[ottsec] meetup - 24 January 7 p.m. NEW LOCATION
13 views
Skip to first unread message
Dale Neufeld
Jan 17, 2011, 9:32:55 PM1/17/11
to ottsec
For January we have a great talk lined up. Mike Sues and Karim Nathoo will give a redux of their BSidesOttawa talk.
Please note the change in location for this month!
Topic: Fuzzing Cows by Karim Nathoo and Mike Sues
What exactly is fuzzing? You've probably heard about it so we'll tell you what it's all about and why organizations should care about it. First of all it has nothing to do with nmap or Nessus and we promise not to refer to those tools in our presentation. We'll start with a short archaeological venture into the history of fuzzing, where we started and the types of tools that were used back in the day up to the present and then discuss the different forms of testing that fuzzing supports. We'll then delve into the weeds and discuss how one fuzzes, reviewing the development of protocol and API models and the different types of targets for our testing. Current open source and commercial fuzzing tools and how they integrate with root casue analysis tools will be discussed along with some publicly-known successes associated with this form of testing. Along the way we'll demonstrate the different steps in fuzzing and use of tools along with at least one complete fuzzing example, including root cause analysis to locate a new vulnerability.
What:
An informal meetup of information security professionals in Ottawa based on the citysec model. Unlike other meetups, you will not be expected to pay dues, "join up", or endure vendor marketing pitches.
Where:
Shopify office, 61a York St (Above Tucker's Marketplace)
When: Monday, January 24 at 7:00 p.m.
Contact:
RSVPs are appreciated so that we can make proper arrangements for food and tasty beverages.
Dale Neufeld (canuck.eh [at] gmail.com)
Please feel free to pass this info along to any infosec professionals that might be interested.
Please note the change in location for this month!
Topic: Fuzzing Cows by Karim Nathoo and Mike Sues
What exactly is fuzzing? You've probably heard about it so we'll tell you what it's all about and why organizations should care about it. First of all it has nothing to do with nmap or Nessus and we promise not to refer to those tools in our presentation. We'll start with a short archaeological venture into the history of fuzzing, where we started and the types of tools that were used back in the day up to the present and then discuss the different forms of testing that fuzzing supports. We'll then delve into the weeds and discuss how one fuzzes, reviewing the development of protocol and API models and the different types of targets for our testing. Current open source and commercial fuzzing tools and how they integrate with root casue analysis tools will be discussed along with some publicly-known successes associated with this form of testing. Along the way we'll demonstrate the different steps in fuzzing and use of tools along with at least one complete fuzzing example, including root cause analysis to locate a new vulnerability.
What:
An informal meetup of information security professionals in Ottawa based on the citysec model. Unlike other meetups, you will not be expected to pay dues, "join up", or endure vendor marketing pitches.
Where:
Shopify office, 61a York St (Above Tucker's Marketplace)
When: Monday, January 24 at 7:00 p.m.
Contact:
RSVPs are appreciated so that we can make proper arrangements for food and tasty beverages.
Dale Neufeld (canuck.eh [at] gmail.com)
Please feel free to pass this info along to any infosec professionals that might be interested.
Reply all
Reply to author
Forward
0 new messages