[PLUG-ANNOUNCE] PLUG Advanced Topics August 20th 2007

Alan alan at clueserver.org
Sun Aug 19 22:17:57 UTC 2007


Portland Linux/Unix Group Advanced Topics Meeting

Date:       August 20th 2007
Time:       7:00pm
Location:   Jax Bar and Grill
            826 SW 2nd Ave
            Portland, OR 97204
            http://www.jaxbar.com/  (Not http://www.jax.com/)


Topic:	    Detecting and Dissecting Rootkits in Linux
Speaker:    Alan Olsen
            Advanced Topics Coordinator
            Programmer, Sysadmin and Troublemaker

Rootkits are the spyware of the Linux world.  We will be discussing what
they are, where and how they hide, and what they actually do.  I will be
covering the various types of rootkits, including the dreaded (and
overhyped "Blue Pill"), kernel rootkits, and the stuff that the script
kiddies just left on your server an hour ago.  Included will be the
tools used to find the various types of rootkits, as well as defensive
measures.

Alan Olsen has been working with Linux since 1994.  Computers since
1972.  His first program was written in Fortran on punch cards for a
Honeywell mainframe.  This makes him feel very old.

Standard Meeting Rules apply.

Standard meeting rules (from October 18th 2000) as written by Zot
O'Connor:

1) The speaker has 15 minutes free. No abusing the speaker for 15
minutes. After that, its a free for all.

2) There are stupid questions.  The speaker (and the group) can deem a
question too basic for the topic, too off-topic, or just dumb.  This may
seem rude, but the idea is to stay deep into the topic.  For instance,
given a talk on Cryptography, it can be expected that the room knows all
about public/private key pairs.  The speaker should list topics you are
expected to know before arriving.

3) There should be a lot of questions and feedback from the audience.

4) Everyone, including the speaker should feel like the topic is over
their head.

5) All are invited, but be sure to know that the talk is aimed at
experts/advanced Linux persons (or those that *think* their experts).






More information about the PLUG-announce mailing list