Security Masters Dojo

From: Dragos Ruiu (dr_at_KYX.NET)
Date: 03/11/05

  • Next message: Constantino Tobio: "Default domain permissions on who can join a workstation to the domain"
    Date:         Thu, 10 Mar 2005 23:46:27 -0800

    (The registration for this training is now
    on-line. I thought it would be of interest to
    readers of this list. --dr)

    CanSecWest Security Masters Dojo

    Dates: Morning/Afternoon May 3 and Morning May 4
            (Immediately preceeding CanSecWest/core05)

    Venue: Mariott Harbourside. Vancouver BC Canada
            (Off site lab equipment provided by BCIT IEL)

    Duration: 7 half day courses in three sessions.
            (each course offered twice in the three
             possible sessions.)

    Registration Maximum: 10 Students per course session.

    Advanced and intermediate security training
    and technology enhancement for information
    security professionals.

    To address the need for intermediate and advanced
    educational requirements that go beyond the introductory
    materials typically found in most currently existing
    training (which are often geared towards the
    novice level) for professionals who already have
    significant work experience, and want to further
    improve their skills, we have assembled a curriculum
    of hands-on, half day, training programs - delivered
    by industry renowned experts who are pre-eminent
    in their fields.

    This is information security university level training
    for practitioners who already have substantial
    knowledge and wish to broaden their boundaries.
    It goes beyond introductory level material to
    focus and delve more deeply into technical
    subjects that aren't addressed in other currently
    available training.

    The initial courses offered will be:

    Gerardo Richarte - Core Security Technologies - Assembler
            Language Programming: Assembly for Exploits

    Dave Aitel - Immunity Inc. - Your first Exploit: An
            accelerated class in Windows exploitation

    Halvar - Reverse Engineering: Rapid Bug
            Discovery and Input Crafting

    Fyodor - Insecure.Org - Network Reconnaissance
            with NMAP

    Renaud Deraison - Tenable Network Security - Vulnerability
            Scanning: Advanced NESSUS Usage

    Marty Roesch & Brian Caswell - Sourcefire - Advanced
            IDS deployment and Signature Creation: Learn
            to get the most from your SNORT deployment

    Laurent Oudot & Nico Fischbach - Applied network security
            and advanced anomaly detection using state-of-the-art
            honeyports and netflow/NIDS

    These instructors are each considered to be the world's
    top experts in their field. Many have been responsible
    for the creation of some of the most famous and useful
    security tools and methodologies you probably use
    frequently in your normal security tasks. All
    have given many introductory courses and are
    experienced instructors. They are knowledgeable
    in what students need to advance their skills.
    Many have created course material that other
    instructors still use. Each has taken that wisdom
    and knowledge of training and refined it into material
    to take your understanding to the next level. Our
    goal is to empower you to be the experts in
    your organization so that you can help your
    company be an information security powerhouse.
    Let our sensei transform your skill to the next
    degree of intensity.

    Our half day format is oriented towards maximum
    information transfer and learning retention.
    Research into learning retention rates has proven:

    Teaching Method - Knowledge Retention

    See/Hear - Lecture 5%
    Reading - 10%
    Audio Visual / Video - 20%
    Demonstration - 30%
    Discussion Group - 50%
    ***Practice by Doing*** - 75%
    Teaching Others - 90%
    ****Immediate application of learning in a real situation**** - 90%

    Patterned after martial arts combat training, the
    Security Masters Dojo will focus on real world
    applications of new skills which can help you
    advance in the field of information security. You
    will learn difficult to aquire skill sets from the
    world's top practitioners. A series of tests will
    challenge and verify your skills in each course
    area, with series of ceremonial belt colors which
    are awarded after successful attainment of
    each difficulty level in the testing challenges.
    The most difficult levels (black belt), are
    difficult to attain. But you can rest assured
    that if you study and persevere, by attaining
    and overcoming the challenges, you too
    will indeed become a world class expert in
    information security - with an exclusive skill
    and knowledge level few have reached.

    As incentives to performance, two additional
    rank awards will be presented to the two
    most exceptional students in each Dojo sitting
    at the belt award ceremony at the opening of
    the CanSecWest/core05 conference.
    (highest cumulative test scores per Dojo
    after normalization by class average)

    Top student: Authentic weapon grade Japanese
                    Folded Samurai Katana Sword -
                    Soft and hard powdered carbon
                    steel blend, tameshigiri grade cutting
                    sword good for iaido practitioners.
                    It's not just decorative, this is the
                    real thing. (We can ship it home
                    if you think you might have any
                    issues with airport security :-)

    Runner-up: Linux Zaurus SL3000 PDA with
                    4Gig hard drive and VGA touchscreen,
                    only available in Japan, converted to
                    english menus and pre-loaded
                    with security tools and NICs. This
                    too is not just decorative. (~USD$1200)

    Each class is offered in two sessions per dojo
    and features one or two expert intructors teaching
    a small group (maximum of ten people are
    allowed to register per session, class max 12).
    Courses have a strong hands-on laboratory component
    and prepared exercises for you to perform.
    Laboratory equipment for the excercises
    and a gigabit peering link will be provided
    by the BC Institue of Technology Internet
    Engineering Laboratory.

    To accomodate this, each class may have
    prerequisites for software loads and a laptop
    is mandatory. The individual class guides
    will list material the students are expected
    have knowledge about coming in and
    software tools that need to be pre-installed
    before attending so you get the maximum
    benefit from the focused intermediate or
    advanced level course. Please pay particular
    attention to the prerequisites, as the
    material listed there will not be reviewed
    in the courses, and will be necessary
    to get the maximum benefit out of these
    educational programs.

    The small size (10) means that space is limited,
    so you must book early, but you will be assured
    that the low student-instructor ratio will mean
    that you will each get specific attention to
    assisting your individual learning process.

    Our sensei masters have said "Hai!" to the
    challenge of improving your skills. I hope you
    choose to say so too and rise to the challenge
    of increasing your information security

    More information on courses and registration
    will be found at:

    --dr (a.k.a. Dojo Mama-san :-)

    World Security Pros. Cutting Edge Training, Tools, and Techniques
    Vancouver, Canada       May 4-6 2005
    pgpkey kyxpgp
    NTBugtraq Editor's Note:
    Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered.

  • Next message: Constantino Tobio: "Default domain permissions on who can join a workstation to the domain"