Security - Crime Scene Investigation (CSI) on the Internet

When Monday 25 August
Where Christchurch Convention Centre

This tutorial looks at the nature and structure of network attacks and the motivation that drives these malicious online activities. The session discusses the type of tools that are used in modern attacks, their impact, and who is behind them. In addition, the tutorial will examine actions and processes that can be used to identify, mitigate and respond to such attacks. To illustrate this, the tutors will demonstrate how a botnet is created, and introduce participants to tools such as nmap and metasploit.

The tutorial discusses ways to identify attack streams and understand the nature of TCP/IP traffic. This part of the tutorial will include demonstrations of Wireshark, fprobe, nfsen and nfdump. The tutorial will also review darknets, including their operation and contribution to combating malicious network activity.

The tutorial features a practical, hands-on exercise involving a simulated network attack. Participants will be asked to try to identify and respond to this attack using the tools and techniques discussed.

Slides