Well after six days of 8 and sometimes 12 hours of classes and presentations I have returned from my first SANS training event. I was taking the Assessing and Securing Wireless Networks class by Josh Wright. As this was my first time at a SANS event.. I wasn’t sure what to expect… but after experiencing it… I am very impressed by the whole event. While the business district of downtown LA wouldn’t be my first choice for something like this.. it was ok as the backup location after what happened in New Orleans. The hotel was quite interesting and the location for a memorable scene from True Lies.
When they say you will be drinking from the firehose at this training.. they mean it! I’m not sure if this is accurate.. but I heard that the 600 level classes… which mine was… are on par with graduate level classes. While I’ve not been to grad school.. I think I’d agree with that. As complex and detailed as the information was… it was really just an introduction to the process of becoming your own security researcher. Josh did a great job of showing how.. as an auditor… you can go from the protocol specs to working example exploit code… and how ambiguety in the specs can lead to exploitable implementation differences among vendors. Sure.. you get to see and use existing auditing tools.. but I found the most interesting part to be the origin of these tools.. and how they developed over time. I’ll enjoy checking out the source for several of them. Josh also introduced the class to a new framework for doing wireless packet injection called LORCON.
I didn’t just do wireless stuff there… I also sat in on presentations by the FBI.. homeland security.. and one on Oracle password hash security (which is to say it has none.) Now I’m ready to digest all this info and start planning the official roll out of secure wireless services at my company.. and retool my home setup a bit so I can do more wireless tinkering. For anyone wanting some in depth security training.. I highly recommend these classes.