Bellua Cyber Security Asia 2005 Speakers

Fourty four Speakers from Asia, Europe and the Americas joined Bellua Cyber Security Asia 2005 to discuss present and future information security issues through an intensive series of workshops, presentations, demonstrations and technical sessions.

If you are looking for the proceedings, you may download them from the BCS Asia 2005 Archive.

The Keynote Speakers:

The Business Track:

The Technical Track:

Panel Discussion: Cyber Crime & Cyber Law

Panel Discussion: Building a Safe Internet

Panel Discussion: The Security and Hacking Community

Panel Discussion: Honeypot & Honeynet

Nota Bene: BCS Asia 2005 Call for Papers & is now close.

Business Track

Iwan Atmawidjaja & Peter McNally (Indonesia & Australia)

Business Continuity Management - Asia Pacific Perspective

Many organisations are developing or have implemented business continuity plans, many are not. Peter McNally and Iwan Atmawidjaja from KPMG's Information Risk Management practice will discuss the current needs and drivers for business continuity, focusing on corporate governance and regulatory requirements.

They will contrast this need with the results of a recent KPMG survey on the status of Business Continuity Management in the Asia Pacific region including Indonesia. The survey involving 249 organisations on the current and future state of security and business continuity in the region.

Iwan Atmawidjaja is the Information Risk Management practice leader in KPMG Indonesia. Iwan has more than 12 years experience in the industry and he is a CISSP, CISA and CIA. In addition, Iwan is one of the founder of Information Systems Security Association (ISSA) Indonesia Chapter and the vice president and membership director of Information Systems Audit and Control Association (ISACA) Indonesia Chapter.

Peter McNally is the KPMG Asia Pacific Leader for Security, Privacy and Continuity service line. He has over 30 years experience in the industry and recently assisted a major manufacturer with security and privacy compliance needs at over 100 global locations.

Presentation Deck (PDF)

Fabrice Marie (France)

Hacking Internet Banking Applications

Internet Banking has become a commodity. There are usually two types of internet banking applications offered by banks: corporate banking applications and personal banking applications. If you thought they were secure, think again.. Although both are insecure until they have been thoroughly audited (and sometimes even after!), it is more interesting for an attacker to steal money from a rich company rather than from an individual..

This presentation will detail the various attacks that always work (and those that almost never work), on your "bank-next-door" internet banking application.

We will go through the regular technical attacks and will focus on a hit parade of business logic attacks. We will steal money from other customers, buy shares for free, and spy on other customers bank records among many other frauds.

Scared ? This presentation will be an eye opener for any manager wishing to purchase a 3rd party web application.

Fabrice Marie is a senior security consultant working for one of the Big 4 and is based in Singapore.

Developer by trade for many years, he has been involved in the information security fields for over 6 years. His interests are in cryptography, secure programming, open source and firewalling techniques. For the last two years he has been breaking mostly bank and telco web applications in the region, as well as performing penetration tests for them.

Fetri Miftach, PhD (Indonesia)

Building Security into Treasury Systems using BS7799 from Planning to Action

Fetri Miftach is a Principal Consultant at M-Sistems.

Fetri has a deep understanding of security methodology for the banking and telecommunication industry in Indonesia since 1999 and provided services to Ministry of Finance, Bank of Indonesia, Bank Mandiri, Telkomsel, Ratelindo, Merpati Airlines and many others.

Expert in business process analysis from an information security perspective, risk assessment analysis, analysis and policy development that fit to specific industry need, educational and socialization, forensic analysis, including making technical report used to support an intrusion case in a court of law. Fetri has an extensive background in Real Time System technology, especially in the aerospace, banking and telecommunication industry.

Fetri Miftach is a resident speaker at Bank of Indonesia where he provides regular workshops and seminars on Basel II, Risk Management, Information Security awareness, BS7799/ISO17799, etc.

Fetri's also one of the first IRCA registered BS7799 ISMS Provisional Auditor in Indonesia.

Jagdeep Kairon (Malaysia)

Enterprise Security Demystified

One of the most important business issues today is protecting critical information assets. There are a plethora of Security Controls available in the market to protect these assets. These controls are very well designed and equipped to fulfill the technical needs of organizations. However the dilemma lies in deciding which of these controls you want to select, implement and manage. Statistics and news headlines have revealed that despite the best technological advances, security breaches have occurred. Incidents can happen anyhow- Firewalls can be bypassed and even the strongest password can be cracked. However, the incidents occurred not because technology failed to deliver but because of human failure. For instance, the front desk/help staff can be so easily cajoled / fooled to reveal information.

