[Python-checkins] Boracay Seminar Part II on April 25-26_08

Global Knowledge PH gki at pldtdsl.net
Fri Apr 4 20:55:08 CEST 2008 

 
 
 
BORACAY Seminar Part  II 
April 25-26, 2008
Venue: La Carmela Hotel, Boracay, Station II
Reg. Fee: P5,995+ VAT
Fee includes: 2D&1N Hotel Accommodation (Sharing), am/pm snacks, lunch,
Training materials and GK certificates
Certified Security Analyst (ECSA) /EC-Council's Licensed Penetration
Tester
 ECSA is a security class like no other! Providing real world hands-on
experience, it is the only in-depth Advanced Hacking and Penetration
Testing class available that covers testing in all modern
infrastructures, operating systems and application environments.
EC-Council's Licensed Penetration Tester (LPT) is a natural evolution
and extended value addition to its series of security related
professional certifications. LPT standardizes the knowledge base for
penetration testing professionals by incorporating the best practices
followed by experienced experts in the field.
Advanced Malware Analysis
The malware author's evil job is to develop software that can collect
and return data, run undetected, frustrate reverse-engineering efforts
just enough to make it not worth the analyst's effort, and make
detection almost impossible. This course builds on the material
presented in Malware Analysis I and focuses on using system monitoring
tools to conduct behavioral analysis of malware and using disassemblers
and debuggers to perform detailed analysis of complicated malicious
programs. You will run and analyze both synthesized and real-world
malware samples, dissect malicious programs at the lowest level, bypass
anti-forensics techniques meant to thwart analysis, and develop a
detailed understanding of how malicious programs work. 
VoIP Hacking
Hackers are also beginning to target VoIP systems and their users. Since
VoIP is essentially an internet - based data service, it's as vulnerable
to hacker attacks as anything else that moves information across the
web.
Bluejacking
Although known to the technical community and early adopters for some
time, the process now known as "Bluejacking"[1] has recently come to the
fore in the consumer arena, and is becoming a popular mechanism for
exchanging anonymous messages in public places. The technique involves
abusing the bluetooth "pairing"[2] protocol, the system by which
bluetooth devices authenticate each other, to pass a message during the
initial "handshake" phase. This is possible because the "name" of the
initiating bluetooth device is displayed on the target device as part of
the handshake exchange, and, as the protocal allows a large user defined
name field - up to 248 characters - the field itself can be used to pass
the message. This is all well and good, and, on the face of it, fairly
harmless, but, unfortunately, there is a down side. 
There is a potential security problem with this, and the more the
practice grows and is accepted by the user community, and leveraged as a
marketing tool by the vendors, the worse it will get. The problem lies
in the fact that the protocol being abused is designed for information
exchange. The ability to interface with other devices and exchange,
update and synchronise data, is the raison d'être of bluetooth. The
bluejacking technique is using the first part of a process that allows
that exchange to take place, and is therefore open to further abuse if
the handshake completes and the "bluejacker" successfully pairs with the
target device. If such an event occurs, then all data on the target
device bacomes available to the initiator, including such things as
phone books, calendars, pictures and text messages. As the current wave
of PDA and telephony integration progresses, the volume and quality of
such data will increase with the devices' capabilities, leading to far
more serious potential compromise. 
REGISTER NOW! Limited slots only
<http://www.globalknowledgeph.com/60ndx/gk_regform.htm> 
GLOBALKNOWLEDGE PHILIPPINES, INC.
2502B West Tower, PSE Bldg. Exchange Road, Ortigas Center, Pasig City,
Philippines 1600
Tel. Nos. (632) 683-0969; 637-3657; 0920-709-8298
Email: sandra at globalknowledgeph.com YM: sandra_medalla at yahoo.com 
 
  _____  



<http://www.globalknowledgeph.com/Remove/?email=python-checkins@python.o
rg> 
If you want to unsubscribe from this mailing list. Please Click it
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/python-checkins/attachments/20080404/48ee21df/attachment-0001.htm

More information about the Python-checkins mailing list