Black Hat Federal 2003 Training
Trainiing

Note: if the class is overfilled, then you will be wait-listed. You will be contacted should this occur.

training

Black Hat Federal Training 2003
The Sheraton Premiere at Tyson's Corner, September 29-30, 2003

All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered for each student. You must provide your own laptop.

Course Length: 2 days

Cost: US $2000 before September 5, 2003 or US $2200 after September 5, 2003
NOTE: this is a two day course. A Certificate of Completion will be offered.

REGISTER NOW

course description
Two Day Course
Mon, September 29 thru Tues, September 30
Network Application Design & Secure Implementation
Drew Miller
What to bring:
The students will be required to provide their own laptop.

Students MUST have the Microsoft .NET Framework
version 1.1 installed

To ensure the ability for the students to participate throughout the class students should install all the tools previous to attending the class.

Students should also be aware that there is a chance a lab or demo will not work on a given laptop.

A student’s personal laptop configuration could hinder the ability for the class materials to be of use.

No laptops or or software are provided

REGISTER NOW

What we cover:

  • Security exposures
  • Use of a security enhanced development process
  • Basic risk analysis concepts
  • Process and peripheral assessment
  • Data assessment and information security
  • Monitoring and detection techniques
  • Securing sessions and resource management

By the time the student finishes the class, the student should be able to, with the class materials as reference, design an application or develop an application that will be ~99.99% secure from all known exposures. This is not limited to the basic buffer overflow. Students will be able to protect against session hijacking and replay attacks, prove that auditing information in logs has not been tampered with, and offer their customers the most secure applications created to date.

Some exposures and solutions are covered using basic examples. Other exposures or attacks will be presented using data gathered previous to the class date since those processes take time and cannot be demonstrated or performed by the students in class.

The course will be presented over two days. The beginning of the course will be review of security exposures, concepts and processes. The middle of the course will cover process and data security with some focus on code examples. Demonstrations of some types of attacks will be shown and how these advanced approaches to design and development mitigate those exposures. The end of the course will be review with the students taking a short test to show that the student has actively paid attention and participate in the class.

What to expect:
Each topic is introduced and supported through discussion and a foundation achieved using a question and answer session. The questions for the most part are already determined, but the students can offer more perspective if specific questions arise. Some of the sections are lecture while others include white board labs and discussions.

Depending on time, the instructor may perform some demonstrations of advanced hacking techniques with the intent to show the effects of hacking attacks when the solutions to these exposures are not integrated into newly designed and developed applications.

Students should be prepared to take many notes as this class has a massive about of information that will be presented fast-paced. A majority of the content can be followed up through reading the student booklet that gives the students a lot of research material with code examples to back up the concepts presented.

Pre-requisites
Students will be subject to reviewing code examples that demonstrate some concepts used throughout this course.

Course material will include diagrams that outline some common uses of many of the following technologies but the student should be refreshed so that the instructor doesn’t have to take class time to explain.

The student should have an understanding of most of the following concepts and technologies:

  • Networking
  • Ethernet
  • IP
  • TCP/IP
  • HTTP

For those who would like to review these can check the following resources:

  • TCP/IP Illustrated Volume 1 by W. Richard Stevens (ISBN: 0201633469)

The student should have an understanding of some of the following concepts and technologies:

  • SSL / TLS
  • UDP
  • C/C++
  • .NET C# or any other .NET language
  • Cryptography
  • Sockets Programming

For those who would like to review these can check the following resources:

  • ICSA Guide to Cryptography by Randall K. Nichols (ASIN: 0079137598)
  • .NET Framework Essentials by Thuan Thai & Hoang Q. Lam (ISBN: 0596003021)
  • Writing Solid Code by Steve Maguire (ASIN: 1556155514)
  • Writing Secure Code Second Edition by Michael Howard and David C. LeBlanc (ISBN: 0735617228)

The attributes of the protocols covered relate to all other communication protocols and despite the languages used to code the programs used in this course, the concepts apply to all protocols and the designs presented can be applied to programs written in all languages.

Requirements
1) The students must provide their own laptop.

2) students MUST have the Microsoft .NET Framework version 1.1 installed

3) The students must have the following programs to interact with the class materials. To ensure the ability for the students to participate throughout the class students should install all the tools previous to attending the class. Students should also be aware that there is a chance a lab or demo will not work on a given laptop. A student’s personal laptop configuration could hinder the ability for the class materials to be of use.

The class materials were developed using the following products on Windows 2000 Professional™ with Service Pack 3.

  • Microsoft PowerPoint™
  • Microsoft Visio™
  • Microsoft Word™
  • Microsoft Visual Studio 6.0™ and or Microsoft Visual Studio. NET™
  • Microsoft SQL Server 2000™ or Microsoft Desktop Engine™ (MSDE)

Who Should Attend?
The target audience for this class includes software designers, architects, programmers, security analysts, security auditors, quality assurance engineers and any other individuals that will actively participate in the design, development and auditing of network enabled software applications for security. Most of the concepts presented will include solutions in code or in design.

Students that do not have development experience will find this course just as useful as coders, and although some code is reviewed in short for developers, no students will be required to write code during the class. Most of the solutions presented in the class are step oriented, process driven and have charts and pictures that help visually illustrate what is happening. Only a few processes require the deep outline of code level steps required to implement them. This class is a must for anyone who is currently or will be participating in the design and development of any application that will use networking, be that Ethernet, infrared, 802.11, cellular or even Blue Tooth.

Course Length: 2 days

Cost: US $2000 before September 5, 2003 or US $2200 after September 5, 2003
NOTE: this is a two day course. A Certificate of Completion will be offered.

REGISTER NOW

Trainer:

Drew Miller has been a software engineer for more than ten years. Drew has worked at many levels of software development, from embedded operating systems, device drivers and file systems at Datalight Inc. to consumer and enterprise networking products such as Laplink’s PCSync and Cenzic’s Hailstorm. Drew’s experience with many software genres combined with his passion for security give him a detailed perspective on security issues in a wide variety of software products.

Drew’s latest projects were the aided design and development of two security courses for Hewlett-Packard at the Hewlett-Packard Security Services Center. One course aimed at educating quality assurance personal and the other educating developers to the exposures that exist in present day network applications and how to avoid such exposures. Drew is currently an instructor for Black Hat Training, Inc.

Black Hat Logo
(c) 1996-2007 Black Hat