Tuesday, July 26, 2005

Reporting from Black Hat

I just finished up four days of training in Las Vegas. Black Hat has to be one of the more interesting tech events that I have attended and I still have two more days to go. The first thing I have learned is that some classes are better than others. IMHO, if you are going to Black Hat stick to the Hacker/Cracker courses unless there is something you have advance knowledge about.

The SensePost Hacking By Numbers: Combat Edition is by far the most advanced. Its 10+ rounds of capture the flag. The SensePost instructors give good advice if your stuck or falling behind and there are good reviews between each challenge. I would recommend it to anyone without leet skills. Even if you have some skills you are bound to cover an area you are weak in and will probably find some cool tools to help you along.

Microsoft has improved security with Active Directory, ISA server, IIS lock down, etc but it still has the usual other Microsoft issues, stability and performance. I watched leet security professionals and Microsoft employees struggle through their presentations. I counted at least three reboots before I lost interest due to the long pauses in the presentation.

I learned a few more things about Microsoft ISA Server 2004. Out of respect for the Microsoft guy who took the time to talk to me I won't go into it but I will say that the next release will get better. IMO, it will only take Microsoft one or two more releases of ISA server and they are going to be a major player in the firewall market. If you are responsible for firewalls in your company you need to start watching ISA server. Its tolerable now but its going to get better quickly.

One more thing about Microsoft. Its rare for me to find a Microsoft technology that I like but its also rare for me to find a Microsoft employee that I don't like. I have met 10 - 15 people from Microsoft. Developers, support people, marketing and sales. There all good people to work with. The products will catch up to the people one day.

Thats the end of the Black Hat training. Now two days of Black Hat breifings. Oh, yeah! Then there is Defcon........

(NOTE: Comments are welcome but keep them on topic. Additional insight or information on the topic is appreciated! Off topic posts or fake comments with links will be deleted)


Post a Comment

<< Home