reconnaissance, as well as remote, WiFi, and physical attacks will be discussed, and several new tools will be released. Specific topics include: router fingerprinting tools & techniques, methods for hacking internal administrative interfaces from the Internet, cracking WPA/WPA2 encryption keys with HTML images, and how to build simple hardware backdoors for SOHO routers.

Craig Heffner and Derek Yap are security researchers and developers with the SourceSec Research Group. Their expertise covers a wide range of topics, from programming to reverse engineering, malware to Web hacking. They have released numerous vulnerabilities and white papers to the security community, and Craig a columnist at The Ethical Hacker Network. 

Saturday May 9 - 12:00 Noon

Ryan Linn & Brian Wilson
Columnists, The Ethical Hacker Network

Cain BeEF Hash: Snagging Passwords without Popping Boxes

Chaining exploits and abusing trust are two heavily discussed topics in security today. This presentation will talk about abusing both types of opportunities in order to show how hosts can be targeted and passwords can be retrieved without ever directly exploiting a machine. These attacks are not directly being used against the target and take approaches where exploitation may not be obvious or detectable, even by Intrusion Detection Systems or Anti-Virus Programs. Using BeEF, Metasploit, and a handful of other tools, we will explore the possibilities available, utilize some new tools that can be used to leverage these types of vulnerabilities, and we'll show you how to apply these tools in actual network pen tests. And it's not all talk... we will be doing a live demo of this attack!

Ryan Linn is currently an Information Security Engineer at SAS Institute. Employed in the computer industry since 1997, he has held positions ranging from web developer to Unix Systems Programmer at a large university to his current position in Information Security. Ryan has been responsible for working with large scale deployments of various flavors of *nix, high availability web and database clusters, as well as for application programming in high availability environments. In the past few years, Ryan has incorporated Windows security into his responsibilities, and is now part of the team responsible for information security globally in one of the largest privately held software companies in the world.

Brian Wilson, now of Cisco Systems, has over 14 years experience in IT starting with a tour in the United States Army. This Ethical Hacker Network Columnist has worked in and out of the US Government in many different organizations and technical roles including a stint as a Cisco Certified Instructor. Currently he works for an industry leading vendor supporting millions of customers of broadband & VoIP services (ISPs). He has attained a number of industry credentials covering many aspects of IT including CISSP, CCNA, CCSE, CCAI, MCP, JNCIA, Network+, Security+, and many DoD Certifications. He also uses his knowledge of IT to benefit a number of charitable organizations.

Lunch will be provided Hewlett-Packard

Saturday @ 1:00 PM!!

Lunch Provided by HP

Saturday Afternoon Extra-Curriculars

Saturday May 9 - 6:00 PM

Closing Remarks
Donald C. Donzal, ChicagoCon & The Ethical Hacker Network