[Apachebenchmark-sans-t4] RE: SANS T4 - LMP Weekly Email
Status: Alpha
Brought to you by:
rcbarnett
Menu
▾
▴
[Apachebenchmark-sans-t4] RE: SANS T4 - LMP Weekly Email
|
From: <Rya...@at...> - 2003-09-29 21:52:18
|
I have a quick question for all of you. After reading this weeks chapters, I thought I might do a presentation which I have given at previous SANS conferences called "Catching Intruders with SNARE" - http://www.sans.org/sansfire03/nial.php#barnett This presentation discusses many techniques used by BlackHats to break-in and hide on systems. It shows how you can leverage an open source tool called SNARE to capture audit data, and how to analyze this data for attack signatures. I will not focus that much on the too, but rather the Blackhat's techniques. I think this will fit in nicely with the "Incident Examples" section we had to review. Please let me know a yeah or ney of you would like me to do this. If the neys take it, then I will continue with how we did it last week. Thanks. > Most Respectfully, > Ryan C. Barnett > SANS: GCFA, GCIH, GCUX, GSEC > Department of Justice - ATF > Information Services Division > Operations Security Team Lead > Email: Rya...@at... > Pager: Rya...@sk... > Phone: 202-927-2913 > > |