The strength of a chain is determined by its weakest link. And the weakest link in security is the human element. A security programme is effective only if every individual in his/her respective capacity is security conscious and implements the information security policies of the organization. The way to go is to have a comprehensive security policy in place and adequate training and awareness amongst users. Jagdeep Kairon is Founder and CEO of Network Security Solutions.

Jagdeep is a seasoned technology executive with over 18 years of experience in the security field. His personal skills include Digital Forensics and Information Security policy formulation. Jagdeep was an advisor to the Government of India on Information security as well as a member of the inter - ministerial committee on Cyber Security.

He is a member of the Association of Certified Fraud Examiners and ASIS International as well as a number of knowledge forums in information security. Jagdeep was the key note speaker at several international forums in Malaysia, India, USA, Dubai, Singapore and Hong Kong. He is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manager(CISM) and a Certified Fraud Examiner (CFE).

A former Paratrooper from the Military Special Forces of the Indian Army Jagdeep is directly responsible for the growth and strategic direction of the company. c

Philip Victor (Malaysia)

Converging Security Awareness into the Organisation's Culture

CT Security is on the rise and organizations are threatened with more dangerous attacks. Organisations today are losing million of dollars due to these attacks and need to be more pro-active in dealing with them. This presentation will look into creating a cross-culture in the organization to include education and awareness in ICT Security as an integral part of facing these threats.

This presentation will also share NISER's role in Malaysia in realizing this importance of creating and outreaching to organizations to help promote and deploy ICT Security Awareness.

Philip Victor is the head the Training & Outreach Unit at NISER, the National ICT Security and Emergency Response Centre in Malaysia.

He is actively involved in promoting ICT Security Awareness to organizations and the general public. He has presented and conducted various ICT Security Awareness programs for many organizations and also for the general public at the PIKOM (Association of the Computer & Multimedia Industry of Malaysia) Computer Fairs. Some of his presentations include topics on Security Policy, Incident Response & Handling, Spam and Security Best Practices. He has presented papers locally and internationally and also has published a paper in an IT Journal. He has also worked with International agencies and bodies to conduct ICT Security related courses for Malaysian organizations. His accomplishment includes working with the US State Dept to successfully organize and conduct a 2-day Executive Seminar on Cyber Terrorism and a 10-day course on Protecting Digital Infrastructure.

Roberto Preatoni & Fabio Ghioni (Italy)

Cyber Terrorism and Cyber War: The Truth, The Myths, The Facts and The Forecasts

This presentation will detail what is cyberterrorism beside the common understanding. Roberto will give Practical examples and describe the role of the technology in the asymmetric warfare, the use of the cyberterror and the Cyberfighter's digital tools today and tomorrow

Digital army today: a "hands on" experience directly from the second Gulf War. Strenghts and weaknesses of the digital systems employed by US Army in the desert run. A brief description of the US army digital resource locator system (Blue ForceTracker) and the Intelligence Distribution System employed on the field: their role in the 2nd Gulf War,their technical failures , their critical points, and their possible exploiting from a digital aware enemy.

The importance of filtering information in the intelligence process: Where US Army failed in the 2nd Gulf War. How the US Army got hit by the enemy and how the US Army could have suffered much serious damages if the enemy was aware about its strong digital ties.

Digital army tomorrow - the Future Combat System (FCS): role of the Warfighter Information Network-Tactical system in tomorrow's strategies and the role of the asymmetric conflict in defying it.

Roberto Preatoni is the CEO of an International ITsec company, Domina Security which is active in European and former soviet countries.

Roberto, also know as Sys64738, 37, is the founder of the defacement/cybercrime archive Zone-H. He has been globetrotting, lecturing in several ITsec security conferences, including Defcon in the US. He has been interviewed by several print and online newspapers where he shares his experiences relating to cyberwar and cybercrimes.

David Steeves (Canada)

Securing Online Transactions

Securing Online Transactions The ever increasing desire to use the web for Online Banking, Trading and E-Commerce is generally countered with a fear of technology and its inherent insecurity.

