REGISTER HERE

Trainer: Meling Mudin (spoonfork)
Duration: 2-days
Cost: 150BD/USD400 (Early Bird) || 200BD/USD530 (Non Early Bird)

Title: Network Intrusion Detection Systems - NIDS
Abstract:

This course is a two-day intrusion detection course with emphasis on network intrusion detection. In this course, you will obtain valuable insights into network IDS, how they work, what they do and how they will play a vital role in your overall security infrastructure. To demonstrate this, you will be introduced to hackers and the tools of their trade. The journey then take you into the world of Snort, a popular network IDS. You will be doing hands-on exercises where you will use Snort to detect
attacks. You will also learn how to write Snort rules. The knowledge that you gain from this will help you to decide which NIDS is the best for your needs, how you will deploy and operate NIDS, and getting the most out of your IDS.

Workshop prerequisites

1. Knowledge in Linux Operating System. Participants are expected to know how to install and configure software in Linux.
2. TCP/IP and networking knowledge.

Target audience Network security administrators, system administrators, IT managers

Course Overview

1.0 Network Security, Hackers and Their Tools
1.1 Hackers and their tools
1.2 Defense-in-depth.
1.3 Hands on exercises: Using popular open-source hacking tools

2.0 Introduction to Intrusion Detection System
2.1 What is an IDS
2.2 Host-based IDS
2.3 Network-based IDS
2.4 Detection method
2.5 Usage of IDSs
2.6 Strengths and Weaknesses of IDS
2.7 Honeypot

3.0 Snort Network Intrusion Detection System
3.1 Introduction to Snort
3.2 Snort architecture, installation, configuration and operation
3.3 Hands on exercises: install, configure and run Snort

4.0 Snort Signature In-depth
4.1 Snort Signatures
4.2 Hands on exercises: writing Snort rules

5.0 Analyzing Snort Logs
5.1 Analyzing Snort Logs
5.2 Hands on exercises: perform attacks and analyze Snort output

6.0 Other IDSes
6.1 A look at some popular commercial and open-source IDS system

7.0 IDS Deployment
7.1 IDS deployment strategies
7.2 Issues and considerations

About Meling

Meling Mudin is a CTO of a start-up company focused on the development of correlation and event log management from various security devices. He was previously a security consultant and system architect at SCAN Associates, where he led the development of a security monitoring system for the Malaysian Government. He is also responsible for the annual HITBSecConf Capture the Flag game. Mr. Mudin also consults under Hack In The Box (M) Sdn. Bhd. In the past, he has worked as system administrator and programmer.

REGISTER HERE

Trainer: Jorge Sebastiao (ESGulf)
Duration: 2-days
Cost: 150BD/USD400 (Early Bird) || 200BD/USD530 (Non Early Bird)

Title:
Abstract:

REGISTER HERE

Trainer: Shreeraj Shah (Net-Square)
Duration: 2-days
Cost: 150BD/USD400 (Early Bird) || 200BD/USD530 (Non Early Bird)

Title: Web Applications: Attacks and Defense
Abstract: This course is an intense two-day journey into the innards of web application security. Brought to you by the authors of Web Hacking: Attacks and Defense, the class is based on case studies of real-life web applications riddled with security problems. Participants are given a hands-on experience in performing thorough application security reviews, as well as secure coding and application deployment techniques.

The course is based on a highly proven application testing methodology, encompassing black box and white box testing techniques, application security principles and practices, and real world examples.

During the course, the participants are introduced to a web application, which they have to secure by the end of the training class. The application lockdown exercise takes the participants through various concepts such as:

* Understanding application security issues
* Application testing methodologies
* Secure application deployment
* Secure coding techniques
* Security by design.

The Web Applications: Attacks and Defense class features web applications written using ASP or PHP, encompassing security issues such as:

* Exception handling
* SQL injection
* Remote command execution
* Data tampering
* Cross site scripting

The advanced edition of the Web Applications: Attacks and Defense class features a more complex web application, written using ASP, PHP, ASP.NET or Java/JSP. In addition to the regular class, the advanced edition class includes security issues such as:

* Authentication
* Preventing session hijacking
* Privilege escalation
* Advanced SQL security with stored procedures

This class involves rigorous hands-on exercises.

