After a bit of networking, @elwing started off giving an overview of CACert. This is an open source-styled certificate authority (CA) where your assurance is vouched for through points given by assuruers who check identification documents. There is a basic level certificate you can get with no points similar to the old Thawte-style certificates. Each assurer can give up to 35 points and with 150 points you can also apply to become an assurer. CACert’s root certificate is already present by default in several Linux OSs and the group is working on Firefox and Safari. Getting its root certificate into IE may be a bit harder due to the processing costs of approximately $150,000. They are also looking for volunteers to help out in different roles, e.g., policy writing, developing website workflows, and obtaining placement by default in browsers. Contact @elwing if you’re interested in helping out or what to be assured.

Next, Rob “@mubix” Fuller presented on his frustrations of completeness in doing pen tests and offered some interesting solutions via DNS foo in his talk titled “IP Contra.” Unfortunately, I (or anyone else at the meeting) can’t talk about the details as we had to sign a NDA before he presented. But what I can say is that DNS is not geographic!

We all have done a lot of NMAP scans at some point and have been overwhelmed in trying to make sense of all the data you collect over time. Enter Chris “@carnal0wnage” Gates and his talk “Nmap XML Ruby Stuff.” The general idea was a way to push the XML scan results into a database that can be searched. Back in January he started piecing things together and posted some of his initial ideas and code. Since then he’s experimented with several frameworks but ended up just writing his own Ruby implementation. The end result was a fairly complete database for NMAP results with command line searching. Chris continues to evolve his implementation and is looking for help. He’s especially looking for anyone with GUI development experience to write a frontend. Contact @carnal0wnage if you’d like to help or want to try his updated implementation.

Finally, Terrence “@kingtuna” Gareau pulled in a little late but presented and demoed a USB attack on a fully patched Windows computer. He created a Metaspoit module that returns a shell to an attacker by simply inserting a USB drive into a victim computer. Although this is not new, the demo was against a fully patched Windows box. The trick was to add the attack code on the USB drive so it looks like a CD. By default, Windows still autoplays CDs! Enterprises can help protect against this attack by configuring their policy to not autoplay ANY media.

Anyway, that was it for the official talks. There were plenty of great side conversations or “round table talks” (RTTs) as well. NovaHackers may even incorporate this RTT idea into future meetings. Thanks to Lucus and Jonathan of ICS International for setting the facility up, providing refreshments, and organizing dinner. And for future events, check out the NoVA Hackers Association blog. Also, we setup up the @novahackers Twitter account that pushes out tweets whenever Rob and Chris put out new blog posts. This is another great way to keep up with what’s going on with this group.

///

There are a lot of other infosec events going on around DC. If you are the sponsoring group or attended one of these meetups or conferences and would like to submit a summary to be posted on this site, please send us a message from our Contact Us page or mention @grecs on Twitter. See ya!

Not much has happened on the their Blogger site yet but the discussion on Google immediately took off with over 400 posts and 64 members as I write this. Since this group is in the “forming” phase, most of the discussion is all about how this association is going to work, everyone doing introductions, and of course ShmooCon tickets. Currently, it looks like they are going to try to hold two events each month. One will be the traditional luncheon that @mubix has been organizing for the past year. The second event may be a more formal evening meetup with presentations and all.

Joining seems to be pretty similar to the Freemasons. You have to be invited by a current member or a current member has to invite you. Additionally, there seems to be a requirement to be active. @mubix and crew will be skimming membership every few months and deleting lurkers. I think these two controls will go a long way to helping stem the prevalence of spam. But please remember that they are still in the development stages of putting this thing together so the “rules” may change over time.

You can find out more information on the NoVA Hackers Association on our NoVA Meetups page. Also keep up to date and help morph this group into what it will be by visiting them over at their Google Group!