Documente Academic
Documente Profesional
Documente Cultură
know
Agenda
Introduction
Todisclose or not to disclose
What is Defcon
Defcon 12 Presentations
The Future
Questions
Introduction
Who am I?
Why am I here?
What are we talking about?
To disclose or not to disclose
Vulnerability disclosure
Long running debate
Most security companies have a formal disclosure
policy
CERT/CC - http://www.cert.org/kb/vul_disclosure.html
Microsoft - http://www.microsoft.com/technet/security/bulletin/policy.mspx
@Stake - http://www.atstake.com/research/policy/
MySQL Passwords
Password Strength and Cracking
By Devin Egan
How to crack MySQL passwords
Why? For auditing.
Best practices for MySQL passwords
http://www.defcon.org/images/defcon-12/dc-1
2-presentations/Egan/dc-12-egan.ppt
Defcon 12 Presentations
Trouble on the Internet
http://www.defcon.org/images/defcon-12/dc-12-presentations/Imhoff-
Duncan/dc-12-imhoff-duncan.ppt
Defcon 12 Presentations
Personal Responsibility
Defcon
http://www.defcon.org/
Defcon Media Archive
http://www.defcon.org/html/links/defcon-media-
archives.html
Sound of Knowledge
http://www.tsok.net/tapelist.tpl?
_wsConference_Codedatarq=2000-
DEFCON&ac=DEFCON