Thursday and Friday this week I spent at Sec-T, the first security conference for a technical audience in Sweden. It was two days of great impression, laughter and the terrifying feeling of realizing that no matter what you do you’re fucked, there’s always someone out there that’s one step ahead of you. The event presented a couple of interesting speakers and myself I was mostly impressed by Robert E. Lee and Jack C. Louis from Outpost24 who talked about DoS-attacks and especially their framework sockstress that could send any computer to a certain death within a few minutes with no bandwidth at all. Unfortunately, or maybe fortunately, they left out the technical information on this attack in their speech.
Another interesting speech was made by Bosse Norgren from the IT Crime Section at the National Criminal Police who talked about the challenges with modern forensics and how to prepare for going to court with a computer related crime. I found it very interesting to hear about his experiences with forensics work together with the information on how to present your evidence in court. Together with his presentation about how the IT Crime Section at the National Criminal Police is organized and how IT crime sections developed within the county police this speech was very interesting for everyone working with IT on a daily basis and sometimes meets the challenge of a computer that’s been compromised.
As it should be there was of course a mystery speaker that wasn’t reviled until the last hour of the event when he went up on stage. This mystery speaker didn’t need much presentation at this event and as most people guessed it was Felix “FX” Lindner who was talking about forensics on Cisco IOS. He begun his speech with the question most of us were asking “why forensics on network equipment?”, but after his presentation of security flaws in Cisco routers we could all agree on the fact that this was something we will do in the future.
This event was the first security conference for a technical audience in Sweden for as long as I can remember and I’m pretty sure there’s never been any conference like this before. On the good side is that the people behind Sec-T seemed eagered to make this an annual event and I will defiantly show up next year.
More information about Sec-T can be found at www.sec-t.org and presentations from all speakers except Felix “FX” Lindner can be found at http://sec-t.org/2008/files/SEC-T2008.zip. This zip-file also contains the challenge from Sec-T so you who weren’t there could check it out. The winner of the challenge contest solved all levels in 2,5 hour which is impressive, even though he didn’t do it all by himself and the fact that another person later told me he solved all levels by himself in about an hour, and I believe him. :)