[Snort-users] Re: Seattle Snort User Group TOMORROW 5/16 7:00 PM @ SSCC

James Affeld jamesaffeld at ...131...
Mon May 15 15:49:57 EDT 2006


--- James Affeld <jamesaffeld at ...131...> wrote:

> On Tuesday, 5/16 Anthony Williams will be
> demonstrating the Nessus vulnerability scanner,
> showing what it can tell the attacker and defender. 
> We'll also see what a Nessus scan looks like to 
> Snort.  
> 
> Nessus is perhaps '_the_ network vulnerability
> scanner'.  It offers breadth of coverage through a
> modular architecture.  Each vulnerability gets a
> plug-in which the system uses to test hosts on your
> network.  According to the Nessus website, there are
> '10710 plugins in the direct feed (1077 in the
> non-registered GPL feed and 10704 in the registered
> feed), covering 4878 unique CVE ids and 4585 unique
> Bugtraq IDs.'
> 
> http://www.nessus.org/
> -------------------------------
> 
> On Tuesday, 6/6 Russ McRee will present a talk on
> Aanval, a console for Snort.  http://aanval.com
> 
> Aanval (www.aanval.com) is a console built to run as
> Snort console via a web browser. What Aanval offers
> that places it above and beyond ACID/BASE, is a
> plethora of functionality, including extensive query
> capacity, searching, and attractive reporting.
> 
> In an age of compliance, it is hugely beneficial to
> have the capacity to draw the majority of network
> security information from one platform. In our use
> of
> Aanval we gain much information about outbound
> traffic
> via the use of Bleeding Edge Snort signatures to
> capture both IM and spyware traffic, as well as
> policy
> violations.
> 
> My presentation will certainly evangelize Aanval,
> largely from a technical enduser perspective, most
> importantly as an information security professional.
> Included would be whitepaper content specifically
> geared to using Aanval for compliance measurement
> and
> policy enforcement.
> 
> Background
> Russ McRee is the Information Security Architect for
> Municipal Court of Seattle.   He most recently
> participated as a poster session presenter at the
> 8th
> International Symposium on Recent Advances in
> Intrusion Detection (RAID 2005) and participated as
> a
> panelist at the Seattle SecureWorld Expo. His
> article
> on implementing secure web application servers was
> published in the January 2006 issue of Sys Admin and
> is now an OWASP whitepaper.
> 
> Russ' prior infosec engagements include Seattle
> Police
> Department and Port of Seattle. As an advocate of a
> holistic approach to information security Russ'
> website is holisticinfosec.org.
> 
> RSVP at http://www.snort.org/registrations/rsvp.html
> 
> The SeaSnUG mailing list is at:
> https://lists.snort.org/mailman/listinfo/seattlesug
> 
> Regional Map and Directions:
> http://southseattle.edu/
> campus/map.htm
> 
> Metro Transit Route 125:
>
http://transit.metrokc.gov/tops/bus/schedules/s125_0_.html
> 
> Metro Transit Route 128:
>
http://transit.metrokc.gov/tops/bus/schedules/s128_0_.html
> 
> Campus Map: http://southseattle.edu/campus
> /campmap.htm
> 
> Contact: jamesaffeld at ...131...
> 
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam
> protection around 
> http://mail.yahoo.com 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 




More information about the Snort-users mailing list