HKEx incidence grants us a perfect moment to talk about web application and DDoS attacks.
Darkfloyd and AlanH0 will present and kick the ass of HKEx web site as well as quote "representative" samples from Webapp Security Fengshui research.
Title: Defending DDoS and advanced attacks on Critical Infrastructure
Date: 3-Sep-2011 (Sat)
Time: 2:30pm-5:30pm (2.15pm start registration)
Venue: Lecture Theatre, 1/F HKPC Building, Kowloon Tong
ISOC-HK, HKCERT, HKCS-ISSID, PISA, VXRL,ISACA, ISFS
Target: 100 seats. Open to members of coorganizers and supporting
Supporting organizations: IT professional and trade associations to be
1. DDoS - what is it and how to defend it? (NexusGuard rep.)
2. Web servers - a sure target (Anthony Lai, Alan Ho of VXRL)
3. Panel Discussion: The Lessons Learnt in the HKEx incident
Moderator: ISOC HK
By the way, we have known (from newspaper or may be rumor, we hope it is a rumor) that the arrested guy simply automated clicks over the web site (HKExNews) in his servers using like 按鍵精靈, he wants to cause traffic jam against the site, this kind of software is always used when people play games.
We are glad that HK Police has arrested such stupid guy (i.e. he is absolutely not a hacker because hacker will not be traced easily) but we need to remind HK Police and public: He is not a master, he is not the planner and he is just stupid clicker 笨賊 ;-)
Don't be happy too soon, government, police and public.