By first defining the problem space that plagues "Online Transactions" and then identifying weaknesses, we can begin to find a solution. If the solution is designed by mitigating the threats of "Online Transactions", it will become more widely trusted.

To solve this problem and have it accepted by users, "Online Transaction" implementations need to be both highly usable and highly secure.Â

The goal of this talk is to present an idea which would allow secure online transactions to take place on an untrusted computer, over an untrusted internet.

David Steeves is a Security Software Engineer in Microsoft's Emerging Security Technologies Group working to increase security of it's customers.

Whether through working to improve current products' protection offerings, working with the industry to truly understand the security problem/solution space (present/future) or pushing security education to his peers.

John Howie (United States)

Compliance Management: is Patch Management Dead?

Patch Management is not part of ISO 17799, Compliance Management is. Fundamentally patch management is not a security process, it is part of the Change Control process which is an operations function, but which has security implications. Compliance Management is a security process that can be used to measure and enforce patch management as part of a larger program to define, measure and enforce compliance with internal policies and defined secure configuration baselines.

This session introduces the delegate to the Compliance Management process and demonstrates how it can drive effective patch management. It also demonstrates how an effective Compliance Management process can assist enterprises with meeting the increasing burden of Regulatory Compliance.

John Howie is Microsoft's Security Center of Excellence's Practice Manager in Redmond, United States.

He leads a team of consultants world-wide that assist customers with implementing and maintaining effective information security. Mr. Howie has had an extensive career in Information Security. Prior to joining Microsoft Mr. Howie ran a consulting company based in the US, was a Manager with Deloitte & Touche's eCenter practice, was a Security Architect and a VP of Product Development and Security in two dot-coms, and co-authored a course on Windows Security before joining Learning Tree International as a Product Manager for their Windows Systems, Security, and Networking training courses.

Emmanuel Gadaix (France - Thailand)

Carrier-grade security: A primer for telecommunications operators

"Telecommunications operators are at a crossroad. After enjoying decades of steady growth in a protected sector, they now face increasingly aggressive competition from smaller players due to the deregulation wave. On the technological front, they must find answers to the threat of mobile data services such as Wi-Fi and telephony alternatives based on VoIP protocols. For the first time since they were created, they must also take the security threat seriously, as opposed to the proverbial lip service they were content with until now.

This presentation will present the evolution of the security threats facing telecommunications operators, and what they must do about it."

Emmanuel Gadaix leads Telecom Security Task Force in Thailand.

Emmanuel has been involved in the information security and telecommunications fields for over 12 years. Originally from Western Europe, Emmanuel has been living in Southeast-Asia since 1993. After few years spent at Nokia commissioning mobile networks' NMS and IN systems, he started his own security consulting company in 1997, which eventually got acquired by Trusecure in 2001.

Emmanuel focuses on the emerging threats facing the telecommunications industry today. He founded the Telecom security Task Force (TSTF) to provide clients with specialized security services for their GSM/GPRS/UMTS/SS7/VoIP/IMS networks.

He is a CISSP, a Certified ISO-8583 Financial Transaction Protocol Engineer and a Certified Oracle DBA.

Phil Leifermann (Australia)

Enterprise Security Management

As organizations become more dependent upon the information systems that support their business critical functions, management faces the challenge of ensuring the confidentiality, integrity and availability of these information systems, as well as protecting the related technology infrastructure.

Due to the increasingly more complex and demanding requirements and expectations of management, the approaches, techniques and tools for ensuring the confidentiality, integrity and availability of these information systems are constantly changing. Therefore, management should focus on enterprise security management.

Phil Leifermann is the President Director of Insight Consulting in Indonesia.

Insight Consulting was established 4 years ago, and specializes in providing enterprise security management tools and consulting services. In relation to enterprise security management tools, Insight Consulting represents NetIQ in Indonesia, a US-listed company that delivers business-critical solutions to analyze and optimize the performance, availability and security of IT infrastructures. Prior to establishing Insight Consulting, Phil was a Director in the technology risk management solutions group of PricewaterhouseCoopers for nearly 15 years in Australia and Indonesia. In addition, Phil is the President of Information Systems Security Association (ISSA) Indonesia Chapter and a board member of Information Systems Audit and Control Association (ISACA) Indonesia Chapter.