Key Learning Objectives:

* Problems that occur when developing a web application.
* Security issues when deploying a web application.
* Web application security testing
* Securely configuring web servers
* Secure coding techniques
* Spotting basic errors in web application code
* Basic error handling techniques

General Learning Objectives:

* Developing procedures to test and maintain the security of a web application.
* Source code review procedures.
* Proficiency with security testing tools and procedures

Who Should Attend:

* Developers: Learn what can go wrong with badly written application code, and how to prevent such errors.
* Web site administrators: Learn how to securely configure a web server and an application server, without compromising on functionality.
* Application security analysts: Learn how to systematically analyze and audit a web application.
* Project managers / IT managers: Learn how to be effective in maintaining a secure web application, going ahead.

About Shreeraj:

Shreeraj founded Net-Square in January 2000, to establish the company as a strong security research and security software development company. Net-Square has been instrumental in developing and exporting web security components companies such as Foundstone and NT OBJECTives. He leads research and development arm of Net Square. He has over 5 years of experience with system security architecture, system administration, network architecture, web application development, security consulting and has performed network penetration testing and application evaluation exercises for many significant companies in the IT arena. In the past Shreeraj worked with Chase Bank and IBM in area of web security.

Shreeraj graduated from Marist College with a Masters in Computer Science, and has a strong research background in computer networking, application development, and object-oriented programming. He received his graduate degree in Computer Engineering from Gujarat University, and an MBA from Nirma Institute of Management, India. Shreeraj has also authored a book titled “Web Hacking: Attacks and Defense” published by Addison Wesley.

REGISTER HERE

Trainer: Anthony Zboralski (Gaius)
Duration: 2-days
Cost: 150BD/USD400 (Early Bird) || 200BD/USD530 (Non Early Bird)

Title:
Abstract:

Our online discussion forum dedicated to HITBSecConf2005 - Bahrain is available here.

For information regarding sponsorship, please contact:

# Dhillon Andrew, dhillon at hackinthebox dot org
# Jorge Sebastiao, jorge at esgulf dot com
# Saeed, saeed at esgulf dot com

For information regarding Capture the Flag competition (CtF), please contact:

# Meling Mudin (spoonfork), mel at hackinthebox dot org
# Dinesh Nair (alphaque), dinesh at hackinthebox dot org

For press releases, please contact:

# Selvam (alphademon), alphademon at hackinthebox dot org

For general enquiries, please contact:

# The Organizing Committee, bahrain-conference at hackinthebox dot org

MAILING ADDRESS (ESGulf - Primary Contact):

E-Security Gulf Group WLL, PO Box 10606, 2 nd floor Yateem Center, Manama, Bahrain.

Phone: +973-223550
Fax: +973-225338

MAILING ADDRESS (HITB):

Hack In The Box (M) Sdn. Bhd. (622124-V)
Level 26 Menara IMC,
No 8, Jalan Sultan Ismail
50250 Kuala Lumpur, Malaysia.

Phone: ++603-20394724
Fax: ++603-20318359

Presentation Title: Information Security in Banking
Presentation Details:

The presentation is aimed at both business users and technical people; using a language and examples both factions can understand. This presentation highlights challenges facing the Banking Industry today andin the near future. The talk is based on the speaker’s experience pen testing and auditing some of the largest
bank in Asia and will describe intrinsic problems in the banking infrastructure: (core banking, online banking, SMS banking, network of trust, threats from third party contractors, from insiders, etc…).

This presentation will focus on ways to defeat information security by ways of deception and taking advantage of specific subtleties in human behaviour. Social engineering attacks will be described in full to provide sufficient background and awareness during everyday business activities. It will also describe how security mechanisms such as firewalls, intrusion detection systems and VPN often give a false sense of safety when security isn’t integrated into business process.

The presentation will include 3 real-world case studies:

Case Study I: Penetration testing a major Asian bank (profiling, war dialing, war driving, internet pen test, social engineering, physical pen test, internal pen test, core banking pen test). The speaker will show how an attacker can compromise the most up to date and “secure” systems sometimes without using any exploits.

