|
http://www.hackerschool.org/HS_Boards/zboard.php?id=HS_Translate&no=2 [º¹»ç]
À¯¸íÇÑ ÇØ¿Ü º¸¾È ÄÁÆÛ·±½º·Î¼ BlackHat, Defcon, RECON, ShmooCon, CansecWest, rootedCon, HITB µîÀÌ ÀÖ½À´Ï´Ù.
À̵é Áß RECONÀ» ù ¹ø° ¹ø¿ª ´ë»óÀ¸·Î ¼±Á¤ÇØ º¸¾Ò½À´Ï´Ù.
RECONÀº Áö³ 2005³âÀ» ½ÃÀÛÀ¸·Î ¸Å³â ij³ª´Ù ¸óÆ®¸®¿Ã¿¡¼ °³ÃֵǴ º¸¾È ÄÁÆÛ·±½º·Î¼,
Reverse Engineering ¹× ÃֽŠExploit, ±×¸®°í 0-day ¹ß°ß ±â¼ú¿¡ ÁßÁ¡À» µÎ°í ÀÖ´Ù´Â Á¡ÀÌ ¸Å·ÂÀûÀÔ´Ï´Ù.
RECONÀÇ °ø½Ä À¥ »çÀÌÆ®´Â http://recon.cx À̸ç, ÄÁÆÛ·±½º Á¾·á ÈÄ archive ¸Þ´º¸¦ ÅëÇØ ¹ßÇ¥ µ¿¿µ»óµéÀ» °ø°³ÇÕ´Ï´Ù.
ÀÌ Áß Ã¹ ÄÁÆÛ·±½º¿´´ø 2005³â¿¡¼ºÎÅÍ ¸®½º´×&¹ø¿ªÀ» ½ÃÀÛÇØ ³ª°¡·Á°í ÇÕ´Ï´Ù.
2005³âÀÇ ¹ßÇ¥ ÁÖÁ¦µéÀ» Á¤¸®ÇÏ¸é ´ÙÀ½°ú °°½À´Ï´Ù.
[¹ßÇ¥ ÁÖÁ¦]
http://2005.recon.cx/en/s/jlloyd.html
[¹ßÇ¥ ÀÚ·á]
http://2005.recon.cx/recon2005/papers/
[樨毢]
http://www.archive.org/details/Recon2005videos
- Anonymous Blogging Submission : ÀÎÅÍ³Ý ±ÔÁ¦°¡ ÀÖ´Â ±¹°¡¸¦ À§ÇØ ÀÍ¸í ºí·Î±ë ¹æ¹ýÀ» ¼³¸íÇÕ´Ï´Ù.
- Binary Protection Schemes : ¹ÙÀ̳ʸ® ºÐ¼®À» ¹æÁöÇÏ´Â ¹æ¹ý¿¡ ´ëÇØ ¸®´ª½º¸¦ ±â¹ÝÀ¸·Î ¼³¸íÇÕ´Ï´Ù.
- Attacking WiFi with traffic injection : ¹«¼±·£ ±âÃÊ, WEP Å©·¢, ±×¸®°í traffic injectionÀ» ÅëÇÑ ÁÖº¯Àå¾Ç ¹æ¹ýÀ» ¼³¸íÇÕ´Ï´Ù.
- reversing the commercial web for fun and knowledge : ±¸±ÛÇØÅ·, JS ³µ¶È µî¿¡ ´ëÇØ ´Ù·ì´Ï´Ù.
- Web Application Hacking : À¥ÇØÅ·À» ¿¹Á¦¿Í ÇÔ²² ´Ù·ì´Ï´Ù.
- The Dark Side of Winsock : winsock°ú À̸¦ ÀÌ¿ëÇÑ ¹éµµ¾î¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- Encrypted P2P and VoIP Spaces with CUTLASS : P2P¿Í voip ÇÁ·ÎÅäÄÝÀ» ¾ÈÀüÇÏ°Ô ¾ÏÈ£ÈÇÏ´Â ¹æ¹ý¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- Syllogistic Application Testing : ÀÀ¿ëÇÁ·Î±×·¥ º¸¾È Å×½ºÆÿ¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- Visual Analysis: 2D Does it Better in Color : ÅؽºÆ®°¡¾Æ´Ñ ºñÁê¾óÇÑ ·Î±×¸¦ Ç¥ÇöÇÏ´Â ¹æ¹ý¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- Practical Attacks on a Prox Card : Çϵå¿þ¾îÀûÀÎ door lock °ø°Ý¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- Introduction to network programming with libevent. libdnet and libnids : network ÇÁ·Î±×·¡¹Ö ¶óÀ̺귯¸®¸¦ ¼³¸íÇÕ´Ï´Ù.
