SUMIT_08 Survey Results: A Success!
More than seventy SUMIT attendees responded to the online SUMIT survey in the week following the SUMIT_08 symposium. Several changes took place this year in the organization of SUMIT_08, and the results of the survey show that these changes were positive: 70 percent of those who responded to the survey reported that the overall conference was either 'very good' or 'excellent.'
Thank you to everyone who provided feedback. We will use these survey results to continue to deliver top-quality events, and we look forward to seeing you at future events.
If you were unable to attend this year's SUMIT symposium, slides and audio materials are available below as well as here.
Presentation Abstracts & Presenter Information
"Stealing the Internet" will describe a method where an attacker exploits trust relationships in the BGP routing system to facilitate transparent interception of IP packets. The method will be shown to function at a scale previously thought by many as unavailable to anyone outside of intelligence agencies and carrier networks. The talk highlights a new twist in sub-prefix hijacking that I demonstrated at Defcon 16: using intrinsic BGP logic to hijack network traffic and simultaneously create a 'bgp shunt' -- a "feasible path" -- towards the target network. Results of a recent inter-provider filtering practices survey will be presented as further rationale for stronger route filtering and increased routing security research.Those interested in observing the attack in action and the original demonstration are encouraged to view the video of the presentation, posted at www.defcon.org.BIO:
Anton Kapela has been an on-again off-again Madison resident since 2000. He originally came to Madison to attend Herzing College. A few years into it, engineering and telecommunication opportunities spoke more loudly than school -- ultimately resulting in Anton moving to Miami in 2003 and departing academia with an A.S. In the years following his first stay in Madison, Anton worked and consulted with a number of industry greats. His favorites so far have been Redline Communications, C-net Networks, Motorola's Canopy Wireless division, and a subsidiary of Research In Motion called 'Slipstream.' Recently he consulted on Internap Networks' acquisition and integration of VitalStream - a large international Content Delivery Network.
Anton is actively involved in the Internet operations and research community and has been a frequent presenter at the North American Network Operators Group meetings on a variety of topics. He's also a co-owner and partner at Five Nines Data, a local Madison Datacenter and IT solutions company. At 5nines he is responsible for the architecture and implementation of network services and datacenter facilities. When Anton isn't working, he spends time in rehearsal and recording studios playing drums and bass guitar, and dabbles with photography and broadcast video technology.
TOPIC: Case Study: Responding to the Latest DNS Threats
The Internet's Domain Name System (DNS) is increasingly implicated as a target and in perpetration of network abuse. Some attacks exploit vulnerabilities in the DNS protocol itself, and in August, Dan Kaminsky announced CERT VU#800113, which significantly increased the ease with which "cache poisoning" attacks may be perpetrated. Work done by ISC in coordination with other DNS vendors and operators enacted a best-practice controlled-disclosure response to this major threat. This presentation recounts the story so far, and summarizes recent results from OARC and SIE researchers measuring the extent of the problem and mitigation deployment. Various DNS future-proofing techniques against this threat are outlined, but the case is presented that DNSSEC is the only technology which can comprehensively prevent this and other abuses.
In 2008, Keith was appointed as Director of Engineering at the Internet Systems Consortium (ISC).
The crime landscape is shifting. Crimes are moving up the network stack. Network-based attacks are a topic of the past. The attacks today are executed on the application layer: Web 2.0 and instant messenger attacks are more and more common. Crimes are committed inside of applications: fraud, sabotage, abuse, information leaks, and crime ware are big problems for organizations. Crime has shifted. Have you? Are you prepared to deal with these new developments? Are you still relying on your network-based intrusion detection or prevention systems? Are you aware of what is happening inside of your applications? In addition to monitoring your networks, you have to make sure you are also taking an in-depth look at your applications. Due to the vast amount of log data that needs to be analyzed, novel methods are needed to conduct the analysis. Visualization of data has proven to be the approach generating the best return on investment when it comes to complex data analysis problems. This talk shows how security analysts can catch up with the changing crime landscape by utilizing novel technologies and analysis methods. The audience will learn to make use of new technologies and paradigms to deal with the changing threats.
Between security consultants, trade magazines, security mailing lists, software and hardware vendors, and yes even speakers at a conference, it is difficult to know for sure who to trust and where to place issues on the priority list. Everyone has either something to sell or something to gain by having you follow their opinion. While in many cases the hard sell of product or service "A" to prevent security disaster "B" is viable, but is it really that important to your organization right now? Not only will some common myths and mistakes be discussed, but reasons pro and con for each will be discussed. Go to your next vendor pitch or consultant meeting armed and ready to shoot some holes in a few industry myths. Warning: this will be a technical discussion, as the myths will often get shot down via technical means. Questions *heavily* encouraged.
|Last modified January 17, 2013|