The May Report: 01/31/2002: Calling all hackers: Bill wants folks with SNORT and "John the Ripper"

[InfoSec News <isn () c4i org>]

---------- Forwarded message ----------
Date: Thu, 31 Jan 2002 17:12:37 -0600
From: Claire Dolinar <claire () themayreport com>
Reply-To: owner-mayreport () list themayreport com
To: mayreport () list themayreport com
Subject: The May Report: 01/31/2002: Calling all hackers: Bill wants  folks
    with SNORT and "John the Ripper"; 

January 31, 2002

The May Report
Your inside source on Chicago's high tech community

The May Report: 01/31/2002: Calling all hackers: Bill wants folks with
SNORT and "John the Ripper"; 

Ron May: editor, reporter, commentator, and publisher.
773-871-2000 x1
For personal & confidential: 312-670-6336
E-mails for Ron: ron () themayreport com. Unless otherwise requested by the 
sender, all correspondence addressed to Ron May and/or The May Report is 
subject to publication in the newsletter and on the website.

Administrative matters should be directed to Claire Dolinar 
(claire () themayreport com)

[...]

* I received a call this morning from a self-described hacker who told
me that I might be interested to learn that Microsoft is "calling all
hackers." Bill Gates announced a few days ago that security and
trustworthiness is the number one concern of Microsoft. In order to
make sure that their sites are safe, Microsoft is asking hackers to
help them with penetration issues and intrusion detection. I asked the
guy--who did identify himself to me, but asked to remain
anonymous--how they found him.  He explained that it's really a pretty
small community, and once you are on the list of people who know about
this stuff, they keep track of you.  Specifically, he mentioned a
product called "SNORT." Microsoft wants people with SNORT experience.

Here is a note I received after my conversation with this person. The
buzz words are fascinating.

Date: Thu, 31 Jan 2002 08:39:02 -0800 (PST)
From: Name withheld upon request.
Subject: Microsoft is looking for some hackers
To: ron () themayreport com

Ron-
I spoke to you this morning. My name is (name withheld). About a week ago I 
got a call from a headhunter representing Microsoft. It seems that 
Microsoft is trying to make good on Bill's promise to secure Microsoft 
products. They asked if I would do some
penetration testing and intrusion detection. Keep my name confidential 
because I am interested in the business. I am attaching some info on me 
just FYI
Thanks,
+++++
Here is an excerpt from his resume which keeps any identity confidential, 
of course. I am printing it so that you can see what these guys do, and 
take a look at the names of the tools they use.

"Provide security design and implementation for clients.
Responsibilities include:
- Manage eight security consultants and developers that were responsible 
for intrusion detection, policies and procedures.
- Provided intrusion detection for a large (type of firm removed) firm 
operating in a heterogeneous environment running Solaris and  Windows 
NT/Windows 2000 networked by TCP/IP that led to the cracker being 
discovered. Tools included but were not limited to
SNORT, Root Tool Kit and NMAP. In addition policies and procedures were 
refined and developed.
- Moderator for internet security seminars detailing vulnerabilities and 
risk analysis.
- Provided computer forensic assistance to municipal law enforcement 
agency. Tools included but were not limited to EnCase, Crack and John the 
Ripper.
- Provided risk assessment along with penetration testing of websites 
Apache, I-Planet and ISS. Tools included traceroute, SNORT, NMAP, whois, 
sniffer, etc.
- Audit and implement security rules for the enterprise infrastructure that 
included firewalls, screening routers, PKI, intrusion detection etc."

[...]

____________________
THE MAY REPORT STAFF AND CONTRIBUTORS / CONTACT INFORMATION
Contributors: Jonathan Plotkin: web cartoonist and provocateur; Dan 
Limbach: Editor of Schmoozemonger.com, and founder of In A World, Inc., 
"The Idea Petri Dish"; Jeffrey Gilbert: contributing columnist on strategy. 
Jeffrey is a founder of BLINK, Inc. which, among other things, provides 
strategic consulting services to startups.

Advertising: Paul May and Mike Rhoades
Executive Assistant: Claire Dolinar
Administrative Asst. Juli Scaro
++++++ Contact Information+++++
Claire Dolinar (executive assistant): 773-871-2000 x 2
773-871-4933 (Fax).
________
Advertising or business issues:
Available space to get your message across to over 14,000 subscribers.
Call Paul May @ 312-377-4211 or e-mail paul () themayreport com.
Include your phone number please.
+++++++++++ website +++++++++++
If you are a new reader or want to research Chicago High-Tech, 
entrepreneurs, high tech firms, dot coms, VC's, angels, and the movers and 
shakers, go now: http://www.themayreport.com. Our Archives have many of the 
past reports and there is no charge.
+++++++
SUBSCRIBE / UNSUBSCRIBE REQUESTS

To SUBSCRIBE: Send your request to claire () themayreport com and put 
"subscribe" in the subject line.
To UNSUBSCRIBE: Send your request to claire () themayreport com and put 
"unsubscribe" in the subject line. (Do not merely hit the "Reply" button 
after receiving a newsletter, as your unsubscribe request may be sent to 
bounced mail box and remain unprocessed.)
Note that being added to or removed from the distribution list is not an 
automated process; they are manually prepared and processed once a day. 
Please be patient. If we have difficulties unsubscribing your address we 
will notify you.

Is a colleague forwarding the May Report to you? Why not receive it 
directly from us? Subscribe now! There is no charge for our newsletter.

++++++++ EVENTS +++++++++
send to claire () themayreport com with events in the subject line.
+++++++++++++++++++++++++

============ 



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.