Program overview

The FIRST Technical Colloquium (TC) event is restricted to FIRST members only and will be held in Oct 5-7, 2005.

Nevertheless, since this will be a joint event with other CSIRT initiatives in the region, there will be two additional events adjacent to the TC in order to achieve non-FIRST-members as well. These two events are the FIRST/TRANSITS Course (Oct 1-2) and the Latin American Security Workshop (Oct 3-4).

Program details on the FIRST TC itself are available for FIRST members only, directly through the Members only website, which you can access using your certificate.

Please note: the program schedule is not in its final version, adjustments still can occur.

Overview

October 1st (Saturday)Return to overview

FIRST/TRANSITS course
08:30 – 09:00

Introduction

FIRST.Org Inc

09:00 – 10:40

Module 1: Organizational Issues

10:40 – 11:00

Coffee break

11:00 – 12:30

Module 1: Organizational Issues

12:30 – 14:00

Lunch

14:00 – 15:40

Module 2: Operational Issues

15:40 – 16:00

Coffee break

16:00 – 17:00

Module 2: Operational Issues

17:00 – 18:00

Module 3: Legal Issues

October 2nd (Sunday)Return to overview

FIRST/TRANSITS course
09:00 – 10:40

Module 4: Technical Issues

10:40 – 11:00

Coffee break

11:00 – 12:30

Module 4: Technical Issues

12:30 – 14:00

Lunch

14:00 – 15:40

Module 4: Technical Issues

15:40 – 16:00

Coffee break

17:00 – 18:00

Module 5: Vulnerabilities and Advisories

October 3rd (Monday)Return to overview

Security workshop
09:00 – 09:20

Open

ONTI (AR Government)

09:20 – 11:00

Incident Response in Latin America

Latin American CSIRTs

11:00 – 11:20

Coffee Break

11:20 – 11:50

FIRST: Global Incident Handling

FIRST Board Member

11:50 – 13:00

Regional Initiatives in Incident Response

Various FIRST Members

13:00 – 14:30

Lunch

14:30 – 15:10

Taxonomy of Mexican Online Banking 2005: Threats and Mitigation

Juan Carlos Guel, David Gimenez, UNAM-CERT

15:10 – 16:10

Cisco PSIRT - Incident Management

Dario Ciccarone, Cisco PSIRT

16:10 – 16:30

Coffee Break

16:30 – 18:00

Digital crimes under different perspectives

Various

October 4th (Tuesday)Return to overview

Security workshop
09:00 – 09:50
AR

An evening with Kha0s

Sebastián García, CITEFA

09:50 – 10:50
US

Forensics Discovery

Wietse Venema, FIRST Liason Member

10:50 – 11:10

Coffee Break

11:10 – 12:10
AR

Information Security Attack Trends

Iván Arce, Core Security Technologies

12:10 – 13:00

Recycling IPv4 exploit for IPv6

Franciso Jesús Monserrat Coll , IRIS-CERT

13:00 – 14:30

Lunch

14:30 – 15:20

Trends in Internet Attack Technology and the Role of Artifact

Jason Milletary, Cert/CC

15:20 – 16:10

Incident Response and Early Warning Initiatives in Brazil

Marcelo H P C Chaves, CERT.br

16:10 – 16:30

Coffee Break

16:30 – 16:50

Latin-American Forensic challenge V.2: Conclusion

UNAM-CERT, IRIS-CERT

16:50 – 17:40

The SANS Internet Storm Center (ISC): A Collaborative Information Security Community

Johannes Ullrich, SANS Internet Storm Center

17:30 – 18:00

Close

AR Government

October 5th (Wednesday)Return to overview

Technical Colloquium – Plenary Session
08:30 – 09:00

Registration

09:00 – 09:20

Open

FIRST TC Day Chair

09:20 – 09:50

Honeypots for Security Operations

James J. Barlow, NCSA-IRST

09:50 – 10:20

A Tool to Capture BruteSSH attacks related info

Ivo Carvalho Peixinho, CAIS/RNP

11:00 – 11:20

Coffee Break

11:20 – 11:50

FIRST SC Update

FIRST SC Member

11:50 – 13:00

Work in Progress Session

Various FIRST Members

13:00 – 14:30

Lunch

14:30 – 15:00

Work in Progress Session

Various FIRST Members

15:00 – 15:30

Recent Activity in Phishing Malware

Jason Milletary (CERT/CC)

