BALUG reminder & NEWS: Tu 2010-05-18: Sam Bowne: Attacking Web users
and servers with SSLstrip and Slowloris; & other BALUG news
In this issue (details further below):
o 2010-05-18: BALUG: reminder - this coming Tuesday!: Sam Bowne:
Attacking Web users and servers with SSLstrip and Slowloris
o 2010-05-15: OpsCamp (San Francisco 9a-5p(+++?))
o BALUG: "Working in the Business" (Linux, IT, etc.), panel discussion
o 2010-04-20 BALUG: Sameer Verma on: One Laptop per Child (OLPC)
Project: Plan, Updates, Direction, Participation - "slides" available
o 2010-06-10 Novell Linux Day (Santa Clara, CA)
------------------------------
reminder:
Bay Area Linux User Group (BALUG)
This coming Tuesday!: 6:30 P.M. 2010-05-18
Sam Bowne: Attacking Web users and servers with SSLstrip and Slowloris[1]
Please RSVP if you're planning to come (see further below).
For our 2010-05-18 BALUG meeting, we're excited to present:
Sam Bowne Instructor, City College San Francisco (CCSF)[2],
Computer Networking and Information Technology Department[3]
Many Websites mix secure and insecure content on the same page, like
Facebook[4]. This makes it possible to steal all the data entered on
such a page easily, using Moxie Marlinspike[5]'s SSLstrip tool.
Sam Bowne will explain and demonstrate this attack.
Slowloris is a very new layer 7[6] denial-of-service attack[7] created
by RSnake[8] that stops Apache web servers completely with very low
bandwidth--one packet every 2 seconds. The Apache developers were
notified of this vulnerability and decided it was unimportant and not
worth patching. Sam will explain and demonstrate this attack, and
discuss various ways to protect your Apache servers.
Sam will provide complete instructions so that anyone can easily set up
both these attacks on their own machines.
Sam Bowne has been teaching computer networking and security classes at
CCSF since 2000. He has given talks at DEFCON[9] and Toorcon[10] on
Ethical Hacking, and taught classes and seminars at many other schools
and teaching conferences.
He has a B.S. in Physics from Edinboro University of Pennsylvania[11]
and a Ph.D. in Physics from University of Illinois, Urbana-Champaign[12].
His Industry Certifications are: Certified Ethical Hacker,
Microsoft: MCP[13], MCDST[14], MCTS[15]: Vista; Network+, Security+,
Certified Fiber Optic Technician.
1. http://samsclass.info/defcon.html
2. http://www.ccsf.edu/
3.
http://www.ccsf.edu/Departments/Computer_Networking_and_Information_Technol…
4. http://www.facebook.com/
5. http://thoughtcrime.org/about.html
6. http://en.wikipedia.org/wiki/Osi_7_layer_model#Layer_7:_Application_Layer
7. http://en.wikipedia.org/wiki/Denial-of-service_attack
8. http://ha.ckers.org/
9. http://www.defcon.org/
10. http://www.toorcon.org/
11. http://www.edinboro.edu/
12. http://illinois.edu/
13. http://en.wikipedia.org/wiki/Microsoft_Certified_Professional
14. http://www.microsoft.com/learning/en/us/certification/mcdst.aspx
15. http://www.microsoft.com/learning/en/us/certification/mcts.aspx
So, if you'd like to join us please RSVP to:
rsvp(a)balug.org
**Why RSVP??**
Well, don't worry we won't turn you away, but the RSVPs really help the
Four Seas Restaurant plan the meal and they help ensure that we'll be
able to eat upstairs in the private banquet room.
Meeting Details...
6:30pm
Tuesday, May 18th, 2010 2010-05-18
Four Seas Restaurant http://www.fourseasr.com/
731 Grant Ave.
San Francisco, CA 94108
Easy PARKING:
Portsmouth Square Garage at 733 Kearny:
http://www.sfpsg.com/
Cost: The meetings are always free, but for dinner, for your gift of $13
cash, we give you a gift of dinner ticket to join us for a yummy
family-style Chinese dinner - tax and tip included (your gift also
helps in our patronizing the restaurant venue and helping to
defray BALUG costs such treating our speakers to dinner).
------------------------------
2010-05-15: OpsCamp (San Francisco 9a-5p(+++?))
OpsCAMP SF 2010-05-15: http://www.opscamp.org/sf
"
Mission
About The Event
OpsCamp is an unconference for people who are deeply involved with
next generation IT Operations. Our first OpsCamp in Austin was an
interesting mix of Ops practitioners and tool makers in an all
interactive format.
"
------------------------------
BALUG "Working in the Business" (Linux, IT, etc.), panel discussion
BALUG is still working to assemble panel (and moderator) for
"Working in the Business" (Linux, IT, etc.), panel discussion
Should make for very interesting, lively, informative and useful
discussion/presentation/"talk/debate".
For more information, and also
if you know someone you'd like as panelist or moderator (or are yourself
interested), and/or if you have specific topics/questions you'd like to
see covered by the panel,
PLEASE HAVE A LOOK AT:
http://www.balug.org/#panel
At the present time we're ACTIVELY GATHERING INFORMATION ON POTENTIAL
PANELISTS, MODERATORS, available dates, etc., to plan and coordinate
this event. Please also do feel free to pass this information along to
any contacts you feel appropriate that may be interested.
------------------------------
2010-04-20 BALUG: Sameer Verma on: One Laptop per Child (OLPC) Project:
Plan, Updates, Direction, Participation[1] - "slides" available
Missed our 2010-04-20 meeting, or want to get a better look at or grab
some information from those slides?
slides available:
http://www.slideshare.net/sverma/olpc-project-plan-update-direction-partici…
(copy also archived at:
http://www.archive.balug.org/2010/2010-04-20/balug-olpc-100426233751-phpapp…
)
1.
http://lists.balug.org/pipermail/balug-announce-balug.org/2010-March/000149…
------------------------------
2010-06-10 Novell Linux Day (Santa Clara, CA)
http://lists.balug.org/pipermail/balug-talk-balug.org/2010-May/004601.html
------------------------------
http://www.balug.org/