Jim Geovedi (Indonesia)

Day to Day Security for Business Managers, Users and SMEs

This session will introduce delegates to the numerous security threats they are facing daily such as targeted hacking, worms, viruses, Trojan horses, spam and spy-ware. Practical security know-how will be given to protect their business environment, laptop or desktop from such threats using spam filters, personal firewall software, back-ups of important personal files, email encryption tools, tunneling, etc. This session will also provide simple to use advise on how to select quality passwords and keep them confidential.

Social engineering attacks will be described in full to provide the participants with sufficient background and awareness in recognizing potential risks and attacks during normal everyday business activities.

Jim Geovedi works as an Information Security consultant at PT Bellua Asia Pacific in Indonesia.

He's also a contributor to the OpenBSD and FreeBSD projects and an active member of HERT, the Hacker Emergency Response Team. He has been securing computer and network systems for over six years. Jim has been involved with network and system auditing, vulnerability assessment, security architecture, and corporate policy writing.

He has spoken extensively on computer security in numerous conferences, seminars, and workshops. Along with Fetri, Jim's also one of the first IRCA registered BS7799 ISMS Provisional Auditor in Indonesia.

Dave McKay (Italy / USA)

Social Engineering Fundamentals

"You might say there are two specialties within the job classification of con artist. Somebody who swindles and cheats people out of their money belongs to one sub-specialty, the grifter. Somebody who uses deception, influence, and persuasion against businesses, usually targeting their information, belongs to the other sub-specialty, the social engineer." -Kevin Mitnik

In today's world confidence scams present quite possibly the highest threat to security with in the business world. Control of information, withholding and leaking, can lead to massive failures and losses depending on how skilled the attacker may be.

In combination with disinformation and propaganda, social engineering can as fatal as or even lead to loss of customer and shareholder confidence.

Dave McKay is an independent security consultant.

McKay has been involved in the information security field for going on 9 years. McKay's prior employment includes an impressive list of companies where he served in a security capacity including, Hotmail, Google, Microsoft, US Department of Defense and @stake (now Symantec).

McKay is now in Rome writing a book.

John Grygorcewicz (Australia)

The Importance of Security in Business Processes

The best security systems and strongest access controls can be rendered useless if the business processes that support and surround those areas and the people executing those processes allow breaches to occur. Organizations are realizing that process vulnerability must be rapidly addresses.

Today more than ever organizations are relying on business processes for agility and competitive advantage. The need for speed sometimes leaves process open to less than optimum review and testing scenarios prior to release into a production environment.

This presentation will give a framework for ensuring that developed processes are robust and importantly adaptable to the ever changing business environment.

John Grygorcewicz - Bispro Consulting.

John Grygorcewicz has over 25 years of process and systems consulting experience. He has over 13 years of experience with Ernst & Young, 9 years in Indonesia.

Until recently he was a Principal with the Indonesia Ernst & Young practice heading up their systems and process group within the Business Risk Services area.

He has provided advice to some of Australia's and Indonesia's largest and most respected organizations.

Technical Track

Onno Purbo (Indonesia)

Internet for Everyone

Most people in the Internet community will know Onno Purbo. He has achieved many milestones from the moment he started using Data Packet Radio in the 1980's up to todays broadband wireless network. His work has always been the referenced of many writings about the development of the Internet, globally and locally. Often being called as the "Internet Minister" because of his large unselfish contributions to the Internet. The Computer Network Research Group he founded in ITB is his commitment to pair academic research with implemental technology for the masses.

Mr. Onno annual paper on the Indonesian Internet can be found in many foreign publications, and he is constantly traveling around the world giving out workshops on wireless data infrastructure and his well-known "internet for everyone" concept.

Don Bailey "north" (United States)

Once a Thief, Kernel rootkit

The Once a Thief kernel rootkit design proves how hack-back attacks and forensics can be misdirected and deceived even in innovative networks. By abstracting the rootkit to a virtual overlay network set on top of each compromised node, practically untraceable routes can be created to traffick compromised data or facilitate further attacks. Once a Thief lays out an architecture that is driven by the Faith Virtual Machine. The FaithVM allows pseudocode to be written once and ran on every Once a Thief node, allowing an attacker to more easily control multiple drone nodes.

This design allows flexibility for the attacker that needs the assurance of protection fromsnooping network administrators and companies or governments implementing hack-back attacks to determine origin.

