--- James Affeld <jamesaffeld@yahoo.com> wrote:
On Tuesday, 5/16 Anthony Williams will be
demonstrating the Nessus vulnerability scanner,
showing what it can tell the attacker and defender.
We'll also see what a Nessus scan looks like to
Snort.
Nessus is perhaps '_the_ network vulnerability
scanner'. It offers breadth of coverage through a
modular architecture. Each vulnerability gets a
plug-in which the system uses to test hosts on your
network. According to the Nessus website, there are
'10710 plugins in the direct feed (1077 in the
non-registered GPL feed and 10704 in the registered
feed), covering 4878 unique CVE ids and 4585 unique
Bugtraq IDs.'
http://www.nessus.org/
-------------------------------
On Tuesday, 6/6 Russ McRee will present a talk on
Aanval, a console for Snort. http://aanval.com
Aanval (www.aanval.com) is a console built to run as
Snort console via a web browser. What Aanval offers
that places it above and beyond ACID/BASE, is a
plethora of functionality, including extensive query
capacity, searching, and attractive reporting.
In an age of compliance, it is hugely beneficial to
have the capacity to draw the majority of network
security information from one platform. In our use
of
Aanval we gain much information about outbound
traffic
via the use of Bleeding Edge Snort signatures to
capture both IM and spyware traffic, as well as
policy
violations.
My presentation will certainly evangelize Aanval,
largely from a technical enduser perspective, most
importantly as an information security professional.
Included would be whitepaper content specifically
geared to using Aanval for compliance measurement
and
policy enforcement.
Background
Russ McRee is the Information Security Architect for
Municipal Court of Seattle. He most recently
participated as a poster session presenter at the
8th
International Symposium on Recent Advances in
Intrusion Detection (RAID 2005) and participated as
a
panelist at the Seattle SecureWorld Expo. His
article
on implementing secure web application servers was
published in the January 2006 issue of Sys Admin and
is now an OWASP whitepaper.
Russ' prior infosec engagements include Seattle
Police
Department and Port of Seattle. As an advocate of a
holistic approach to information security Russ'
website is holisticinfosec.org.
RSVP at http://www.snort.org/registrations/rsvp.html
The SeaSnUG mailing list is at:
https://lists.snort.org/mailman/listinfo/seattlesug
Regional Map and Directions:
http://southseattle.edu/
campus/map.htm
Metro Transit Route 125:
http://transit.metrokc.gov/tops/bus/schedules/s125_0_.html
Metro Transit Route 128:
http://transit.metrokc.gov/tops/bus/schedules/s128_0_.html
Campus Map: http://southseattle.edu/campus
/campmap.htm
Contact: jamesaffeld@yahoo.com
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam
protection around
http://mail.yahoo.com
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
