[web-team] June 2nd Speaker Bio & Abstract

Andrew Fife andrewbfife at yahoo.co.uk
Sat Apr 3 18:03:08 PST 2010

Hi Web Team:

just a quick note to let everyone know that Sam Browne has agreed to speak at SVLUG on June 2nd.  We are pretty early, but it would be great if someone could update the website with the the abstract an bio below, which has been minimally adapted from what Sam wrote here:  





Hijacking Web 2.0 Sites with SSLstrip and Slowloris 


Many Websites mix secure and insecure content on the same page, like Facebook. This makes it possible to steal all the data entered on such a page easily, using Moxie Marlinspike's SSLstrip tool. Sam will explain and demonstrate this attack.

Slowloris is a very new layer 7 denial-of-service attack created by RSnake that stops Apache web servers completely with very low bandwidth--one packet every 2 seconds. The Apache developers were notified of this vulnerability and decided it was unimportant and not worth patching. Sam will explain and demonstrate this attack, and discuss various ways to protect your Apache servers.

Complete instructions, so that anyone can easily set up both these attacks on their own machines, will be discussed. 


Sam Bowne has been teaching computer networking and security classes at City College of San Francisco since 2000. He has given talks at DEFCON and Toorcon on Ethical Hacking, and taught classes and seminars at many other schools and teaching conferences.

He has a B.S. in Physics from Edinboro University of Pennsylvania and a Ph.D. in Physics from University of Illinois, Urbana-Champaign. His Industry Certifications are: Certified Ethical Hacker, Microsoft: MCP, MCDST, MCTS: Vista; Network+, Security+, Certified Fiber Optic Technician. 


More information about the web-team mailing list