[Snort-users] Seattle Snort User Group Upcoming Meetings 5/16 and 6/6 7:00 PM @ SSCC
jamesaffeld at ...131...
Tue May 9 13:19:05 EDT 2006
On Tuesday, 5/16 Anthony Williams will be
demonstrating the Nessus vulnerability scanner,
showing what it can tell the attacker and defender.
We'll also see what a Nessus scan looks like to
Nessus is perhaps '_the_ network vulnerability
scanner'. It offers breadth of coverage through a
modular architecture. Each vulnerability gets a
plug-in which the system uses to test hosts on your
network. According to the Nessus website, there are
'10710 plugins in the direct feed (1077 in the
non-registered GPL feed and 10704 in the registered
feed), covering 4878 unique CVE ids and 4585 unique
On Tuesday, 6/6 Russ McRee will present a talk on
Aanval, a console for Snort. http://aanval.com
Aanval (www.aanval.com) is a console built to run as
Snort console via a web browser. What Aanval offers
that places it above and beyond ACID/BASE, is a
plethora of functionality, including extensive query
capacity, searching, and attractive reporting.
In an age of compliance, it is hugely beneficial to
have the capacity to draw the majority of network
security information from one platform. In our use of
Aanval we gain much information about outbound traffic
via the use of Bleeding Edge Snort signatures to
capture both IM and spyware traffic, as well as policy
My presentation will certainly evangelize Aanval,
largely from a technical enduser perspective, most
importantly as an information security professional.
Included would be whitepaper content specifically
geared to using Aanval for compliance measurement and
Russ McRee is the Information Security Architect for
Municipal Court of Seattle. He most recently
participated as a poster session presenter at the 8th
International Symposium on Recent Advances in
Intrusion Detection (RAID 2005) and participated as a
panelist at the Seattle SecureWorld Expo. His article
on implementing secure web application servers was
published in the January 2006 issue of Sys Admin and
is now an OWASP whitepaper.
Russ' prior infosec engagements include Seattle Police
Department and Port of Seattle. As an advocate of a
holistic approach to information security Russ'
website is holisticinfosec.org.
RSVP at http://www.snort.org/registrations/rsvp.html
The SeaSnUG mailing list is at:
Regional Map and Directions: http://southseattle.edu/
Metro Transit Route 125:
Metro Transit Route 128:
Campus Map: http://southseattle.edu/campus
Contact: jamesaffeld at ...131...
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
More information about the Snort-users