Case Study II: Core Banking Audit, taking a look at security through obscurity; cases of insider hacking and fraud in which employee erased loan files and tried to manipulate interest rates, vendor tempering with production environment, etc.

Wireless Security Survey in Jakarta (ATM banking transactions broadcasted in plain-text over wireless, another bank broadcasting multi-million dollars bank wires in plain-text, an entire credit card department exposed to attacks). Never-seen-before screenshots will be displayed (what the eye doesn’t see, the heart don’t grieve about.)

About Anthony:

Anthony Zboralski leads Bellua Asia Pacific, an Information Security consulting company based In Jakarta, Indonesia. He has more than 9 years of experience performing penetration tests, assessments, forensics and related services for some of the largest banks in Asia and a dozen Fortune 500 companies including Aerospatiale, Air France, Allianz, AXA, Electricite de France, Lagardere-Matra…

He is also known as Gaius, one of HERT cofounders and wrote some articles for phrack and hert.org (tunnelx, ciscogdb, procx, etc.). Anthony has been involved into hacking and security community since 1989 (started on x25 with otosync and bayernpower [Matthias]). He is 29 now, living in Indonesia with wife and two kids.

** Presenting with Fabio Ghioni

Presentation Title: Corp Vs Corp: Industrial Espionage and Cyberwars
Presentation Details:

In the aftermath of September 11th, security issues came into the limelight; everybody focalized their attention on increasing anti-terrorist measures and countering the increasing number of hacker attacks to business and government networks but hardly anyone has ever mentioned a more insidious and widespread criminal activity: industrial espionage. Today companies can rely on cyber-based techniques and methodologies to react to attacks coming from the real world.

1) Introduction: old and new threats after September 11th
2) Industrial Espionage: state-sponsored espionage
3) Cyber defense methodology: from digital identification of attacker to counterattack strategy
4) Cyber counterattacks: information leakage, Injected Interception

About Roberto:

Roberto Preatoni (aka Sys64738): 37, is the founder of the defacement/cybercrime archive Zone-H (http://www.zone-h.org). He’s also CEO of an International ITsec company (Domina Security) which is active in European and former soviet countries. He has been globetrotting, lecturing in several ITsec security conferences, including Defcon in the US. He has been interviewed by several print and online newspapers where he shares his experiences relating to cyberwar and cybercrimes.

** Presenting with Roberto Preatoni

Presentation Title: Corp Vs Corp: Industrial Espionage and Cyberwars
Presentation Details:

In the aftermath of September 11th, security issues came into the limelight; everybody focalized their attention on increasing anti-terrorist measures and countering the increasing number of hacker attacks to business and government networks but hardly anyone has ever mentioned a more insidious and widespread criminal activity: industrial espionage. Today companies can rely on cyber-based techniques and methodologies to react to attacks coming from the real world.

1) Introduction: old and new threats after September 11th
2) Industrial Espionage: state-sponsored espionage
3) Cyber defense methodology: from digital identification of attacker to counterattack strategy
4) Cyber counterattacks: information leakage, Injected Interception

About Fabio:

Fabio Ghioni is advisor to several Multinational Corporations as well as Governments. He is the leading expert in the field of information security, competitive intelligence and intrusion management in an asymmetric environment. As consultant to several different Government institutions he has been the key to the solution of several terrorism cases in the past. He has serviced leading international corporations involved in the military, telecommunications, banking and technology industries. His key fields of research range from mobile and wireless competitive security to the classification of information and forensics technologies applied to identity management and ambient intelligence.

Presentation Title: Carrier-grade security: A primer for telecommunications operators
Presentation Details:

Telecommunications operators are at a crossroad. After enjoying decades of steady growth in a protected sector, they now face increasingly aggressive competition from smaller players due to the deregulation wave. On the technological front, they must find answers to the threat of mobile data services such as Wi-Fi and telephony alternatives based on VoIP protocols. For the first time since they were created, they must also take the security threat seriously, as opposed to the proverbial lip service they were content with until now. This presentation will present the evolution of the security threats facing telecommunications operators, and what they must do about it.