- Using honeyclients to discover new attacks : client ±â¹ÝÀÇ honeypot¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- Passive Asset Detection System : invisibleÇÏ°Ô ³×Æ®¿öÅ© Á¤º¸¸¦ ¼öÁýÇÏ´Â ¹æ¹ý¿¡ ¼³¸íÇÕ´Ï´Ù.
- Auditing Source Code : C/C++ ¾ð¾î¿¡¼ÀÇ º¸¾È Ãë¾àÁ¡ ¼³¸í°ú À̸¦ ã´Â ¹æ¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- Process Stalking: Run Time Visual RCE : ¹ÙÀ̳ʸ® ¸®¹ö½ÌÀ» À§ÇÑ ÇÁ·Î¼¼½º ÃßÀû ¹æ¹ý¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- Improving Network Security by Adding Randomness : OpenBSDÀÇ ³×Æ®¿öÅ© º¸¾È°ú Ãë¾àÁ¡¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- Malware Analysis : ¾Ç¼ºÄÚµå ºÐ¼®¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- Hardening Registration Number Protection Schemes : ÀÀ¿ëÇÁ·Î±×·¥ ½Ã¸®¾ó ³Ñ¹öÀÇ Ãë¾àÁ¡°ú ¹æ¾î¹ý¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- recent shelLcode developments : ½©ÄÚµå ÀÛ¼º¹ý¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
- reverse engineering panel : ¸®¹ö½º ¿£Áö´Ï¾î¸µÀ» ÁÖÁ¦·Î Åä·ÐÇÕ´Ï´Ù.
ÀÌ Áß¿¡ Auditing Source Code ¸¦ ¸®½º´×&¹ø¿ª ´ë»óÀ¸·Î ¼±Á¤ÇÏ°íÀÚ ÇÕ´Ï´Ù.
¼±Á¤ ÀÌÀ¯´Â ÀÏ´Ü ÁÖÁ¦°¡ Èï¹Ì·Î¿ì¸ç, ¹ßÇ¥ÀÇ ·¯´×ŸÀÓÀÌ ¾à 47ºÐÀ¸·Î ªÀºÆíÀ̶ó ù ÀÛ¾÷À¸·Î ¸öÇ®±â¿¡ ÁÁÀ» °Í
°°½À´Ï´Ù. ±×¸®°í ¹ßÇ¥ÀÚÀÎ Nishchal Bhalla´ÔÀÌ Àεµ°è¿À̶ó ¿ø¾î¹Î´ÔµéÀÇ ¹öÅÍ ¹ßÀ½¿¡ ºñÇØ ºñ±³Àû ¸®½º´×ÀÌ ½±½À´Ï´Ù.
(ÀßÇϽô ºÐµéÀº ¿ÀÈ÷·Á ¾à°£ ´ä´äÇÏ°Ô µé¸± ¼öµµ ÀÖÀ» °Í °°³×¿ä.)
´ÙÀ½Àº ¹ßÇ¥ ÀÚ·á¿Í µ¿¿µ»óÀÔ´Ï´Ù.
http://2005.recon.cx/recon2005/papers/Nish_Bhalla/Security_Compass_Defects_Overview_final.pdf
http://www.archive.org/download/Recon2005videos/recon2005_nish_bhalla_auditing_source_code.avi
ÀÌÁ¦ ÀÌ µ¿¿µ»óÀ» ¿©·¯°³·Î ºÐÇÒÇÏ¿© ¸®½º´×&¹ø¿ªÀ» ÇÒÅÙµ¥, ±× Àü¿¡ À§ PDF ÆÄÀÏÀ» ¸ÕÀú º¸½Ã¸é Àü¹ÝÀûÀÎ È帧À»
ÀÌÇØÇϴµ¥ µµ¿òÀÌ µÉ °Í °°½À´Ï´Ù.
|
Hit : 3006 Date : 2011/05/03 06:32
|
97, 
4/4 
¸Û¸Û
