I’m all settled in at the Walt Disney Dolphin resort hotel, registered for the SANS SCADA Summit, and just finished up going over my slides one more time.

I’m going to go ahead and make the slides available now, so anyone interested in attending the talk tomorrow can go ahead and get them.  If you’re not at the Summit, then here’s your little slice of it:

  • Sorry, not here anymore (right-click, save as)

It’s about 3 megs (pictures :) , and they compressed ugly when I tried).


Edit: A few folks have asked: SANS did not ask for the slides to be removed.  They’re totally cool, and have been great to me and the other speakers during this conference.


I will be in attendance and talking at the SANS Process Control and SCADA Security Summit 2009, at the Walt Disney World Dolphin hotel.  I have been invited to take part in the keynote discussion panel on the topic of security issues surrounding the smart grid and Automated Metering Systems.  I’m in very good company on this panel, with three top-tier co-panelists:

I’m looking forward to discussing control system security with these guys, and I’ll try to keep up!.  I’m also going to be involved in an interactive workshop on the topic of wireless threats with Matt Carpenter later on in the first day.  If you’re looking for me outside of my talks, I’ll be attending as many other talks as possible, and trying to network with other penetration testers :) .

If any of my readers are going to be attending the summit, please get in touch with me!  I’d love to meet you, and would be happy to talk to you at length about my current SCADA security research interest: vulnerabilities in Human Machine Interface (HMI) products.


Tonight, here in Starkville, MS, I taught my first of what will hopefully be many training classes for SANS. Tonight, 8 very bright students (mostly IT staff for the university), took part in the “Stay Sharp: IP Packet Analysis”. I say they “took part”, rather than “attended”, as each and every single one of them were contributed a lot and turned the class into a very collaborative learning experience. I think everyone walked out with a few new tricks up their sleeves, including myself.

Many thanks to my talented wife, Crystal, for making the refreshments enjoyable this wonderful creation:

Dinner afterwards at the Bulldog Deli with a handful of the students was a great way to wind down too!

I’m really looking forward to teaching more of these classes, and participating in improving and developing course materials. Stay tuned!


I’m really excited to announce that I will be teaching the SANS Stay Sharp: IP Packet Analysis training course here on the Mississippi State Campus, in cooperation with the Center for Computer Security Research. This will take place on Thursday, May 10th, from 6 to 9 PM. You can find out more information about the class and how to register here.

The class is an excellent introduction to getting your hands dirty with analyzing pcap dumps with various tools, and even how to do it manually. I feel that the latter is very important when you first learn about the various protocols involve, and comes in very handy when you eventually run across packets that are either malformed or part of a protocol you aren’t familiar with yet. It’s a useful skill that will come in handy not only in incident response, but also in writing custom rules for firewalls and intrusion detection systems.

If you sign up, be sure to tell them that Wesley McGrew referred you ;) . I’m looking forward to meeting the attendees and making it an enjoyable and educational experience. I’d like for everyone to be able to walk away with techniques they can immediately apply.

As a final note, it is likely that my wife will be making some of the sweets available as refreshments. Those of you who have experienced Crystal’s baking can vouch that it’s worth the price of admission for this reason alone.

© 2012 McGrew Security Suffusion theme by Sayontan Sinha