Home > Career, Hacking, Information Security, Security Conferences > Reflections on SANS ’99 New Orleans: Where It All Started

Reflections on SANS ’99 New Orleans: Where It All Started

A few weeks ago I saw some RT’s/@’s on Twitter referencing John Flowers and that name brought back some memories.

Today I sent a tweet to John asking him if I remembered correctly that he was at SANS in New Orleans in 1999 when he was still at Hiverworld.

He responded back confirming he was, indeed, at SANS ’99.  I remarked that this was where I first met many of today’s big names in security: Ed Skoudis, Ron Gula, Marty Roesch, Stephen Northcutt, Chris Klaus, JD Glaser, Greg Hoglund, and Bruce Schneier.

John responded back:

I couldn’t agree more.  That was an absolutely amazing time. I was on my second security startup (NodeWarrior Networks,) times were booming and this generation of the security industry as we know it was being given birth to.

I remember many awesome things from that week:

  • Sitting in “Intrusion Detection Shadow Style” with Stephen Northcut and Judy Novak for something like 8 hours going cross-eyed reading tcpdump packet traces and getting every question Stephen asked wrong. Well, some of them, anyway 😉
  • Asking Ron Gula’s wife something about Dragon and her looking back at me like I was a total n00b
  • Asking Ron Gula the same question and having him confirm that I was, in fact, a complete tool
  • Staying up all night drinking, writing code in Perl and doing dangerous things on other people’s networks
  • Participating in my first CTF
  • Almost getting arrested for B&E as I tried to rig the CTF contest by attempting to steal/clone/pwn/replace the HDD in the target machine. The funniest part of that was almost pulling it off (stealing the removable drive) but electrocuting myself in the process — which is what alerted my presence to the security guard.
  • Interrupting Lance Spitzner’s talk by stringing a poster behind him that said “www.lancespitznerismyhero.com” (a domain I registered during the event.)
  • Watching Bruce Schneier scream at the book store guy because they, incredulously, did not stock “Practical Cryptography
  • Sitting down with Ed Skoudis (who was with SAIC at the time, I believe,) looking at one another and wondering just what the hell we were going to do with our careers in security
  • Spending $14,000 (I shit you not, it was the Internet BOOM time, remember) by hitting 6 of the best restaurants in New Orleans with a party of hax0rs and working the charge department at American Express into a frenzy (not to mention actually using the line from Pretty Woman: “we’re going to spend obscene amounts of money here” in order to get in…)
  • Burning the roof of my mouth by not heeding the warnings of the waitress at Cafe Dumonde, biting into a beignet which cauterized my mouth as I simultaneously tried to extinguish the pain with scalding hot Chicory coffee.

I came back from that week knowing with every molecule in my body that even though I’d been “doing” security for 5 years already, it was exactly what I wanted to for the rest of my life.

I have Stephen Northcut to thank for that.  I haven’t been to a SANS since 1999 (don’t ask me why) but I am so excited about going back in August in DC (SANS What Works In Virtualization and Cloud Computing Summit) and giving a keynote at the event.

It’s been a long time.  Too long.

/Hoff

Enhanced by Zemanta
  1. July 29th, 2010 at 05:34 | #1

    Excellent recap Hoff! I am relatively new to the infosec world and went to my first SANS conference in March (SANS 2010). The experience was quiet close to yours (except the $14k expenses) and I loved it. I also realized that infosec is where I want to be. I will also be attending the SANS What Works In Virtualization and Cloud Computing Summit in DC arriving Friday. Look forward to meeting you there.

  1. July 25th, 2010 at 13:57 | #1
  2. September 15th, 2010 at 13:29 | #2