Training before The Black Hat Briefings '00
Amsterdam, October 23rd
Providing practical security of current issues
Class overview and schedule
Class size will be up to a maximum of 35 people.

Today, more than ever, protecting the IT resources of a company against security threats is of vital importance.  In order to do this, your company's professionals need to be capable of guarding your companyâs resources.  Black Hat Training is designed to raise these professionalsâ competence level in Internet security to a whole new level.

Note: Descriptions and requirements for training will be updated weekly.  Expect some of the training descriptions to change next week.


The Trainers
The trainers for these sessions are experts in the subject matter they are teaching and are fully active in the computer security arena.  Some of the speakers you won't find anywhere else.  They are taking some time out of their heavily occupied life in order to lead training for Black Hat.  Here, they want to share new and interesting security information on cutting-edge topics.  Get to know the tools and techniques applied by hackers.  Fight them with their own means.  Those hand-picked security experts will train you in understanding the real threats and securing your network. 

Please visit the Trainers page to get a better understanding of who will be teaching you.  Many of these speakers presented at The Black Hat Briefings in the past, and this is the first time they have presented in Europa.

Class size will be up to a maximum of 35 people. Lunch and two coffee breaks will be provided.

Offerings (Track 'A' and 'B')
The day before the Black Hat Briefings 2000 Amsterdam, Black Hat, Inc. is proud to present in-depth-training in two parallel tracks:

NT Network Intrusion Workshop     Track 'A'
Locking down your Windows 2000 server     Track 'B'  


JD Glaser
Greg Hoglund
NT Network Intrusion Workshop.

This NT Network Intrusion workshop will put the student in control of network intrusion traffic analysis. It will focus on NT specific protocols and attack patterns. The course will consist of two parts. 

The morning workshop will deliver an overview of:

1)     Network monitors and capture filter techniques
2)     Specifics tips on using sniffers - Tcpdump / Lnsniff / NetXRay / SMS Netmon
3)     NT specific traffic analysis SMB/Active Directory Traffic
4)     Demo traffic and attack pattern analysis
5)     Detailed review of current attacks

The afternoon session will be an intensive hands on traffic analysis workshop in which the students will directly apply what they have learned from the morning session.  Activities will include establishing baseline patterns and intrusion packet identification using the students own tools. (Software tools will be provided for students without) 

Several current attack patterns will be mixed into a live network and the student must correctly identify the attack activity.  The emphasis will be to learn how to react to the shortcomings of IDS systems, or to new attacks that IDS aren't aware of.  Students should bring their own laptop / network card running NT or Unix/Linux to obtain the best hands on experience.

What to bring for this training: Students are encouraged to bring their own network sniffing software, such as SMS Netmon, Lnsniff, etc. etc.

Rooster
Punkis
Locking down your Windows 2000 server All you wanted to know about Active Directory and more.

Windows 2000 is becoming the choice for Internet services.  With a full complement of new and  advanced services to help make your Internet servers secure.  We will be discussing the features  that Microsoft has developed and walking through step by step on implemtation and configuration.

This intensive 1 day hands-on course will focus on securing Web/Internet services.  For example;  DNS, web, and FTP.  We will also go into the Personal Firewall Service and how you can use this.  The course will include an overview of:

o Local security policies
o Registry settings
o IIS 5.0
o Win2k domain and user security model
o Configuring and utilizing the Win2k personal firewall service
o What ports should I allow?
o Encrypted File System

What to bring: Students are encouraged to bring their own laptop with a default installation of Windows 2000 Server to the course.

How many people can attend?
Due to the experimental nature of these training sessions and the desire to create a hands-on environment with optimal interaction/communication between trainer and student, only the first 35 people will be accepted for each track.
What do I need to know?
Since this training is targeted toward a more advanced audience, students are expected to be familiar with all security basics and technologies, concepts of firewalls, and routing.  Basic system administration skills for Unix or Windows NT are expected.  If, on the other hand, you know your way around a Unix box, have dealt with Windows NT at a functioning administrative level, wrote and de-bugged your own or othersā scripts, this training may be for you!
What do I need to bring?
Because of the technical nature of this training, students are required to supply their own hardware.  Laptops are the first choice, but if you want to bring a desktop that is also acceptable.  Laptop requirements will be dictated by which tracks you will be attending.  Please see the requirements of each training session when setting up your laptop.  The machines should be set up for a 10Mbit ethernet 10BaseT network. See the class section to get an understanding of what types of tools you should have already installed.

Location
The Black Hat Trainingwill take place at the Radisson SAS in Amsterdam. Please visit this hotel information page for room rates and hotel specifics.

Costs are $750 US for one day of training, meals, and materials.  Pick a track when you register.  You can switch tracks, but preference is given to people who have specifically picked a track.

Monday October 23rd
Time
Track 'A'
Track 'B'
08:00 - 09:00 Registration
08:00 - 09:00 Breakfast 
09:00 - 10:00 Training JD Glaser
Greg Hoglund
NT Network Intrusion Workshop.
Overview section
Rooster
Punkis
Locking down your Windows 2000 server.
10:00 - 10:10 Break
10:10 - 11:00 Training    
11:00 - 11:10 Break
11:10 - 12:00 Training    
12:00 - 12:10 Break
12:10 - 13:00 Training    
13:00 - 14:00 Lunch
14:10 - 15:00 Training  Hands on section  
15:00 - 15:10 Break
15:10 - 16:00 Training    
16:00 - 16:10 Break
16:10 - 17:00 Training    
17:00 - 17:10 Break
17:10 - 18:00 Training    
18:00 - 20:00 Catered Reception, informal get together