Archive for the ‘Industry Events’ Category

WiFi Pilot Post on

As you can see from the graphic on the left, I have a new blog post available on the CWNP homepage, 

If you are unfamiliar with the CWNP program, they are a vendor-neutral certification body for wireless networking and security.  

My most recent blog post at CWNP talks about a new product offering from CACE Technologies and MetaGeek, called “WiFi Pilot”.  The WiFi Pilot WLAN Analysis kit contains a WiSpy Spectrum Analyzer, an AirPcap wireless packet capture device, and the WiFi Pilot analysis software.  

Check out the review on CWNP for an extended discussion of product functionality, pricing, etc.  

One other thing that I mention in the post is the Sharkfest Conference for Wireshark Users and Developers.  The conference is being held Jun 15th – 18th.  I am attending the conference and *super* excited about it – feel free to email me at douglashaider <at> hotmail <com> if you are attending. I would love to meet up and chat!

Related Posts: 


Melee at the Mandalay – Live Men’s and Women’s Boxing!

If you have been paying attention to my blog, you know that I am in Las Vegas this week for both INTEROP and the Forrester IT Forum. My employer, Xirrus, is exhibiting on the INTEROP show floor.  The booth theme this year is “Melee at the Mandalay”, which takes the audience through a several round bout between the Wi-Fi Array vs. the Traditional Wired Workgroup Switch.  This actually piggybacks off the Xirrus theme last year, which was “Ditch the Switch”.

In conjunction with the Melee at the Mandalay theme, Xirrus is holding live boxing! I saw several fights today and they were pretty exciting!  Although each fight has a new set of boxers, they seemed to be getting more aggressive throughout the day.  I can’t wait to watch tomorrow’s (Wednesday, May 20th) matches, which are scheduled for 11AM, 1PM, 2:30PM, and 4PM.   There will also be several matches held on Thursday. Here are a couple photos that I took standing along ringside:

You can also see video footage of some of the earlier matches at the Xirrus website –

Related Posts:


I made it to Syn-City.  Whoops!  That’s the geek in me.  You know… the three way handshake… Syn, Syn-Ack, Ack  (I guess its not a good joke if you have to explain it).   

This week, I will be attending both INTEROP and Forrester’s IT Forum.  Due to the lack of sleep this city usually affords me, I will be concentrating my efforts on my Computerworld blog, and plan to have a post everyday, starting this evening and running through Thursday.  

It’s going to be a busy week for me.  Besides blogging, my employer (Xirrus) is exhibiting at the show as well as providing the WiFi for all exhibitors and attendees.  (Translation: I will be pulling booth duty.  Stop on by and say hello!)

I also have a number of meetings set up with some real movers and shakers in the wireless industry.  Today, I had lunch with Craig Mathias, who is the conference chair of the wireless track at INTEROP.  Craig and I had a great discussion.  We discussed

  • What looks to be the most exciting part of the upcoming wireless track at INTEROP 
  • If wireless is a capable replacement to Ethernet switching to the desktop 
  • The general decline in interest in wireless security

I plan on transcribing our Q&A in my Computerworld blog post later this evening.  Over the next few days, I will have Q&A with other journalists, analysts, etc. so reach out and let me know in the comments section what I should ask them!

I also have several other “extra-curricular activities” while I am in Vegas.  No, it’s not what you’re thinking…  One such event that I am particularly excited about it tonight’s “Beer & Bloggers” event down at Palazzo.  If you are in Vegas, come on by!  The logistical information is below:

Las Vegas Tweetup – 2009
Monday May 18, 2009 from 6:00pm – 8:30pm
Dos Caminos
inside the Palazzo Hotel/Casino
3325 Las Vegas Blvd.
South Las Vegas, Nevada 89109

Sharkfest ’09

I admit it, I am getting jealous with all my colleagues Twittering about the RSA Conference this week at the Moscone Center in San Fransisco.  While the idea of heading to RSA hit me too late to make the logistics work, something that I am planning ahead for is Sharkfest 2009.   What is Sharkfest, you ask?  

Sharkfest is a conference dedicated to the optimization of the Wireshark Protocol Analyzer, which is now owned and managed by CACE Technologies. It is a 3 day conference being held near San Fransisco at Stanford University. The official dates for the conference are June 15th – 18th, 2009.  


The conference has three tracks – one for basic users, one for advanced users, and one for developers.  I am pretty sure that you can mix and match sessions from all three tracks.  The cost of the conference is only $695 per person, and each paid attendee gets a free AirPcap Classic adapter ($198 value), which lets you do 802.11 b/g packet capture in Windows, directly through Wireshark. Groups of 3 or more are also eligible for a 10% discount.  

