Rob Gillen - Blog

It’s that time of year again… the CodeStock session line up has been announced and – much like years past, it is looking to be a great conference. If you’ve not attended CodeStock before, or are not familiar with what it is, it’s a great regional developer conference hosted in Knoxville, TN early each summer. You can see a list of the content that will be covered at this year’s conference here: http://codestock.org/Sessions/Default.aspx – that’s a lot of content crammed into two days – and a great value at only $60.

I’m quite excited have been selected to speak at CodeStock this year… probably more than I have in the past. The reason is that I chose a topic that I’ve been studying and enjoying, but not one that is typical for this sort of conference. Over the past three years, I’ve spoken at CodeStock on topics including SharePoint, Team System, Amazon Web Services, Windows Azure, and GPGPU computing with CUDA. This year, however, the talks I’m giving (buffer overflow detection/exploitation and wireless network security) affect developers but are often considered topics for security-specific conferences. What is great, is not only did these talks make the cut, but the buffer overflow talk was #12 in the list of top vote getters (CodeStock lets registered attendees vote on what sessions they’d like to see). If you happen to be in the Knoxville area in the middle of June I hope you’ll consider attending the conference.

Anatomy of a Buffer Overflow Attack - You've heard of "buffer overflows" and maybe you've even been the cause of a few, but do you understand why they are bad? Maybe you're a ".NET developer" and you've never really thought about them. In this session we'll discuss how attackers discover buffer overflows, how they interrogate them, and, finally, how they are exploited. We'll walk through a live demonstration from fuzzing through obtaining a remote shell. You'll leave with a better understanding of how they work, and why you should ensure your code is protected from them.

WiFu - so you think your wireless connection is safe? - In this session we'll discuss various wireless security techniques including common misconceptions and mis-configurations. We will demonstrate how easy it is to compromise even "secured" connections and what the implications are for you as an IT professional. Using free software and inexpensive hardware (~$30), we'll demonstrate a number of attacks and highlight the vulnerabilities that are present in the behavior of many wireless devices.