[Bastille-linux-discuss] [Fwd: SANS Cyber Defense Initiative Invitation]

[Albert W. <aewhale@ABS-CompTech.com>]

In case you weren't aware, Bastille is being discussed as a Best of 
Class tool in the CDI arena.

I still want my port forwarding to work with Bastille!

-------- Original Message --------
Subject: 	SANS Cyber Defense Initiative Invitation
Date: 	Fri, 31 Oct 2003 9:29:18 -0500 (EST)
From: 	The SANS Institute <sa...@sa...>
To: 	Alb...@63..., CISSP (SD594697) 
<ae...@ab...>



Dear Colleagues,

Let's be honest. If we in the information security community don't
share best-of-breed ideas about how to defend our systems and
networks, we're sunk. Computer attackers constantly improve their
tools and methods, and brazenly share their latest wares within their
community. To keep up, we (the good guys) must collaborate. As Benjamin
Franklin famously quipped, "We must all hang together, or assuredly
we shall all hang separately."

To help foster this much-needed collaboration, SANS created the
Cyber Defense Initiative (CDI). Each year, SANS polls the security
community for ideas about CDI collaborative projects we can all use
to help improve our security. Volunteers from around the world pour
enormous amounts of effort to bring these projects to fruition. The
volunteers do the work, and we all benefit from the results.

To showcase the results of this year's CDI projects and encourage
collaboration, SANS will hold two action-packed conferences: CDI East
in Washington DC in December 2003 and CDI West in San Diego in January
2004. Join your colleagues at these conferences for SANS world-class
information security training, as well as featured presentations
covering topics associated with this year's exciting crop of CDI
projects:

-  SYSTEM ADMINISTRATOR INTRUSION DISCOVERY CHEAT SHEETS
As a security person, I rely heavily on my organization's system
administrators to look for signs of an intrusion on the machines they
maintain. In most organizations, sysadmins act as eyes and ears of the
information security organization in discovering anomalies. However,
in my chats with many system administrators, I learn that they often
don't have the fundamental skills needed to spot bad guys on their
machine, such as looking for unusual process, network usage, and other
telltale signs of system invasion. This project has developed one-page
cheat sheets for Windows and Linux administrators highlighting various
simple-to-perform tasks to look for evidence of system compromise. The
CDI presentation will describe the cheat sheets and offer helpful tips
for incorporating them into your system administrator's activities.

-  INTERFACING WITH LAW ENFORCEMENT FAQ
If we are going to turn the tide against computer attacks, the private
sector, government agencies, and the law enforcement community must
cooperate more effectively than ever before. Yet, many security
personnel aren't familiar with how to engage law enforcement
effectively. For example, when should you call local or national
law enforcement to help handle a case? When do you have a right to
monitor employees' electronic communications? How can you develop
communication channels with law enforcement? This CDI project asks
the tough questions and provides excellent answers for improving
your knowledge of law enforcement and your relationships with law
enforcement agencies.

-  SANS/FBI TOP 20 TOP TWENTY VULNERABILITIES LIST
This signature CDI project spells out the most commonly exploited
vulnerabilities of the previous year so we all know where to focus in
improving our security stance. This year's Top 20 is a major upgrade
and a wonderful guide for raising our baseline security stance to
prevent the most common attacks. The Top 20 doesn't merely point
out the problems, though. It also provides detailed, real-world
solutions to each of these issues that you can use to heighten your
organization's security quickly and efficiently.

-  SECURING LAMP - LINUX APACHE, MYSQL, AND PHP/PERL/PYTHON
Many organizations are turning to these open source projects to offer
low-cost, high-reliability web infrastructures. However, if you don't
deploy them properly, numerous security holes could leave your web
sites highly vulnerable. This CDI project is developing specific
guidelines for hardening your LAMP systems so you can realize the
cost and reliability benefits of these technologies, while improving
security at the same time.

-  BASTILLE HARDENING EXTENDED TO NEW OPERATING SYSTEMS
Tightening the security of an operating system is a crucial yet
often-difficult task in most organizations. To automate and simplify
this task, the Bastille project has developed hardening tools for
a variety of systems, including Linux and HP-UX. As part of CDI,
Bastille has been ported to Mac OS X, thereby shoring up the security
of this increasingly important operating system. Bastille's not just
for Linux any more!


I look forward to seeing you at an upcoming CDI conference in December
or January (or heck... why not both)!

--Ed Skoudis
Cyber Defense Initiative Conference Chair


CDI East
December 8-13, 2003 - Washington DC
http://www.sans.org/cdieast03/

CDI West
January 26-31, 2004 - San Diego, CA
http://www.sans.org/cdiwest04/


To change your subscription, address, or other information, visit
http://portal.sans.org



-- 
Albert E. Whale, CISSP - Sr. Security, Network, and Systems Consultant
--------------------------------------------------------------------------------
http://www.abs-comptech.com & http://www.No-JunkMail.com 
ABS Computer Technology, Inc. - ESM, Computer & Networking Specialists
SPAM Zapper - www.No-JunkMail.com - SPAM Stops Here.
Founding Board of Directors of Pittsburgh FBI - InfraGard