HITBSecConf2005

We are pleased to announce the following additions to our speaker list for HITBSecConf2005 - Bahrain.

Fyodor Yarochkin (Co-Author X-Probe)
Wafik Ajoor (Directorate of Wireless Licensing, Frequency & Monitoring, Ministry of Transportation Bahrain)
Meder Kydyraliev (Co-Author X-Probe).

Do note that our Call for Papers will be closing on the 1st of March.

We are also proud to announce our sponsors for HITBSecConf2005 - Bahrain, Microsoft Corporation and Argus Systems Group.

Posted by Administrator @ 2005-02-03 1:57 pm

Wafik Ajoor

Presentation Title: WLAN Security: A Survey of Challenges & Solutions
Presentation Details:

Wireless Local Area Network (WLAN) is a short-range wireless technology that has a niche promising market. WLAN was developed by IEEE in what is termed as IEEE802.11 family standard. The popularity of WLAN has been on the rise. Along with this popularity has come a well publicized series of vulnerabilities and risks in the IEEE802.11 implementations. Furthermore, the normal risk assessment/risk mitigation process is complicated by a confusing set of authentication and encryption mechanism and the strengths and weaknesses of each.

The aim of this paper is to address each of these risks in detail and identify the real-world best practices needed to deploy and maintain a secure WLAN. The taxonomy of ever-expanding list of WLAN attack techniques is described. The generic mechanisms available for authentication of users and the protection of the privacy and integrity of the data are presented. A basic analysis of each security countermeasure by looking at the attack techniques addressed by the mechanism is reported. A number of recommendations for WLAN security are stated. Without these suggestions, not only is a WLAN vulnerable, but the entire information infrastructure of which it is a part is at risk.

About Wafik:

Wafik Ajoor is Directorate of Wireless Licensing, Frequency & Monitoring, Ministry of Transportation Bahrain. He received his B.Sc. in Computer Engineering from the King Saud University, KSA, in 1991, his M.Sc. in Electronics Engineering (Communications) from the University of Wales, UK, in 1993, and his M.A.Sc. in Electrical and Computer Engineering (Wireless/Mobile Communications) from the University of Waterloo, Canada, in 2003. He also obtained a diploma in Training and Development from the Thames Valley University, UK, in 1996. He holds CompTIA Security+ certification.

In 1991, he worked for IBM as a Mainframe Field/Customers Care Engineer for 3 years. He worked for the University of Bahrain as a Computer Science Lecturer in 1996 for 2 years. He also worked for Enbridge Consumer Gas Inc. (Canada) as a Wireless Consultant, in 2001, and for V Technology (Canada) as a Hardware Design Testing Engineer in 2002. He is currently working for the Ministry of Transportation (Bahrain) as a Telecommunications Engineer. He is a recipient of the prestigious Canadian Wireless Telecommunications Association award. He is a member of the IEEE since 1999. He is the IT Officer of the IEEE-Bahrain Section. He served as a Local Arrangements Subcommittee Chair of the 2nd IEEE-GCC Electrical and Electronics Industries Conference, Nov. 23-25, 2004. He has been a reviewer for the IEEE Communications magazine and Wileyâ€™s Wireless Communications and Mobile Computing journal.

His current research interest is wireless communications, 3G/B3G/4G Cellular Systems, UMTS/WCDMA Radio Network Optimization and Performance Analysis/Enhancement, WLAN, WLAN Security, 3G Security, and 3G/WLAN integration.

Posted by Administrator @ 2005-02-03 1:49 pm

Meder Kydyraliev

** Presenting with Fyodor Yarochkin

Presentation Title: Hacking automation with STIF: A New Breath
Presentation Details:

The STIF framework (http://o0o.nu/sec/STIF) was originally developed by Fyodor and Meder and presented at HITB2004 in Kuala-Lumpur, now is extended with new features and bug fixes, web front-end, database support, distributed communication, new ‘plugin’ interfaces and libraries for plug-and-play toolsutomation. Fyodor and Meder will present their way of automated hacking with STIF and demonstrate how the tool could be used by security analysts and network administrators in their daily routine of security assessments. The distributed coordinated attacks are now made easy by use of the database publishing interface, several integrated open source tools and web-based management console.

About Meder:

Meder Kydyraliev is a freelance security researcher, has obtained his bachelor of science degree in software engineering from AUK/Kyrgyzstan and is at early stage of getting to know what real security industry(sic) is. For past 2 years he has been involved in research and development of Xporbe2 active OS fingerprinting tool. Some of his personal interests include: network reconnaissance, information gathering techniques and applications of distributed computing in information security tools. His senior project was titled “Multi-threaded, distributed platform for information security tools".

Posted by Administrator @ 2005-02-03 1:44 pm

Fyodor Yarochkin

** Presenting with Meder Kydyraliev

Presentation Title: Hacking automation with STIF: A New Breath
Presentation Details:

About Fyodor:

Fyodor Yarochkin is a security hobbyist and happy programmer with a few years spent in business objectives and the “security” service delivery field. These years, however, weren’t completely wasted - Fyodor has been contributing his spare time to a few open and closed source projects, that attracted limited use among non-business oriented computer society. He has a background of system administration and programming and holds Engineering degree in Software Engineering.

Note: Fyodor is not ‘nmap Fyodor’. (http://www.snort.org/docs/faq.html#1.2)

Posted by Administrator @ 2005-02-03 1:43 pm

Event Organizers