April 24th Presentation Abstract
Malicious web pages pose a serious threat to the Internet, businesses, and end users. In order to effectively detect them, we developed a personal honey client that individuals use as their web browser. The system, which we call a Web Canary, is a web browser running in a pristine operating system customized for this purpose that runs in a virtual machine. We design our solution so the virtualization is transparent to the user to provide a typical browser experience. The Web Canary solves several problems honey clients currently face: it can get meaningful URLs from user inputs; it can visit web pages protected by CAPTCHAs or passwords; it is scalable. In addition, it keeps traditional advantages of a honey client, such as the ability to detect zero-day attacks, determining which web sites are compromising machines, and ensuring minimal impact from other applications
***************Previous Meetings *********************
March 6 Presentation is available here.
The speaker was Gus Fritschie, Director of Information Security at SeNet International, located in Fairfax, VA.
Mr. Fritschie presented “Anatomy of an Attack – Script Kiddies and Haxors and Consultants! Oh my!”. During the course of this presentation Mr. Fritschie illustrated several different computer attacks that were used while conducting penetration tests for actual clients. These examples covered simple to more complex attacks including SQL injection, database, Windows, and other attacks. The presentation demonstrated how a single vulnerability can be exploited and escalated in order to compromise an entire network. Time wasl also given to providing solutions on how these attacks could have been prevented.