BALUG reminder & NEWS: Tu 2010-05-18: Sam Bowne: Attacking Web users and servers with SSLstrip and Slowloris; & other BALUG news
In this issue (details further below): o 2010-05-18: BALUG: reminder - this coming Tuesday!: Sam Bowne: Attacking Web users and servers with SSLstrip and Slowloris o 2010-05-15: OpsCamp (San Francisco 9a-5p(+++?)) o BALUG: "Working in the Business" (Linux, IT, etc.), panel discussion o 2010-04-20 BALUG: Sameer Verma on: One Laptop per Child (OLPC) Project: Plan, Updates, Direction, Participation - "slides" available o 2010-06-10 Novell Linux Day (Santa Clara, CA)
------------------------------
reminder: Bay Area Linux User Group (BALUG) This coming Tuesday!: 6:30 P.M. 2010-05-18 Sam Bowne: Attacking Web users and servers with SSLstrip and Slowloris[1]
Please RSVP if you're planning to come (see further below).
For our 2010-05-18 BALUG meeting, we're excited to present:
Sam Bowne Instructor, City College San Francisco (CCSF)[2], Computer Networking and Information Technology Department[3]
Many Websites mix secure and insecure content on the same page, like Facebook[4]. This makes it possible to steal all the data entered on such a page easily, using Moxie Marlinspike[5]'s SSLstrip tool. Sam Bowne will explain and demonstrate this attack.
Slowloris is a very new layer 7[6] denial-of-service attack[7] created by RSnake[8] that stops Apache web servers completely with very low bandwidth--one packet every 2 seconds. The Apache developers were notified of this vulnerability and decided it was unimportant and not worth patching. Sam will explain and demonstrate this attack, and discuss various ways to protect your Apache servers.
Sam will provide complete instructions so that anyone can easily set up both these attacks on their own machines.
Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks at DEFCON[9] and Toorcon[10] on Ethical Hacking, and taught classes and seminars at many other schools and teaching conferences.
He has a B.S. in Physics from Edinboro University of Pennsylvania[11] and a Ph.D. in Physics from University of Illinois, Urbana-Champaign[12]. His Industry Certifications are: Certified Ethical Hacker, Microsoft: MCP[13], MCDST[14], MCTS[15]: Vista; Network+, Security+, Certified Fiber Optic Technician.
1. http://samsclass.info/defcon.html 2. http://www.ccsf.edu/ 3. http://www.ccsf.edu/Departments/Computer_Networking_and_Information_Technolo... 4. http://www.facebook.com/ 5. http://thoughtcrime.org/about.html 6. http://en.wikipedia.org/wiki/Osi_7_layer_model#Layer_7:_Application_Layer 7. http://en.wikipedia.org/wiki/Denial-of-service_attack 8. http://ha.ckers.org/ 9. http://www.defcon.org/ 10. http://www.toorcon.org/ 11. http://www.edinboro.edu/ 12. http://illinois.edu/ 13. http://en.wikipedia.org/wiki/Microsoft_Certified_Professional 14. http://www.microsoft.com/learning/en/us/certification/mcdst.aspx 15. http://www.microsoft.com/learning/en/us/certification/mcts.aspx
So, if you'd like to join us please RSVP to:
rsvp@balug.org
**Why RSVP??**
Well, don't worry we won't turn you away, but the RSVPs really help the Four Seas Restaurant plan the meal and they help ensure that we'll be able to eat upstairs in the private banquet room.
Meeting Details...
6:30pm Tuesday, May 18th, 2010 2010-05-18
Four Seas Restaurant http://www.fourseasr.com/ 731 Grant Ave. San Francisco, CA 94108 Easy PARKING: Portsmouth Square Garage at 733 Kearny: http://www.sfpsg.com/
Cost: The meetings are always free, but for dinner, for your gift of $13 cash, we give you a gift of dinner ticket to join us for a yummy family-style Chinese dinner - tax and tip included (your gift also helps in our patronizing the restaurant venue and helping to defray BALUG costs such treating our speakers to dinner).
------------------------------
2010-05-15: OpsCamp (San Francisco 9a-5p(+++?)) OpsCAMP SF 2010-05-15: http://www.opscamp.org/sf
" Mission
About The Event
OpsCamp is an unconference for people who are deeply involved with next generation IT Operations. Our first OpsCamp in Austin was an interesting mix of Ops practitioners and tool makers in an all interactive format. "
------------------------------
BALUG "Working in the Business" (Linux, IT, etc.), panel discussion
BALUG is still working to assemble panel (and moderator) for "Working in the Business" (Linux, IT, etc.), panel discussion
Should make for very interesting, lively, informative and useful discussion/presentation/"talk/debate".
For more information, and also if you know someone you'd like as panelist or moderator (or are yourself interested), and/or if you have specific topics/questions you'd like to see covered by the panel, PLEASE HAVE A LOOK AT: http://www.balug.org/#panel At the present time we're ACTIVELY GATHERING INFORMATION ON POTENTIAL PANELISTS, MODERATORS, available dates, etc., to plan and coordinate this event. Please also do feel free to pass this information along to any contacts you feel appropriate that may be interested.
------------------------------
2010-04-20 BALUG: Sameer Verma on: One Laptop per Child (OLPC) Project: Plan, Updates, Direction, Participation[1] - "slides" available
Missed our 2010-04-20 meeting, or want to get a better look at or grab some information from those slides?
slides available: http://www.slideshare.net/sverma/olpc-project-plan-update-direction-particip... (copy also archived at: http://www.archive.balug.org/2010/2010-04-20/balug-olpc-100426233751-phpapp0... )
1. http://lists.balug.org/pipermail/balug-announce-balug.org/2010-March/000149....
------------------------------
2010-06-10 Novell Linux Day (Santa Clara, CA) http://lists.balug.org/pipermail/balug-talk-balug.org/2010-May/004601.html
------------------------------