Don Bailey has researched operating system and architecture theory with a focus on security for the past 5 years.

The Grugq (United Kingdom)

Digital Forensics and the Art of Anti-Forensics

The rise in prominence of incident response and digital forensic analysis has prompted a reaction from the underground community. Increasingly, attacks against forensic tools and methodologies are being used in the wild to hamper investigations. This talk will: familiarize the audience with Unix file system structures; examine the forensic tools commonly used, and explore the theories behind file system anti-forensic attacks. In addition, several implementations of new anti-forensic techniques will be released during the talk. Anti-forensics has cost the speaker one job.

This material has never been presented in the North American continent because anti-forensics scares the feds. Find out why...

The Grugq has been researching anti-forensics for almost 5 years.

He has presented to the UK's largest forensic practitioner group where he scared Scotland Yard.

Grugq has worked to secure the networks and hosts of global corporations, and he's also worked for security consulting companies. His work as a security consultant was cut short temporarily following the publication of an article on anti-forensics. Currently, he slaves for a start-up, designing and writing IPS software.

Fyodor Yarochkin & Meder Kydyraliev (Kyrgyzstan)

Advanced Intrusion Data Normalisation and Correlation Techniques: Fuzzy Way

Meder and Fyodor will present their implementation of intrusion data normalization and pluggable correlation engine. The implementation is based on Prelude IDS framework and will demonstrate a few non-standard approaches in intrusion data analysis and proccessing methods.

No obscure mathematical concepts, but rather a few practical solutions.

Fyodor Yarochkin is a security hobbyist and happy programmer with a few years spent in business objectives and the "security" service delivery field. These years, however, weren't completely wasted - Fyodor has been contributing his spare time to a few open and closed source projects, that attracted limited use among non-business oriented computer society. He has a background of system administration and programming and holds Engineering degree in Software Engineering.

Meder Kydyraliev has been involved has been involved in research and development of Xprobe2 active OS fingerprinting tool.

Some of his personal interests include: network reconnaissance and information gathering techniques, applications of distributed computing in information security tools. His senior project was titled "Multi-threaded, distributed platform for information security tools".

Meder has obtained his bachelor of science degree in software engineering from AUK/Kyrgyzstan and is at early stage of getting to know what real security industry is.

S.K. Chong (Malaysia)

Windows Local Kernel Exploitation

This presentation will highlight mechanisms to exploit the Windows Kernel for useful local privilege escalation. Unlike "Shatter Attack" which is usually only useful if an attacker has physical access of the computer, Kernel exploitation will escalate the attacker to the highest level of the kernel itself without any restrictions.

The presentation will include usage of undocumented APIs, memory corruption in device drivers, kernel shellcode as well as other relevant tricks to find and exploit the Windows kernel-land for a successful privilege escalation.

S.K. Chong is co-founder and (in)security consultant of SCAN Associates in Malaysia.

Hacking is part of his job. He wrote security whitepapers about SQL injection, buffer overflow and shellcode, including one that published in Phrack Magazine #62.

His findings were presented in Blackhat Asia 2003, RuxC0n04, XCon 2005, HITB 2004 and SyScAN'04.

Cesar Cerrudo (Argentina)

Windows IPC Exploitation

This presentation will show some internal Windows mechanims that still have flaws and that could be used as new explotation/attack vectors. Basically the presentation will cover some Windows IPC (Inter Process Communication) mechanisms that have been weakly designed or implemented.

During the presentation methods and tools for helping in exploiting and detecting these new flaws will be showed.

Cesar Cerrudo works for Application Security, Inc.

Cesar is a security researcher specialized in application security. Regarded as a leading application security researcher, Cesar is credited with discovering and helping fix dozens of vulnerabilities in applications including Microsoft SQL Server, Oracle database server, Microsoft BizTalk Server, Microsoft Commerce Server, Microsoft Windows, and Yahoo! Messenger, etc.

Cesar has authored several white papers on database and application security and has been invited to present at a variety of companies and conferences including Microsoft and Black Hat.

Anton Boshakov (Kyrgyzstan)

Distributed Denial of Service Warfare

Anton Bolshakov is a senior IT security consultant with 7 years of experience in the security field. For the last 5 years he has been auditing networks, penetrating servers and applications of biggest banks, ISPs and government organizations over the Asia Pacific region. He has a background of system administration and programming and hold Engineering (master) Degree in Software Engineering.

