A friend of mine asked me a few questions about the recent ShmooCon V conference I attended (so did Steve) in DC, and I wanted to post the excerpt from the email below. This is the first ShmooCon I've attended, and it goes w/o saying that I enjoyed myself far too much with the evening festivities, and more so enjoyed the presentations and atmosphere during the day at the conference. For those of you looking to attend something like this "A Hacking Conference", I HIGHLY recommend it. I've been to DefCon, and it's fun as well, but Bruce Potter and the ShmooCon Team really do one heck of a job with ShmooCon, and the attendance is limited, so it isn't too crowded.
My 2 favorites from the con (this was tough): Next Generation Wireless Recon, Visualizing the Airwaves and The Fast-Track Suite: Advanced Penetration Techniques Made Easy. The information below is solely my opinion, and I can post additional comments if you would like more specifics on a preso I attended.
"As for the way this was laid out, here is a link to the schedule: http://www.shmoocon.org/presentations.html . This is simlar to DefCon - or pretty much any other hacking con I can think of - where you have to choose which presentation to go to. Aside from the first day, you have 3 options to choose from, more or less. Since I had also went to the DC BSD Conference as well: http://www.dcbsdcon.org/talks.html , which ran from Thursday and Friday, there were some talks, as well as the closing ceremonies which lasted longer than scheduled by a bit - so I didn't have a chance to check out everything from the 1st day...Anyhow, the presentations I attended:
1000: Radio Reconnaissance in Penetration Testing - All Your RF Are Belong to Us
1100: Building an All-Channel Bluetooth Monitor
1200: Next Generation Wireless Recon, Visualizing the Airwaves
1500: Building Wireless Sensor Hardware and Software
1600: All Your Packets are Belong To Us: Attacking Backbone Technologies
1700: The Fast-Track Suite: Advanced Penetration Techniques Made Easy
1100: RFID Unplugged
1330: Closing Plenary - Are bad times good for security professionals?
Also, there were a few presos that I really wanted to see, but due to the room being packed and other scheduling screwups on my part, I didn't manage to attend. Overlapping presos can be a problem too...here are some of those:
1400: Man in the Middling Everything with The Middler
1500: 802.11 ObgYn or "Spread Your Spectrum"
1000: Ten Cool Things You Didn't Know About Your Hard Drive
So, I missed more than I wanted to, but given the presentations I did see, I will surely try to get tickets for next year. These cons offer an opportunity to see new and cool things people are doing out there. I definitely want to try to attend at least one per year, and maybe more if I can manage it (like Shmoocon in the Spring/Winter, Defcon in the Summer and Toorcon in the Fall). The cost is low, and the experience is unforgettable."