![Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference - Podcast](http://media.blackhat.com/bh-usa-05/bh-usa-05-itunes.jpg)
Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference
Past speeches and talks from the Black Hat Briefings computer security conferences.
The Black Hat Briefings USA 2005 was held July 27-28 in Las Vegas at Caesars Palace.
A post convention wrap up can be found at http://www.blackhat.com/html/bh-usa-05/bh-usa-05-index.html
Black Hat Briefings bring together a unique mix in security: the best minds from government agencies and global corporations with the underground's most respected hackers. These forums take place regularly in Las Vegas, Washington D.C., Amsterdam, and Tokyo
Video, audio and supporting materials from past conferences will be posted here, starting with the newest and working our way back to the oldest with new content added as available! Past speeches and talks from Black Hat in an iPod friendly .mp3 cbr 64k audio format.
If you want to get a better idea of the presentation materials go to http://www.blackhat.com/html/bh-media-archives/bh-multi-media-archives.html#USA-2005 and download them. Put up the .pdfs in one window while listening the talks in the other. Almost as good as being there!
- Update frequency
- every day
- Average duration
- 50 minutes
- Episodes
- 61
- Years Active
- 2006
Arian J. Evans and Daniel Thompson: Building Self-Defending Web Applications: Secrets of Session Hacking and Protecting Software Sessions
Web applications are constantly under attack, and must defend themselves. Sadly, today, most cannot.
There are several key elements to building self-defending software but only a few are focused on …
00:21:51 |
Sun 04 Jun 2006
Yuan Fan: Advance SQL Injection Detection by Join Force of Database Auditing and Anomaly Intrusion Detection
This topic will present the proposal/idea/work from the author's master graduate project about effective detection of SQL Injection exploits while lowering the number of false positives. It gives det…
00:20:01 |
Sun 04 Jun 2006
Bryan Cunningham and C. Forrest Morgan: U.S National Security, Individual and Corporate Information Security, and Information Security Providers
This presentation, by a former Deputy Legal Adviser to the White House National Security Council, and author of a chapter on legal issues in the forthcoming "Case Studies for Implementing the NSA IEM…
01:30:10 |
Sun 04 Jun 2006
Himanshu Dwivedi: iSCSI Security (Insecure SCSI)
Himanshu Dwivedi's presentation will discuss the severe security issues that exist in the default implementations of iSCSI storage networks/products. The presentation will cover iSCSI storage as it p…
01:11:48 |
Sun 04 Jun 2006
Greg Conti: Beyond Ethereal: Crafting A Tivo for Security Datastreams
Ethereal is a thing of beauty, but ultimately you are constrained to a tiny window of 30-40 packets that is insufficient when dealing with network datasets that could be on the order of millions of p…
01:10:19 |
Sun 04 Jun 2006
Tyler Close: Shatter-proofing Windows
The Shatter attack uses the Windows API to subvert processes running with greater privilege than the attack code. The author of the Shatter code has made strong claims about the difficulty of fixing …
00:26:16 |
Sun 04 Jun 2006
Ian Clarke and Oskar Sandberg: Routing in the Dark: Scalable Searches in Dark P2P Networks.
It has become apparent that the greatest threat toward the survival of peer to peer, and especially file sharing, networks is the openness of the peers themselves towards strangers. So called "darkne…
01:00:44 |
Sun 04 Jun 2006
Robert W. Clark: Legal Aspects of Computer Network Defense-A Government Perspective and A Year in Review Important Precedents in Computer and Internet Security Law 2004 - 2005
This presentation looks at computer network defense and the legal cases of the last year that affect internet and computer security. This presentation clearly and simply explains (in non-legal terms)…
01:15:00 |
Sun 04 Jun 2006
Jim Christy: The Defense Cyber Crime Center
This talk will cover the Defense Cyber Crime Center (DC3), our mission and capabilities. The DC3 is one-stop shopping for cyber crime related support. We have approximately 160 people assigned in 3 m…
01:04:02 |
Sun 04 Jun 2006
Tzi-cker Chiueh: Checking Array Bound Violation Using Segmentation Hardware
The ability to check memory references against their associated array/buffer bounds helps programmers to detect programming errors involving address overruns early on and thus avoid many difficult bu…
01:02:08 |
Sun 04 Jun 2006
Cesar Cerrudo:Demystifying MS SQL Server and Oracle Database Server Security
Databases are where your most valuable data rest, when you use a database server you implicitly trust the vendor, because you think you bought a good and secure product. This presentation will compar…
00:21:09 |
Sun 04 Jun 2006
Kevin Cardwell:Toolkits: All-in-One Approach to Security
This talk will be on using toolkits for your pen-testing, vulnerability assessment etc. Configuring a plethora of the different tools out there can be quite time consuming, and challenging. The focus…
00:23:40 |
Sun 04 Jun 2006
Adam Boileau: Trust Transience: Post Intrusion SSH Hijacking
Trust Transience: Post Intrusion SSH Hijacking explores the issues of transient trust relationships between hosts, and how to exploit them. Applying technique from anti-forensics, linux VXers, and so…
00:59:32 |
Sun 04 Jun 2006
Bruce Potter and Beetle: Rogue Squadron: Evil Twins, 802.11intel, Radical RADIUS, and Wireless Weaponry for Windows
At DefCon 11, a rogue access point setup utility named "Airsnarf" was presented by the Shmoo Group. Two years later, "Evil Twin" access points have made it to Slashdot and news.google.com. Who would …
01:00:06 |
Sun 04 Jun 2006
Renaud Bidou: A Dirty BlackMail DoS Story
This is a real story of modern extortion in a cyberworld. Bots have replaced dynamite and you don't buy "protection" to prevent your shop from going in flames; you buy "consulting" to prevent your IT…
00:16:16 |
Sun 04 Jun 2006
Darrin Barrall:Shakespearean Shellcode
This discussion will cover the theoretical background of using ordinary, readable text to conceal an exploit payload's true content, ending with a practical application of the discussed technique. En…
00:16:10 |
Sun 04 Jun 2006
Darrin Barrall and David Dewey: Plug and Root, the USB Key to the Kingdom
USB peripheral devices are made by reputable manufacturers and will not misbehave by attacking the host system's operating system. This device is not one of those. This discussion will cover the crea…
00:31:51 |
Sun 04 Jun 2006
Ofir Arkin: A New Hybrid Approach for Infrastructure Discovery, Monitoring and Control
An enterprise IT infrastructure is a complex and a dynamic environment that is generally described as a black hole by its IT managers. The knowledge about an enterprise network's layout (topology), r…
01:12:04 |
Sun 04 Jun 2006
Panel: The Future of Personal Information
In the last year, there have been 45 security incidents compromising the personal information of 9.3 million individuals. What can we do given our current situation? How are we going to successfully …
01:13:46 |
Sun 04 Jun 2006
Akshay Aggarwal: Rapid Threat Modeling
One of the most important weapons in our arsenal for securing applications is threat modeling. Applications are becoming increasingly complex and new technologies are emerging constantly. In this sce…
00:25:35 |
Sun 04 Jun 2006
Disclaimer: The podcast and artwork embedded on this page are the property of Black Hat / CMP. This content is not affiliated with or endorsed by eachpod.com.