'Proof of concept' (PoC) exploits are used to develop and test rules for Network Intrusion Detection and Prevention Systems. Often there are many PoCs for a single exploit. So what happens if one PoC is subtly different from all the others, yet is more popular with the authors of the rules? What if this PoC results in a "quirk" being inadvertently introduced into the NIDS analysis? The choice of PoC for developing a NIDS signature could have massive and wide ranging implications - where another PoC may be sufficiently different from the rule writer's sample to evade detection. This scenario exists in the real world, and security devices have been tuned to a slightly different key. Arron will show an example of how security devices have been developed using unclean samples and how an exploit's original PoC can pass NIDS detection. The aim of this talk is to raise awareness of the need for careful verification of an exploit PoC prior to developing rules to detect the exploit, a practice that is clearly not happening.

Metasploit has become the de-facto tool for creating and implementing system exploits. But what is it? And how do penetration testers use this tool to show the real risk of vulnerabilities? Mike will give a brief history of Metasploit and its capabilities, followed by some real world examples of exploiting vulnerabilities to gain access to systems.

Have you ever wondered if all that stuff on Lie to Me might be true? Do you wish you had an extra tad of insight into how people think? Mike will take you on a quick gallop through the symptoms of lying and help you spot some of the tell-tale signs of non-verbal leakage*. Be prepared to get involved - you might even learn a little about how you think! *Bring your own mop :)