security.crudtastic.com

Well, another SANS event has come to an end. This one was personally my most favourite SANS event to date. This year I got chosen to help facilitate the SEC504 – Hacker Techniques, Exploits & Incident Handling track with John Strand (see pauldotcom.com). As usual the weather was cold, the days were packed, and the courses were awesome. A bit of an unexpected highlight this year was the food .. definitely a step up from last year (wish I could say the same for the Crowne)!

The full line up of courses were

* SEC401: SANS Security Essentials Bootcamp Style – Mark Hofman
* SEC504: Hacker Techniques, Exploits & Incident Handling – John Strand
* SEC560: Network Penetration Testing and Ethical Hacking – Bryce Galbraith
* SEC508: Computer Forensics, Investigation & Response – Chad Tilbury

I heard really good reports from all classes (both staff and students).

As for the SEC504 class .. well John Strand is an absolutely great guy. I think he must have covered more distance than any other instructor at the Canberra event. He can’t stnad still and loves to just walk amongst all the students while he’s teaching (I like that style .. it kind of keeps you concentrating while he’s moving about), or maybe he just has a mild case of A.D.D. Having done Security Essentials last year, this course was really what I was wanting. There was some seriously useful (if not scary) information that gets taught and demonstrated during the class. Knowing this information will make you look at your entire infrastructure in a totally different manner, which will hopefully help you detect and react better to intrusion attempts.

Of course, to defend against a hacker, you have to think like a hacker, and this course shows you how to do some basic “hacking”. This all culminates in the day 6 capture the flag hacking challenge. The goal of this challenge is to compromise 4 machines, grabbing 4 different files (or flags) and putting that information together to solve a final challenge. The class all did extremely well in this challenge with the bulk of students obtaining 3 of the 4 flags.

A full overview of the course is available here

I personally cannot recommend SANS courses highly enough. I have obtained many security certifications during my career, and the SANS/GIAC certs are by far the most useful and practical certs out there!

A quick heads up .. SANS are coming to Sydney on the 9-14th of November. If you can get along, I strongly recommend you do so. More info can be found at http://www.sans.org/sydney09/

NEWS JUST IN

SANS Canberra 2009 is coming up soon on 29 June – 4 July. The deadline
to receive a $350 tuition fee discount is 20 May. 2009. So don’t delay
- to get the best savings, start making your training and travel plans
now! (http://www.sans.org/info/41308)

First things first – make your course selection from the following top
SANS courses:

– SEC401: SANS Security Essentials Bootcamp Style – Mark Hofman
– SEC504: Hacker Techniques, Exploits & Incident Handling – John Strand
– SEC560: Network Penetration Testing and Ethical Hacking – Bryce Galbraith
– SEC508: Systems Forensics, Investigation & Response – Rob Lee

Complete course descriptions can be found by clicking on the links at

http://www.sans.org/info/41313.

Classes will be held at the National Convention Centre. This
contemporary facility places you close to accommodations as well as
stylish restaurants, trendy cafes, boutique shopping, and entertainment.
See our Web site for links to assist in finding accommodations.
(http://www.sans.org/info/41318)

Don’t miss the following evening events, the additional content that
makes SANS such a great value for your security training:

– SANS Welcome – Mark Hofman
– GIAC Program Overview – John Strand
– Incorporating Advanced MitM Attacks in Your Penetration Testing
Regimen — Bryce Galbraith
– Production Honeypots – John Strand
– State of the Hack: The Chinese Threat – Rob Lee
– SOA and XML security – Mark Hofman

“Lots of valuable info was provided that will be very helpful &
applicable to my work environment.” – Ian Phan, Centrelink

“It is excellent seeing technical implementations of attacks that I
have studied theoretically!” – Julian Gutmanis, CSC

SANS is the most trusted source for information security training, so
why go anywhere else? Register today for SANS Canberra 2009 at
http://www.sans.org/info/41318. We’ll see you there!