I'll start of by saying the second day of SecTor was amazing compared to the first day. We started off with Stepto giving the opening keynote. While it wasn't anything groundbreaking, it was exactly as advertised and well presented. I fully enjoyed hearing him walk through how he got into security, his time with MSRC and how things he'd learned working in security applied to other aspects of his life... it was great.
Following the keynote, I was torn between Pwning the Proxy and Lock picking. In the end personal interest won out and I attended the lock picking session. There was quite a bit of interest information shared and I managed to take a couple pages of notes. One of the coolest things was the how-to on making a combination lock shim using a piece of aluminum from a pop/beer can.
Following the lock picking session was lunch. The meal was much better than the day before. One thing that I didn't get was why so many tables were reserved and there was staff keeping people from sitting at them. The same thing existed on day 1 and the tables were never used, so why were they there are day 2?
Lunch was also great because Johnny Long was the lunch keynote. If you've never seen Johnny speak... make every attempt you can to see him somewhere. He spoke with regards to his No Tech Hacking book (proceeds of which go to Charity) and the presentation was quite amusing and a lot of fun to watch. He gave examples of information gathered by shoulder surfing, dumpster diving, etc. It essentially centered around the non-technical side of reconnaissance or pen-testing. The entire crowd spent the time laughing and fully enjoying themselves (or at least that's how it seemed).
After lunch I checked in on Hoff's virtualization talk. It actually had some interesting information and I was really glad that I'd attended it. I was unaware that there was a Cisco vSwitch for ESX but I really like the concept. It'll enable some very interesting things to happen.
I had planned on attending the talk on identifying crypto in code for the last session of the day, but a old coworker showed up and we spent the session catching up in the keynote room. Following that there was some brief conversation and the wrap-up (which including the awarding of prizes). I did note that a couple of the prizes weren't given away (Checkpoint wireless router/firewall for instance), so hopefully that wasn't just a scam to get business cards.
Then a small group of us (9 people I believe, both speakers and attendees) went out for all you can eat sushi, and a few drinks. I really enjoyed myself day 2 and really enjoyed the con as a whole, there were just some really bad experience on the first day.
I'm definitely looking forward to SecTor 2009!