Many Websites mix secure and insecure content on the same page, like
Facebook. This makes it possible to steal all the data entered on such a
page easily, using Moxie Marlinspike's SSLstrip tool. I will explain and
demonstrate this attack.

Slowloris is a very new layer 7 denial-of-service attack created by RSnake
that stops Apache web servers completely with very low bandwidth--one packet
every 2 seconds. The Apache developers were notified of this vulnerability
and decided it was unimportant and not worth patching. I will explain and
demonstrate this attack, and discuss various ways to protect your Apache
servers.

I will hand out complete instructions so that anyone can easily set up both
these attacks on their own machines.

*Sam Bowne* has been teaching computer networking and security classes at
CCSF since 2000. He has given talks at DEFCON and Toorcon on Ethical
Hacking, and taught classes and seminars at many other schools and teaching
conferences.

He has a B.S. in Physics from Edinboro University of Pennsylvania and a
Ph.D. in Physics from University of Illinois, Urbana-Champaign. His Industry
Certifications are: Certified Ethical Hacker, Microsoft: MCP, MCDST, MCTS:
Vista; Network+, Security+, Certified Fiber Optic Technician.