Re: [Apachebenchmark-sans-t4] RE: SANS T4 - LMP Weekly Email

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I'm a "yes" vote!

Terri Walker-Cole, CISSP
US Fish & Wildlife Service
Region 9 IT Security Manager
703-358-1740 voice
703-358-2251 fax
ter...@fw...

|---------+--------------------------------------------------->
|         |           Rya...@at...                    |
|         |           Sent by:                                |
|         |           apa...@li...|
|         |           ceforge.net                             |
|         |                                                   |
|         |                                                   |
|         |           09/29/2003 05:51 PM                     |
|         |                                                   |
|---------+--------------------------------------------------->
  >----------------------------------------------------------------------------------------------------------------|
  |                                                                                                                |
  |        To:      apa...@li...                                                  |
  |        cc:                                                                                                     |
  |        Subject: [Apachebenchmark-sans-t4] RE: SANS T4 - LMP Weekly Email                                       |
  >----------------------------------------------------------------------------------------------------------------|

I have a quick question for all of you.  After reading this weeks chapters,
I thought I might do a presentation which I have given at previous SANS
conferences called "Catching Intruders with SNARE" -
http://www.sans.org/sansfire03/nial.php#barnett

This presentation discusses many techniques used by BlackHats to break-in
and hide on systems.  It shows how you can leverage an open source tool
called SNARE to capture audit data, and how to analyze this data for attack
signatures.  I will not focus that much on the too, but rather the
Blackhat's techniques.

I think this will fit in nicely with the "Incident Examples" section we had
to review.

Please let me know a yeah or ney of you would like me to do this.  If the
neys take it, then I will continue with how we did it last week.

Thanks.

> Most Respectfully,
> Ryan C. Barnett
> SANS: GCFA, GCIH, GCUX, GSEC
> Department of Justice - ATF
> Information Services Division
> Operations Security Team Lead
> Email: Rya...@at...
> Pager: Rya...@sk...
> Phone: 202-927-2913
>
>

-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
SANS Local Mentor - Track 4 Website:
http://apachebenchmark.sourceforge.net/sans/
Apachebenchmark-sans-t4 mailing list
Apa...@li...
https://lists.sourceforge.net/lists/listinfo/apachebenchmark-sans-t4