If you have been following my blog, you know that I am a wireless packet junkie.  I am attending Sharkfest with a couple other Principal Technologists from Xirrus.  It looks like they have a great speaker lineup with Mike Kershaw (Kismet creator), Fyodor, Laura Chapell, etc.  Of course, they will have Wireshark engineers and developers on-hand as well.  

If you are interested in registering for Sharkfest, I would suggest doing it soon.  This is the second year for the conference and the conference organizers told me that they are limiting the number of attendees so that it doesn’t grow out of hand too quickly.  As someone who attended the first several Shmoocon conferences, I can tell you that you want to get in on the ground floor.   

Related Posts: 

Insider’s Guide to a SANS Conference – Day 5

This was the last day for the Management 512 “Security Leadership Essentials for Manager’s” course.  Day 5 was a Management Practicum.  

The Day 5 material was the most focused on pure management with less attention on technical information.  The topics included understanding legal liability and managing technical employees.

As a management “practicum”, I was hoping for more scenarios, role-play, or exercises.  That being said, the class did have an outstanding discussion on the topics at hand. 

MGMT 512 uses a trademarked feature called “Knowledge Compression”. Most of the full length courses are 6 days.  There are also a handful of one day courses that are being offered, so the conference runs throughout this weekend.

I had a GREAT time participating in the SANS work-study program.  One of the most memorable moments was when the hotel staff asked if we wanted to jump in a bounce house they set up.  Apparently they had it set up to model to a different group and thought someone should get some use out of it before they deflated it.  

We collectively thought it would be a good idea to get a picture of us all jumping around with and post it on the website with a caption of “Volunteering at SANS is fun!”.  Well, the bounce house had a “structural failure”.  To make a long story short, I ended up folded like a taco in a corner of the bounce house with everything collapsing around me.  Needless to say, we were all laughing pretty hard.  Hopefully, I can get a copy of one of the pictures taken.  Check out the SANS website if you are interested in their work-study program I highly recommend it! 

Related Posts: 

Insider’s Guide to a SANS Conference – Day 4

Insider’s Guide to a SANS Conference – Day 3

Insider’s Guide to a SANS Conference – Day 2

Insider’s Guide to a SANS Conference – Day 1

Insider’s Guide to a SANS Conference – Setup

Insider’s Guide to a SANS Conference – Day 4

In today’s MGMT 512 course, we discussed “the value of information”.   My favorite part of the course material was a discussion about intellectual property.  I will have to write a full length blog post on the topic in coming weeks – the topic and discussion were simply fascinating!

We also had a session on IT ethics.  I really like the printed course material for that section because there were a number of different ethical scenarios, along with a conservative opinion and a liberal opinion (not using conservative/liberal in the political sense).  I thought it offered a lot of value to look at both sides of the issue.  

As you may have seen in a previous post, I have been planning a short interview with Stephen Northcutt about the state of wireless networking, social media, etc.  We were able to conduct that interview after class, and I will have it posted to my blog as quickly as I can get it transcribed.  

Tomorrow is the end of the MGMT 512 course.  I believe it ends with a Management Practicum, although I am not sure.  Check back tomorrow to hear all about it!   🙂

Insider’s Guide to a SANS Conference – Day 3

If you have been following my Twitter hastag for the event (#SANS_PHX), you probably realized that this was my favorite day of course material simply because this is the day we covered WIRELESS.  wOOt!  

SANS should really have a six day track focused on Wireless Ethical Hacking, Pen Testing, and Defenses… oh wait, they do have that and I have already taken it.  😉  

At any rate, the Security Leadership Essentials course material focused on “Communications Security” today with sections on wireless & bluetooth, cryptography, steganography, OPSEC, etc.  

One question that the wireless module brought up in my mind was “how many organizations audit for Bluetooth?”  My guess is that few organizations even scan for Bluetooth.  Even if they do, I think that only a handful doa complete audit that includes more advanced sniffing, pen testing, or vulnerability assessment/exploitation.  

The MGMT 512 course also had a bonus talk from Rich Mogull about the current state of the industry – good stuff! 

Lastly, today’s conference also included a vendor fair.  Michael Farnum just wrote a blog post about how much he enjoys working “booth duty” at such events because it allows him be more of a security evangelist.  As a vendor, I can relate to Michael and his feelings of working the booth.  I also enjoy being a conference attendee on the other side of the booth as it allows me to expand my knowledge and participate in meaningful discussions with people who share my passion for networking & security.  

Sorry, no conference pictures today.  Someone should send me a tweet mid-day to remind me to grab a few for tomorrow’s blog post!  

