Security By Candlelight #7: Seven Layers of Insecurity

The first episode of season three:

This will be mainly a "get to know each other" meeting and as a sort of "kick off" a short presentation will be given which is based on a two day workshop. We will give an overview of the areas of computer and network security.

The presentations are online and under Creative Commons License:

Module 1: Security Essentials
Chapter 1-1: Motivation of Adversaries
Chapter 1-2: Cybercrime
Chapter 1-3: All About Your Network
Module 2: Network Reconnaissance
Chapter 2-1: Fingerprinting
Module 3: Hardware Hacking:
Chapter 3-1: Hardware Hacks
Module 4: Data Layer
Chapter 4-1: Data Link Layer
Module 5: Network and Transport Layer
Chapter 5-1: TCP/IP
Chapter 5-2: Routing
Chapter 5-3: VPN
Module 6: Applications
Chapter 6-1: DNS
Chapter 6-2: SMTP
Chapter 6-3: FTP and HTTP
Chapter 6-4: Filesystems

Retrospect

The participation exceeded our expectations, the "Library" was quite full and the discussion was more that I hoped for. We had guests from the hacking community, some state organizations and companies as well as security interested people.

We had a free discussion, supported by the first chapters of the "Seven Layers" presentation covering mainly security standards and the different types of adversaries. First we gave a rough overview over the field of information security, mentioning the most important standards int this field: BS7799, ISO17799, ISO27000 Series, PCIDSS, SAS70 and some more. Then we discussed different flavors of hackers, cybercrime, spam and botnets and industrial espionage and their impact on information security.

Thanks to all who participated and shared! And there will be cookies again, promised!