Last night I attended the NoVA Hackers Association monthly dinner meetup. Instead of having one or two longer talks, this meeting had four shortened 15 minute presentations … often called fireside talks Firetalks. The talks were great and there was plenty of time to catch up with some of the local infosec pros. Approximately 15 people attended the event hosted at ICF International’s corporate headquarters in Fairfax, VA.

After a bit of networking, @elwing started off giving an overview of CACert. This is an open source-styled certificate authority (CA) where your assurance is vouched for through points given by assuruers who check identification documents. There is a basic level certificate you can get with no points similar to the old Thawte-style certificates. Each assurer can give up to 35 points and with 150 points you can also apply to become an assurer. CACert’s root certificate is already present by default in several Linux OSs and the group is working on Firefox and Safari. Getting its root certificate into IE may be a bit harder due to the processing costs of approximately $150,000. They are also looking for volunteers to help out in different roles, e.g., policy writing, developing website workflows, and obtaining placement by default in browsers. Contact @elwing if you’re interested in helping out or what to be assured.

Next, Rob “@mubix” Fuller presented on his frustrations of completeness in doing pen tests and offered some interesting solutions via DNS foo in his talk titled “IP Contra.” Unfortunately, I (or anyone else at the meeting) can’t talk about the details as we had to sign a NDA before he presented. But what I can say is that DNS is not geographic!

We all have done a lot of NMAP scans at some point and have been overwhelmed in trying to make sense of all the data you collect over time. Enter Chris “@carnal0wnage” Gates and his talk “Nmap XML Ruby Stuff.” The general idea was a way to push the XML scan results into a database that can be searched. Back in January he started piecing things together and posted some of his initial ideas and code. Since then he’s experimented with several frameworks but ended up just writing his own Ruby implementation. The end result was a fairly complete database for NMAP results with command line searching. Chris continues to evolve his implementation and is looking for help. He’s especially looking for anyone with GUI development experience to write a frontend. Contact @carnal0wnage if you’d like to help or want to try his updated implementation.

Finally, Terrence “@kingtuna” Gareau pulled in a little late but presented and demoed a USB attack on a fully patched Windows computer. He created a Metaspoit module that returns a shell to an attacker by simply inserting a USB drive into a victim computer. Although this is not new, the demo was against a fully patched Windows box. The trick was to add the attack code on the USB drive so it looks like a CD. By default, Windows still autoplays CDs! Enterprises can help protect against this attack by configuring their policy to not autoplay ANY media.

Anyway, that was it for the official talks. There were plenty of great side conversations or “round table talks” (RTTs) as well. NovaHackers may even incorporate this RTT idea into future meetings. Thanks to Lucus and Jonathan of ICS International for setting the facility up, providing refreshments, and organizing dinner. And for future events, check out the NoVA Hackers Association blog. Also, we setup up the @novahackers Twitter account that pushes out tweets whenever Rob and Chris put out new blog posts. This is another great way to keep up with what’s going on with this group.

///

There are a lot of other infosec events going on around DC. If you are the sponsoring group or attended one of these meetups or conferences and would like to submit a summary to be posted on this site, please send us a message from our Contact Us page or mention @grecs on Twitter. See ya!

Tags: event, infosec, meetup, nova, novahackers

This entry was posted on March 10, 2010 at 12:38 pm and is filed under NoVA Meetups. You can follow any responses to this entry through the RSS 2.0 feed.