[vox] Fwd: SVLUG June 2nd meeting: Hijacking Web 2.0 Sites with SSLstrip and Slowloris]

Bill Kendrick nbs at sonic.net
Wed Jun 2 06:40:08 PDT 2010 

----- Forwarded message from Rick Moen <rick at linuxmafia.com> -----

Date: Wed, 2 Jun 2010 00:48:16 -0700
From: Rick Moen <rick at linuxmafia.com>
Subject: [svlug-announce] SVLUG June 2nd meeting: Hijacking Web 2.0 Sites
	with SSLstrip and	Slowloris
To: svlug-announce at lists.svlug.org

(This only feels like a Tuesday, on account of the holiday weekend.)


WHEN:

  Wednesday, June 2nd, 2010
  7pm-9pm


MAIN PRESENTATION

  TOPIC:
    Hijacking Web 2.0 Sites with SSLstrip and Slowloris

  PRESENTED BY:
    Sam Bowne 

  TOPIC SUMMARY:
    Many Web sites mix secure and insecure content on the same page,
    as does Facebook.  This makes it possible to steal all the data
    entered on such a page easily, using Moxie Marlinspike's SSLstrip
    tool.  Sam will explain and demonstrate this attack.

    Slowloris is a very new layer-7 denial-of-service attack created by
    RSnake that stops Apache Web servers completely, with very low
    bandwidth -- one packet every 2 seconds.  The Apache developers were
    notified of this vulnerability, and decided it was unimportant and
    not worth patching.  Sam will explain and demonstrate this attack,
    and discuss various ways to protect your Apache HTTPd servers.

    Complete instructions, so that anyone can easily set up both these
    attacks on their own machines, will be discussed.

  ABOUT THE PRESENTER:
    Sam Bowne has been teaching computer networking and security classes
    at City College of San Francisco since 2000.  He has given talks at
    DEFCON and Toorcon on ethical hacking, and taught classes and
    seminars at many other schools and teaching conferences.

    He has a B.S. in Physics from Edinboro University of Pennsylvania
    and a Ph.D. in Physics from University of Illinois,
    Urbana-Champaign.  His industry certifications are:  Certified
    Ethical Hacker, Microsoft: MCP, MCDST, MCTS: Vista; Network+, 
    Security+, Certified Fiber Optic Technician.


LOCATION:

  Symantec
  VCAFE Facility
  350 Ellis Street (near E. Middlefield Road)
  Mountain View, CA 94043

  Directions on how to get there are listed at:

    http://www.svlug.org/directions/veritas.php

  We've tried our very best for these directions to be accurate.
  If you have any improvements to make, please let SVLUG's volunteers know!
  webmaster at svlug.org

POST-MEETING GATHERING:

  If you just can't get enough, a smaller group usually goes to a local
  restaurant/diner after the meeting.  We'll announce the restaurant
  selection at the meeting.

We look forward to seeing you there!


_______________________________________________
svlug-announce mailing list
svlug-announce at lists.svlug.org
http://lists.svlug.org/lists/listinfo/svlug-announce

----- End forwarded message -----

-- 
-bill!
Sent from my computer

More information about the vox mailing list