One of his hobby is to hunt dissect and reverse engineering other people's poor code, traps, viruses or spyware.

Valens Riyadi (Indonesia)

IT Emergency Mobile Unit

Marc Schonefeld (Germany)

Java & Secure Programming

Marc Schonefeld is an external PhD student at the University of Bamberg in Germany. His research covers the analysis of interdependencies between programming flaws (antipatterns) and vulnerabilities in software. By developing a framework for flaw detection he found a range of serious bugs in current java runtime environments (JDK) and other java based applications and middleware systems(like Jboss, Cloudscape database, ...). Some of his findings led to the publication of a number of advisories by Sun Microsystems. In 2004 he presented at DIMVA and D-A-CH conferences and was speaker at Blackhat and RSA in 2003. Also in 2004 he was finalist for the European Information Security Award which was granted to IBM labs Zurich :-( ] for his work on java based security antipatterns.

Himanshu Dwivedi (USA)

Attacking and Protecting Storage Area Networks

Himanshu Dwivedi's presentation will discuss storage security as it pertains to Fibre Channel SANs, IP NAS devices, and iSCSI SANs. The presentation describes current weaknesses, potential future problems, attacks/threats, and short-term/long-term solutions.

The presentation will be a combination of detail technical discussion of security exposures and will continue to discuss tactical best practices.

The technical discussion will focus on current attacks, future attacks, and protocol weakness that expose storage products and storage networks.

Furthermore, high-level best practices will also be discussed as it pertains to storage solutions, device configurations, and architectural designs.

Himanshu Dwivedi is a Principal Partner and iSEC Partners, LLC.

Himanshu focuses research on storage technology, including Network Attached Storage (NAS) and Storage Area Networks (SAN). Himanshu is considered an industry expert in the area of SAN security, specifically Fibre Channel Security and iSCSI. Himanshu has given numerous presentations and workshops regarding the security in SANs, including the SNIA Security Summit, BlackHat Security Conference, and Storage Networking.

Himanshu currently has a patent pending on a storage design architecture that he co-developed with other @stake professionals (U.S. Patent Serial No. 10/198,728). Additionally, Himanshu has written two published books and has written a storage security chapter on a third. The book titles include The Complete Storage Reference - Chapter 25 (McGraw-Hill/Osborne), Storage Security Handbook (Neoscale Publishing), and Implementing SSH: Strategies for Optimizing the Secure Shell (Wiley Publishing).

Furthermore, Himanshu has also published two white papers. The first white paper Himanshu wrote is titled "Storage Security" and "Securing Intellectual Property" .

Shreeraj Shah (India)

Web Application Kung-Fu, The Art of Defense

Web application attacks are growing at rapid rate in last 5 years. Many innovative ways of breaking system have come into existence. Web Applications are even more vulnerable since they cannot be protected by Firewalls and become easy prey for attackers. Next generation web application attacks have arrived and are here to stay. These attacks are targeted towards vulnerable and poorly written web applications. Web application defense strategies require secure coding at application level, knowing your application and protecting them by human intelligence. Knowing your application can lead to profiling your web assets in logical way. Profiling web assets provides better picture of various possible attacks set. Knowing entire attack set greatly helps in designing and implementing defense strategies.

This presentation will cover attacks in depth with live demonstration and tools. Several new techniques of defense will be exposed to audience as part of "Art of defense"

Shreeraj Shah founded Net-Square in January 2000, to establish the company as a strong security research and security software development company.

He leads research and development arm of Net Square. He has over 7 years of experience with system security architecture, system administration, network architecture, web application development, security consulting and has performed network penetration testing and application evaluation exercises for many significant companies in the IT arena. In the past Shreeraj worked with Foundstone, Chase Bank and IBM in area of web security. Shreeraj graduated from Marist College with a Masters in Computer Science, and has a strong research background in computer networking, application development, and object-oriented programming. He received his graduate degree in Computer Engineering from Gujarat University, and an MBA from Nirma Institute of Management, India.

Shreeraj has also authored a book titled "Web Hacking: Attacks and Defense" published by Addison Wesley. Shreeraj spoke at conferences like HackInTheBox, RSA, Blackhat...

Ryan McBride (Canada)

Robust Firewalls with OpenBSD and PF

This talk discusses the design philosophy and strengths of OpenBSD's packet filter, PF, as well as things that it doesn't do.

