Snort mailing list archives
Re: Seattle Snort User Group TOMORROW 5/16 7:00 PM @ SSCC
From: James Affeld <jamesaffeld () yahoo com>
Date: Mon, 15 May 2006 15:32:46 -0700 (PDT)
--- James Affeld <jamesaffeld () yahoo com> wrote:
On Tuesday, 5/16 Anthony Williams will be demonstrating the Nessus vulnerability scanner, showing what it can tell the attacker and defender. We'll also see what a Nessus scan looks like to Snort. Nessus is perhaps '_the_ network vulnerability scanner'. It offers breadth of coverage through a modular architecture. Each vulnerability gets a plug-in which the system uses to test hosts on your network. According to the Nessus website, there are '10710 plugins in the direct feed (1077 in the non-registered GPL feed and 10704 in the registered feed), covering 4878 unique CVE ids and 4585 unique Bugtraq IDs.' http://www.nessus.org/ ------------------------------- On Tuesday, 6/6 Russ McRee will present a talk on Aanval, a console for Snort. http://aanval.com Aanval (www.aanval.com) is a console built to run as Snort console via a web browser. What Aanval offers that places it above and beyond ACID/BASE, is a plethora of functionality, including extensive query capacity, searching, and attractive reporting. In an age of compliance, it is hugely beneficial to have the capacity to draw the majority of network security information from one platform. In our use of Aanval we gain much information about outbound traffic via the use of Bleeding Edge Snort signatures to capture both IM and spyware traffic, as well as policy violations. My presentation will certainly evangelize Aanval, largely from a technical enduser perspective, most importantly as an information security professional. Included would be whitepaper content specifically geared to using Aanval for compliance measurement and policy enforcement. Background Russ McRee is the Information Security Architect for Municipal Court of Seattle. He most recently participated as a poster session presenter at the 8th International Symposium on Recent Advances in Intrusion Detection (RAID 2005) and participated as a panelist at the Seattle SecureWorld Expo. His article on implementing secure web application servers was published in the January 2006 issue of Sys Admin and is now an OWASP whitepaper. Russ' prior infosec engagements include Seattle Police Department and Port of Seattle. As an advocate of a holistic approach to information security Russ' website is holisticinfosec.org. RSVP at http://www.snort.org/registrations/rsvp.html The SeaSnUG mailing list is at: https://lists.snort.org/mailman/listinfo/seattlesug Regional Map and Directions: http://southseattle.edu/ campus/map.htm Metro Transit Route 125:
http://transit.metrokc.gov/tops/bus/schedules/s125_0_.html
Metro Transit Route 128:
http://transit.metrokc.gov/tops/bus/schedules/s128_0_.html
Campus Map: http://southseattle.edu/campus /campmap.htm Contact: jamesaffeld () yahoo com __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Seattle Snort User Group TOMORROW 5/16 7:00 PM @ SSCC James Affeld (May 15)