IEEE NoVA Chapter

presented by


6:00p Food, networking, and socializing
7:00p Opening remarks
7:15p Technical presentation
8:15p Q & A session
8:30p Conclusion and remarks


Download the February 2004 presentation

ABSTRACT

Network Forensics - Hacker, you CANNOT Escape! Damage is done. Now how do we find the miscreant?

There are attacks on a continuous basis on your network. Are all these real and threaten your company/home? Would it be possible to look at every attack attempt? How do we sieve through the false and catch the real ones? How do we assess damage - files stolen etc.?

Did the attacker install backdoors? Did the blackhat chat with his buddies before/after the attack? How many were involved and from what part/s of the world? Was your machine just part of a bigger scheme?

Will discuss tracing methods, tools of the trade and how to watch out for common hacker attacks.

  • Introduction to Honeynet - An alliance to study hacker tactics. Helps analysts and security community at large.
  • Introduction to Network Traffic an analyst's viewpoint - Into a sleuth's mind and how he thinks. Think like a blackhat to counter one.
  • Capturing and Analyzing network traffic - common tools of the trade to help the analyst, some even have GUIs!
  • A case study from Honeynet - An actual hacker attack - what, when, how and possibly why.
  • Analyzing non standard protocols - TCP/IP is not the ONLY way to attack your enterprise. There are other inroads, what are they and how do we analyze them.
  • Common traffic patterns - Become an expert by understanding what to look for in your network traffic.

Will NOT cover law enforcement, legal recourses, profiling the perpetrator(s) etc. It is purely a technical discussion.

BIO

Mr. Raghu K. Dev is Paladion Networks US Head of Operations. He has been in the Telecommunications and IT sector for over 10 years.

Prior to Paladion Networks Raghu’s consulted at Nextel, C&W, Lucent Technologies and other telecom companies in Network Management, Disaster Recovery and Business Continue Planning (BCP). At Lucent Technologies he was the subject matter expert and architect of OSS disaster recovery solution to one of their major customers.

His recent focus areas are in Security and DR/BCP. Foraying into these areas with a strong support from Paladion research team he has been selected as the Speaker at Feb 2004 RSA conference on Network Forensics—On hacker's trail. Inducted into the advisory board of Institute for Infrastructure and Information Assurance at James Madison University.

Raghu's educational background - MS in EE and MS in Mathematics from University of New Orleans. IEEE member for 10 years.

Paladion Networks consultants in Information security. Service its clients in application, code security and full range of assessment areas. Research—vulnerability research and part of the Honeynet alliance (www.honeynet.org).

With a high concentration of CISSP's, GIAC, GHICs certified consultants under one roof, Paladion has become a market leader in India, Malaysia and most recently in Middle East. Paladion US branch focuses in security assessment and design services for banking, financial, insurance and telecommunications companies.