7-21-2012 Collective Intel Framework/ Defcon XX Pre Con Meeting / Hack The Flag Crash Course

Our next meeting after  HOPE 9 we will have a fully loaded meeting covering the following:

CIF – Collective Intelligence Framework

Typically threat intelligence is a crucial aspect of CIRT (Computer Incident Response Teams), usually CIRT have to navigate various sources for this threat intelligence consuming time and usually have zero control of the data aggregated by the various feed. Besides that typically those threat intelligence providers do not share data among the community, or have incomplete sets of data. Imagine if you could have a server that aggregates data from all the feeds the big guys do for free. Also if you have full control of that server and the capability to add data as you saw fit.

Enters CIF, indexes, normalizes and stores feed data generated by 3rd party research companies. Also it could index any data source provided that it is in the correct format and correctly parsed. The software was created by Wes Young and his team in REN-ISAC as a way to share intelligence data. They offer the software, but no access to a production instance. I have set up my own public instance as a service to the internet security community. A list of the companies I’m currently gathering data from are:
In this talk I will  introduced CIF, cover how to query CIF from my public server. Also how to use the perl client and generate snort rules, and IP tables rules to automatically block and alert on the lastest malware/domain/malicious IPs seen in feeds parsed by CIF. Finally offering some guidance on how to setup your own server.
–Jose H.

www.josehelps.com

 

 

 

 

DEFCON XX Pre Con Meeting

We will be talking about the DEFCON XX talks, events and Hackmiami participation

 

 

Hack The Flag crash course

There will be a presentation on what is Hack The Flag. What type of challenges you may expect to see, and some basics of playing CTFs. Hack The Flag will happen on August 11th. There will be two CTFs one for beginners “Samurai CTF” and one advanced “Kommand && KonTroll CTF 2″. Here is the registration page we encourage you to participate

http://www.sfissa.org/index.php/sfissa-mm-events/htf-main/142-hack-the-flag-2012

 

Planet Linux Caffe- 1 PM

1430 Ponce De Leon Boulevard

Coral Gables 33134