Program Overview

The FIRST Technical Colloquium (TC) event is restricted to FIRST members only and will be held in Oct 5-7, 2005.

Nevertheless, since this will be a joint event with other CSIRT initiatives in the region, there will be two additional events adjacent to the TC in order to achieve non-FIRST-members as well. These two events are the FIRST/TRANSITS Course (Oct 1-2) and the Latin American Security Workshop (Oct 3-4).

Saturday, October 1st

FIRST/TRANSITS course
08:30 – 09:00

Introduction

FIRST.Org Inc

Monday, October 3rd

Security workshop
09:20 – 11:00

Incident Response in Latin America

Latin American CSIRTs

11:20 – 11:50

FIRST: Global Incident Handling

FIRST Board Member

11:50 – 13:00

Regional Initiatives in Incident Response

Various FIRST Members

14:30 – 15:10

Taxonomy of Mexican Online Banking 2005: Threats and Mitigation

Juan Carlos Guel, David Gimenez, UNAM-CERT

15:10 – 16:10

Cisco PSIRT - Incident Management

Dario Ciccarone, Cisco PSIRT

16:30 – 18:00

Digital crimes under different perspectives

Various

Tuesday, October 4th

Security workshop
09:00 – 09:50

An evening with Kha0s

Sebastián García, CITEFA

09:50 – 10:50

Forensics Discovery

Wietse Venema, FIRST Liason Member

11:10 – 12:10

Information Security Attack Trends

Iván Arce, Core Security Technologies

12:10 – 13:00

Recycling IPv4 exploit for IPv6

Franciso Jesús Monserrat Coll , IRIS-CERT

14:30 – 15:20

Trends in Internet Attack Technology and the Role of Artifact

Jason Milletary, Cert/CC

15:20 – 16:10

Incident Response and Early Warning Initiatives in Brazil

Marcelo H P C Chaves, CERT.br

16:30 – 16:50

Latin-American Forensic challenge V.2: Conclusion

UNAM-CERT, IRIS-CERT

16:50 – 17:40

The SANS Internet Storm Center (ISC): A Collaborative Information Security Community

Johannes Ullrich, SANS Internet Storm Center

Wednesday, October 5th

Technical Colloquium – Plenary Session
09:20 – 09:50

Honeypots for Security Operations

James J. Barlow, NCSA-IRST

09:50 – 10:20

A Tool to Capture BruteSSH attacks related info

Ivo Carvalho Peixinho, CAIS/RNP

11:50 – 13:00

Work in Progress Session

Various FIRST Members

14:30 – 15:00

Work in Progress Session

Various FIRST Members

15:00 – 15:30

Recent Activity in Phishing Malware

Jason Milletary (CERT/CC)

15:30 – 16:10

ICMP Attacks Against TCP

Fernando Gont, UTN (Invited)

16:30 – 17:00

Fraud and Phishing Scam Response Arrangements in Brazil

Marcelo H P C Chaves, CERT.br

17:00 – 17:30

Yet another Windows auditing tool

Juan Carlos Guel, David Gimenez, UNAM-CERT

17:30 – 18:00

VoIP Security

Peter Quick, Deutsche Telekom, T-Com CERT

Thursday, October 6th

Technical Colloquium – Hands-On Class
09:20 – 10:40

Botnet Malware Analysis

Francisco Jesus Monserrat Coll (IRIS-CERT)

 DE

Common Vulnerabilities Score Systems

Marco Thorbrügge (ENISA, DE)

 AR

Cryptography in forensics & reverse engineering

Ariel Waissbein (CORE Security Technology, AR); Ariel Futoransky, Gerardo Richarte (CORE Security Technologies, AR)

 US

Hands-on analysis of a compromised Linux machine

Dr. Wietse Z. Venema (IBM, US)

11:00 – 12:30

Botnet Malware Analysis

Francisco Jesus Monserrat Coll (IRIS-CERT)

 DE

Common Vulnerabilities Score Systems

Marco Thorbrügge (ENISA, DE)

 AR

Cryptography in forensics & reverse engineering

Ariel Waissbein (CORE Security Technology, AR); Ariel Futoransky, Gerardo Richarte (CORE Security Technologies, AR)

 US

Hands-on analysis of a compromised Linux machine

Dr. Wietse Z. Venema (IBM, US)

14:20 – 15:40

Botnet Malware Analysis

Francisco Jesus Monserrat Coll (IRIS-CERT)

 DE

Common Vulnerabilities Score Systems

Marco Thorbrügge (ENISA, DE)

 AR

Cryptography in forensics & reverse engineering

Ariel Futoransky, Gerardo Richarte (CORE Security Technologies, AR); Ariel Waissbein (CORE Security Technology, AR)

 US

Hands-on analysis of a compromised Linux machine

Dr. Wietse Z. Venema (IBM, US)

16:00 – 17:30

Botnet Malware Analysis

Francisco Jesus Monserrat Coll (IRIS-CERT)

 DE

Common Vulnerabilities Score Systems

Marco Thorbrügge (ENISA, DE)

 AR

Cryptography in forensics & reverse engineering

Ariel Waissbein (CORE Security Technology, AR); Ariel Futoransky, Gerardo Richarte (CORE Security Technologies, AR)

 US

Hands-on analysis of a compromised Linux machine

Dr. Wietse Z. Venema (IBM, US)

Friday, October 7th

Technical Colloquium – Laboratory
09:00 – 10:40
 US

Botnets Lab: From Soup to Nuts

Guilherme Vênere (CAIS/RNP – Brazilian Academic and Research Network); Stephen Gill (Cymru Team, US)

11:00 – 13:00
 US

Botnets Lab: From Soup to Nuts

Guilherme Vênere (CAIS/RNP – Brazilian Academic and Research Network); Stephen Gill (Cymru Team, US)

Wednesday, November 14th

18:00 – 20:00

Wednesday, September 7th

17:15 – 18:00

Fortinet Security Fabric

Stefan Moise, Major Accounts Manager, Fortinet