[Snort-users] Seattle Snort User Group Upcoming Meetings 5/16 and 6/6 7:00 PM @ SSCC

James Affeld jamesaffeld at ...131...
Tue May 9 13:19:05 EDT 2006


On Tuesday, 5/16 Anthony Williams will be
demonstrating the Nessus vulnerability scanner,
showing what it can tell the attacker and defender. 
We'll also see what a Nessus scan looks like to 
Snort.  

Nessus is perhaps '_the_ network vulnerability
scanner'.  It offers breadth of coverage through a
modular architecture.  Each vulnerability gets a
plug-in which the system uses to test hosts on your
network.  According to the Nessus website, there are
'10710 plugins in the direct feed (1077 in the
non-registered GPL feed and 10704 in the registered
feed), covering 4878 unique CVE ids and 4585 unique
Bugtraq IDs.'

http://www.nessus.org/
-------------------------------

On Tuesday, 6/6 Russ McRee will present a talk on
Aanval, a console for Snort.  http://aanval.com

Aanval (www.aanval.com) is a console built to run as
Snort console via a web browser. What Aanval offers
that places it above and beyond ACID/BASE, is a
plethora of functionality, including extensive query
capacity, searching, and attractive reporting.

In an age of compliance, it is hugely beneficial to
have the capacity to draw the majority of network
security information from one platform. In our use of
Aanval we gain much information about outbound traffic
via the use of Bleeding Edge Snort signatures to
capture both IM and spyware traffic, as well as policy
violations.

My presentation will certainly evangelize Aanval,
largely from a technical enduser perspective, most
importantly as an information security professional.
Included would be whitepaper content specifically
geared to using Aanval for compliance measurement and
policy enforcement.

Background
Russ McRee is the Information Security Architect for
Municipal Court of Seattle.   He most recently
participated as a poster session presenter at the 8th
International Symposium on Recent Advances in
Intrusion Detection (RAID 2005) and participated as a
panelist at the Seattle SecureWorld Expo. His article
on implementing secure web application servers was
published in the January 2006 issue of Sys Admin and
is now an OWASP whitepaper.

Russ' prior infosec engagements include Seattle Police
Department and Port of Seattle. As an advocate of a
holistic approach to information security Russ'
website is holisticinfosec.org.

RSVP at http://www.snort.org/registrations/rsvp.html

The SeaSnUG mailing list is at:
https://lists.snort.org/mailman/listinfo/seattlesug

Regional Map and Directions: http://southseattle.edu/
campus/map.htm

Metro Transit Route 125:
http://transit.metrokc.gov/tops/bus/schedules/s125_0_.html

Metro Transit Route 128:
http://transit.metrokc.gov/tops/bus/schedules/s128_0_.html

Campus Map: http://southseattle.edu/campus
/campmap.htm

Contact: jamesaffeld at ...131...



__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 




More information about the Snort-users mailing list