Related Posts: 

Insider’s Guide to a SANS Conference – Day 2

Insider’s Guide to a SANS Conference – Day 1

Insider’s Guide to a SANS Conference – Setup

Insider’s Guide to a SANS Conference – Day 2

I’ll cut to the chase and give you the bottom line up front…

My favorite part of today’s conference were the SANS @night presentations.  These are optional (and free) presentations that the SANS Institute supports on selected evenings of their conferences.    One of today’s @night talks covered Web App Security and the other covered Man-in-the-Middle Attacks. 


SANS @night Talk

SANS @night Talk


Web App security was given by Rich Mogull (@rmogull) and the MitM Attack talk was given by Bryce Galbraith.  Saying that they were *PACKED* with information is an understatement.   There are many intangible benefits of attending a SANS conference, and the @night presentations definitely top that list!

I also enjoyed my “normal” course, “Security Leadership Essentials for Managers”.  I particularly enjoyed the conversation around malware and endpoint security.   My take-away is that white listing is the future in this area.  I Tweeted about this realization on my Twitter timeline (@wifijedib). 

There were also a few logistical challenges today – the first was that one of the instructors came down with bronchitis and lost his voice.  The SANS conference staff were able to schedule temporary work-around and work in a backup instructor in an incredibly short amount of time.   Also, there was an internet outage at the conference hotel.  Again, the conference staff worked tirelessly to resolve and developed an immediate work around.   I was impressed with their ability to handle these situationshow strong are your business continuity processes

Related Posts:

Insider’s Guide to a SANS Conference – Setup

Insider’s Guide to a SANS Conference – Day 1

Insider’s Guide to a SANS Conference – Day 1

If you are reading this, it means that we both survived Day 1 of SANS Phoenix.  🙂  

My favorite part of the day was helping everyone at the registration desk.  It was fun meeting so many different people. There seemed to be a good mix of people returning to SANS as well as first time conference attendees.  

Stephen Northcutt gave a short “Welcome to SANS” briefing this morning.  I wasn’t able to attend as I was at the registration desk (see above).  

Classes kicked off at 9AM and most ran until approx. 5:30-6:00PM.  I know that we covered a TON of information in the MGMT 512 (Security Leadership Essentials for Managers) course.  We talked about budgeting, project management, vulnerability management, and vendor selection processes.   

Even though I am in a Management course, there was a great deal of technical information covered in Day 1.  We discussed the TCP/IP header, ports/protocols, and packet analysis.  At one point I felt like Neo in The Matrix – (paraphasing more than an exact quote…) “what do you see in the matrix?  ones and zeros?  I see a blonde.  I see a brunette.” 

Logistically, everything seemed to run smoothly.  As always with big conference rooms and theaters, the temperature runs cold, so don’t forget to bring a sweater or light jacket with you tomorrow.  🙂  

There was a SANS@night talk regarding Honeypots, which I missed.  I am excited to see Rich Mogull’s SANS@night talk tomorrow night as he and I are connected on Twitter (@rmogull

Speaking of Twitter, I “tweeted” about the conference at least a half dozen times today.  You can search for the hashtag #SANS_PHX or follow me (@wifijedi) to see the updates.

Insider’s Guide to a SANS Conference – Setup

This is the first blog post in a series, “Insider’s Guide to a SANS Conference”. It corresponds to my attendance at the SANS Phoenix Conference March 23-30, 2009.

As a disclaimer, this “Insider’s Guide” will not provide you confidential information.

Also, you should know that I am “nobody special” within the organization. This is the third conference I have attended, all through their work-study (volunteer) program. I have Mentored the wireless course and taught a wireless Stay Sharp course in Dallas a couple years ago, but that’s it.

The series is meant to be detailed description of my participation and to hopefully encourage others to attend. (I am a big fan!)  I am taking the “Security Leadership Essentials for Managers” course, which is being taught by Stephen Northcutt – the CEO of SANS.  

I am also “micro-blogging” about the conference via Twitter. You can find my updates with the hashtag #SANS_PHXbetter yet, you can “follow me” on Twitter @wifijedi to see all the updates in your own time line!

Today the conference organizers & volunteers set up the conference. Since this is a smaller, regional conference, there are only 5 volunteers (one for each course they are running). Setting up consisted of the following activities:

  • Preparing name badges 
  • Preparing registration folders 
  • Recieving and sorting courseware (books)
  • Stuffing totes with courseware and other inserts 
  • Sorting conference shirt by size 
  • Placing signage throughout facility directing attendees to registration, classrooms, internet cafe, etc.  
  • Setting up registration station 
  • Preparing course evaluation forms & folders 
  • A briefing regarding volunteer duties & expectations
  • Etc. 

I am looking forward to seeing all the attendees at the registration booth from 7:00 – 9:00 AM tomorrow morning!  

Related Posts: