Why is it that the Hackers and Penetration Testers get to have all of the “sexy” fun? In this presentation we will cover some cool tricks to confuse, block or mislead attackers. Penetration testers may be angered during this presentation as we will describe how to make their lives difficult. The term “hacking back” will be used in the same sentence as “legally” and “naked”. The goal being to start a conversation on how to make defenses actually work and and provide a range of options to security professionals including annoyance, attribution, and getting shell on an attackers box.
Paul Asadoorian is currently the “Product Evangelist” for Tenable Network Security, where he showcases vulnerability scanning and management through blogs, podcasts and videos. Paul is also the founder of PaulDotCom, an organization centered around the award winning “PaulDotCom Security Weekly” podcast that brings listeners the latest in security news, vulnerabilities, research and interviews with the security industry’s finest. Paul has a background in penetration testing, intrusion detection, and is the co-author of “WRT54G Ultimate Hacking”, a book dedicated to hacking Linksys routers.
John Strand co-hosts PaulDotCom Security Weekly, the world’s largest computer security podcast. He also is also the owner of Black Hills Information Security, specializing in penetration testing and security architecture services. He is a Senior Instructor with the SANS Institute. He has presented for the FBI, NASA, the NSA, and at DefCon. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing and drinks Coors Light while carrying a stick and a marshmallow.