It provides an overview of PF's extensive features and how they can be used in concert to solve some specific problem sets: denial of service attack mitigation, firewall redundancy/failover, and load balancing.

Ryan McBride is an Information Security Consultant and OpenBSD Hacker.

Ryan has 10 years of experience wearing a suit in the Information Systems industry. Over this period, he has worked with public, private, and non-profit organisations ranging in size from small office to "Fortune 50".

His experience includes Security Policy development, Software Development, VPN design and deployment, firewall configuration, and IDS deployment and monitoring.

When not wearing a suit, Ryan amuses himself by working on OpenBSD's networking code.

Charl Van Der Walt (South Africa)

Assessing Server Security - State of the Art

Over 70% of all the open ports on the Internet are web servers. In order to effectively evaluate an organization's Internet security posture we must be able to effectively assess web server security.

This talk takes a comprehensive look at the question of assessing web server security over the Internet. During the talk we consider the progress that has been made in web server security over the last few years, and the progress that has been made in attacking web servers over the same time.

We visit the new vulnerabilities introduced by web applications and discuss the thinking applied to discover such vulnerabilities. Finally, we describe the state of the art of web server scanning technology.

Charl van der Walt is a founder member of SensePost.

He studied Computer Science at UNISA, Mathematics at the University of Heidelberg in Germany and has a Diploma in Information Security from the Rand Afrikaans University. He is an accredited BS7799 Lead Auditor with the British Institute of Standards in London. Charl has a number of years experience in Information Security and has been involved in a number of prestigious security projects in Africa, Asia and Europe.

He is a regular speaker at seminars and conferences nationwide and is regularly published on internationally recognized forums like SecurityFocus.

Panel Discussion: Honeypot & Honeynets

Kamal Hilmi Othman (Malaysia)

Honeypot and Internet Background Noise

Kamal Hilmi Othman is currently a principal systems engineer at Defenxis in Malaysia. Throughout his career he has involved with CERT operation, auditing and consultancy. Nowadays he works in the areas of perimeter defense, detection and intrusion analysis.

He was previously a lecturer at a local college; however, he now prefers to sit in as guest speaker for information security classes at local Universities. His talk was heard at CanSecWest04, USENIX04 and HITB04 beside many other local events. He is also an active member of the HITB Conference Organizing Committee.

Marek Bialoglowy (Poland)

Deploying Custom Honeypot to catch Insider Hackers

Marek Bialoglowy is an Independant IS Security Consultant.

During his remarkable employment history, Marek received references from major companies and government institutions. He has worked on a number of challenging security projects of critical importance. Marek likes to face organisational and technical challenges and often comes up with very innovative methodologies and solutions.

Marek Bialoglowy has discovered several vulnerabilities, which appeared on the SANS TOP 20 Critical Vulnerabilities list, including one of the first critical vulnerabilities affecting Windows Server 2003

Marek is a Certified (IRCA) BS7799 ISMS Provisional Auditor.

Panel Discussion: Security and Hacking Community

"Skyper" Ralf Kaiser (Unknown)

Phrack Magazine

Phrack is a Hacker magazine by the community, for the community. The first issue of Phrack was published on 17th November 1985. It is made available to the public, as often as possible, free of charge. New issues are announced in various forums and are made available on the website.

"...those who know us know what we do, others do not have to...."

Skyper is the Editor in Chief of Phrack Magazine.

Skyper is also the maintainer of the segfault.net projects. His interests are network and cryptography. He provides infrastructure and support for talented research groups.

Ariesto Kosasih (Indonesia)

NSFocus & XFocus

Ariesto Kosasih, the founder of SecuRXcess

"Toto" has been involved in the Information Technology field for 11 years where he focused on network security in the last 4 years. He spent 3 years in NSFocus, the oldest IT Security Company in China that contributed numerous vulnerability findings for big vendors such as Microsoft.

Ariesto's prior projects involved in deep security assessment and hardening for large enterprises such as China Telecom Group, China Mobile Group, Lenovo and Allianz. He was involved for several overseas projects also, such as SingTel in Singapore and a Bank and Telecom in Middle East. Currently he is doing security consulting and security project management for some major banks in Indonesia.

PT Bellua Asia Pacific - Bellua Cyber Security Conferences & Workshops