About Emmanuel:

Emmanuel started his career in GSM telecommunications in 1994, specializing in Network Management Systems and Intelligent Networks, participating in the launch of several cellular networks across Asia and Europe, with a focus on Value-Added Services. In 1997 he founded a consulting firm focusing on the highly specialized security services for the GSM and 3G operators. Personal interests include X.25 networks and SS7 signalling. Emmanuel focuses on the emerging threats facing the telecommunications industry today. He founded the Telecom security Task Force (TSTF) to provide clients with specialized security services for their GSM/GPRS/UMTS/SS7/VoIP/IMS networks

Presentation Title: IT security in an active warzone
Presentation Details:

We draw general lessons in technology deployment and project management from the extreme environment of Iraq. This environment has some unique characteristics – active adversaries, physical insecurity, recently destroyed infrastructure, and a dynamic and uncertain political environment – but also has many universal characteristics, such as a vast potential market, substantial “anchor customers", and technological problems which seem ideally suited to the features of next-generation and almost-there technical solutions, but which demand simplicity and reliability.

In deploying these cutting-edge systems in this demanding environment, we have learned many technological and organizational lessons which should greatly assist in similar deployments in more traditional environments throughout the world.

About Ryan Lackey:

Ryan Lackey is founder and CEO of Blue Iraq, a communications and IT company which provides satellite, cellular, and microwave networking throughout Iraq, both for the military and civilian markets. Blue Iraq aims to bring communications and finance technologies to emerging markets throughout the Middle East, North Africa, and Asia. Previously, he operated HavenCo, an offshore datahaven located in the “Principality of Sealand” in the North Sea off the coast of the UK, and has been involved in electronic cash, tamper resistant computing, payment networks, and cryptography.

Presentation Title: Web Application Kung-Fu, The Art of Defense
Presentation Details:

Web application attacks are growing at rapid rate in last 5 years. Many innovative ways of breaking system have come into existence. Web Applications are even more vulnerable since they cannot be protected by Firewalls and become easy prey for attackers. Next generation web application attacks have arrived and are here to stay. These attacks are targeted towards vulnerable and poorly written web applications. Web application defense strategies require secure coding at application level, knowing your application and protecting them by human intelligence. Knowing your application can lead to profiling your web assets in logical way. Profiling web assets provides better picture of various possible attacks set. Knowing entire attack set greatly helps in designing and implementing defense strategies. This presentation will cover attacks in depth with live demonstration and tools. Several new techniques of defense will be exposed to audience as part of “Art of defense”.

About Shreeraj:

Shreeraj founded Net-Square in January 2000, to establish the company as a strong security research and security software development company. He leads research and development arm of Net Square. He has over 7 years of experience with system security architecture, system administration, network architecture, web application development, security consulting and has performed network penetration testing and application evaluation exercises for many significant companies in the IT arena. In the past Shreeraj worked with Foundstone, Chase Bank and IBM in area of web security.

Shreeraj graduated from Marist College with a Masters in Computer Science, and has a strong research background in computer networking, application development, and object-oriented programming. He received his graduate degree in Computer Engineering from Gujarat University, and an MBA from Nirma Institute of Management, India. Shreeraj has also authored a book titled “Web Hacking: Attacks and Defense” published by Addison Wesley. Shreeraj spoke at conferences like HackInTheBox, RSA, Blackhat, CII and NASSCOM etc. in the past. He is also contributing writer on Infosecwriters.com.

Please click here to view the media coverage for HITBSecConf2004 which was held at The Westin in Kuala Lumpur.

Welcome to the official website for HITBSecConf2005 Bahrain. This conference will mark the fourth conference in our HITBSecConf series and the first time that a HITB Security Conference is taking place outside of Kuala Lumpur Malaysia! HITBSecConf2005 in Manama Bahrain is jointly organized by Hack In The Box and E-Security Gulf Group.

Expected Capacity: 400 pax
Venue: Taj Palace, Bahrain
Timing: 07:30 - 17:00

Visa Requirements:

No visa is required for the nationals of the GCC. These include people from Saudi Arabia, UAE, Qatar, Oman and Kuwait, however a valid passport/travel document will be required. GCC and most nationalities coming to Bahrain will be able to get an “on-arrival visa” which permits them to stay for a maximum period of one week. Other nationalities business visit visas can be arranged on a 48 hour notice.