15:30 – 16:10
AR

ICMP Attacks Against TCP

Fernando Gont, UTN (Invited)

16:10 – 16:30

Coffee Break

16:30 – 17:00

Fraud and Phishing Scam Response Arrangements in Brazil

Marcelo H P C Chaves, CERT.br

17:00 – 17:30

Yet another Windows auditing tool

Juan Carlos Guel, David Gimenez, UNAM-CERT

17:30 – 18:00

VoIP Security

Peter Quick, Deutsche Telekom, T-Com CERT

October 6th (Thursday)Return to overview

Technical Colloquium – Hands-On Class
09:00 – 09:20

Open

FIRST TC Day Chair

09:20 – 10:40

Botnet Malware Analysis

Francisco Jesus Monserrat Coll (IRIS-CERT)

DE

Common Vulnerabilities Score Systems

Marco Thorbrügge (ENISA, DE)

AR

Cryptography in forensics & reverse engineering

Ariel Futoransky, Gerardo Richarte (CORE Security Technologies, AR); Ariel Waissbein (CORE Security Technology, AR)

US

Hands-on analysis of a compromised Linux machine

Dr. Wietse Z. Venema (IBM, US)

10:40 – 11:00

Coffee Break

11:00 – 12:30

Botnet Malware Analysis

Francisco Jesus Monserrat Coll (IRIS-CERT)

DE

Common Vulnerabilities Score Systems

Marco Thorbrügge (ENISA, DE)

AR

Cryptography in forensics & reverse engineering

Ariel Futoransky, Gerardo Richarte (CORE Security Technologies, AR); Ariel Waissbein (CORE Security Technology, AR)

US

Hands-on analysis of a compromised Linux machine

Dr. Wietse Z. Venema (IBM, US)

12:30 – 14:20

Lunch

14:20 – 15:40

Botnet Malware Analysis

Francisco Jesus Monserrat Coll (IRIS-CERT)

DE

Common Vulnerabilities Score Systems

Marco Thorbrügge (ENISA, DE)

AR

Cryptography in forensics & reverse engineering

Ariel Futoransky, Gerardo Richarte (CORE Security Technologies, AR); Ariel Waissbein (CORE Security Technology, AR)

US

Hands-on analysis of a compromised Linux machine

Dr. Wietse Z. Venema (IBM, US)

15:40 – 16:00

Coffee Break

16:00 – 17:30

Botnet Malware Analysis

Francisco Jesus Monserrat Coll (IRIS-CERT)

DE

Common Vulnerabilities Score Systems

Marco Thorbrügge (ENISA, DE)

AR

Cryptography in forensics & reverse engineering

Ariel Futoransky, Gerardo Richarte (CORE Security Technologies, AR); Ariel Waissbein (CORE Security Technology, AR)

US

Hands-on analysis of a compromised Linux machine

Dr. Wietse Z. Venema (IBM, US)

October 7th (Friday)Return to overview

Technical Colloquium – Laboratory
09:00 – 10:40
US

Botnets Lab: From Soup to Nuts

Guilherme Vênere (CAIS/RNP — Brazilian Academic and Research Network); Stephen Gill (Cymru Team, US)

10:40 – 11:00

Coffee Break

11:00 – 13:00
US

Botnets Lab: From Soup to Nuts

Guilherme Vênere (CAIS/RNP — Brazilian Academic and Research Network); Stephen Gill (Cymru Team, US)

November 14th (Wednesday)Return to overview

18:00 – 20:00

September 7th (Wednesday)Return to overview

17:15 – 18:00