Probably will have final tweaks. Web site: http://isotf.org/isoi.html Please note, aside to bringing us all together, one of the main goals is seeing the different perspectives and current operations of the different sides of the fight. Namely: Law enforcement, Anti Viruses, Anti Spam, Dynamic DNS Porviders and ISP's. So far, 67 spots out of 75 available at the Cisco facility in San Jose are taken. The agenda is quite tight. Thank you all for your support in setting this up at such short notice, and for the community for getting involved beyond the closed circle groups. Even if the participation vetting remains only for the closed groups, some CFP submissions have been very interesting and allowed. As the communities around DA and MWP were originally started from NANOG and an AV-ers list, I am very glad the NANOG community remains involved at the level it does. Agenda ------ 09:00 - 09:05 - Preview of the day - Gadi Evron (Beyond Security) 09:05 - 09:30 - Early sessions - botnets from different perspectives, hosted by Paul Vixie (ISC): ISP's Barry Greene (Cisco) Anti Virus industry Joe Hartmann (Trend Micro) DynDNS providers Joshua Anderson (Afraid) Anti spam and reputation services Dave Crocker (Brandenburg InternetWorking) Main Lectures: 09:30 - 10:10 Key-note: "Bot, Botnets, Sandbox, Impact" Righard J. Zwienenberg (Norman) 10:10 - 10:45 "MSRC Malware/Exploit Zero Day Response - Case Studies" Greg Galford (Microsoft) 10:45 - 11:20 "The Rough Road Around Us in Botnet Tracking" Jose Nazarijo (Arbor) 11:20 - 11:55 "Malcode Toolkit Profiteering: Feeding the Trend in M.O. from Fame to Fortune" Hubbard Dan (Websense) 11:55 - 12:30 Lunch break Got chow? 12:30 - 13:05 Case Study: *** Levi Gundert (US Secret Service) 13:05 - 13:40 "Recent Bots Detection Information from Microsoft Security Products" Ziv Mador (Microsoft) 13:40 - 14:25 "Router Stress: An Under the Hood Look at How a Router is Really Attacked and DOSed" Barry Raveendran Greene (Cisco) 14:25 - 15:00 "What Keeps Us Up at Night: New & Advanced Difficult to Mitigate DDoS Attacks" Darrel Lewis (Cisco) 15:00 - 15:35 "Phishing and Botnets Organized Crime: Globalization and Tehnology Intelligence Update" Gadi Evron (Beyond Security) 15:35 - 16:10 TBA Jerry Dixon (US-CERT, DHS) Turbo talks: 16:20 - 16:35 "The Global Infection Rate" Rick Wesson (Alice's Registry) 16:35 - 16:50 "Fast-flux Botnet C&C Servers - Detection & Mitigation" Randy Vaughn (Baylor) 16:50 - 17:10 TBA David Ulevitch (EveryDNS / OpenDNS) 17:10 - 18:30 - Community discussion subjects: "The Past Year in Activity" Gadi Evron "Law Enforcement Cooperation Operations TBA "Creating More Actionable Intelligence" TBA "The Ratout AS-based Reporting System, Overview and Future Development" Randy Vaughn "Activity for the Coming Year" Gadi Evron After-party: Dinner, hosted by the ISC. Gadi.