Black Hat Briefings, Las Vegas 2005 [audio] Presentations From The Security Conference

This is a real story of modern extortion in a cyberworld. Bots have replaced dynamite and you don't buy "protection" to prevent your shop from going in flames; you buy "consulting" to prevent your IT from beeing DoSed. From the first limited synflood to the conclusion, we will review those crazy 48 hours that end up in a one to one digital fight. We will see in depth which attacks and mitigation techniques where involved and how they both evolved quickly in complexity and intensity. As a conclusion we will see which were the major weaknesses, found either in the network architecture, the security perimeter and the target application, and how it would have been possible to prevent such attack, limit its impact... and save money. Renaud Bidou has been working in the field of IT security for about 10 years. He first performed consulting missions for telcos, pen-tests and post-mortem audits, and designed several security architectures. In 2000 he built the first operational Security Operation Center in France wh