On Tuesday, 6/6 Russ McRee will present a talk on
Aanval, a console for Snort. http://aanval.com
Aanval (www.aanval.com) is a console built to run as
Snort console via a web browser. What Aanval offers
that places it above and beyond ACID/BASE, is a
plethora of functionality, including extensive query
capacity, searching, and attractive reporting.
In an age of compliance, it is hugely beneficial to
have the capacity to draw the majority of network
security information from one platform. In our use of
Aanval we gain much information about outbound traffic
via the use of Bleeding Edge Snort signatures to
capture both IM and spyware traffic, as well as policy
violations.
My presentation will certainly evangelize Aanval,
largely from a technical enduser perspective, most
importantly as an information security professional.
Included would be whitepaper content specifically
geared to using Aanval for compliance measurement and
policy enforcement.
Background
Russ McRee is the Information Security Architect for
Municipal Court of Seattle. He most recently
participated as a poster session presenter at the 8th
International Symposium on Recent Advances in
Intrusion Detection (RAID 2005) and participated as a
panelist at the Seattle SecureWorld Expo. His article
on implementing secure web application servers was
published in the January 2006 issue of Sys Admin and
is now an OWASP whitepaper.
Russ' prior infosec engagements include Seattle Police
Department and Port of Seattle. As an advocate of a
holistic approach to information security Russ'
website is holisticinfosec.org.
RSVP at http://www.snort.org/registrations/rsvp.html
The SeaSnUG mailing list is at:
https://lists.snort.org/mailman/listinfo/seattlesug
Regional Map and Directions: http://southseattle.edu/
campus/map.htm
Metro Transit Route 125:
http://transit.metrokc.gov/tops/bus/schedules/s125_0_.html
Metro Transit Route 128:
http://transit.metrokc.gov/tops/bus/schedules/s128_0_.html
Campus Map:
http://southseattle.edu/campus/campmap.htm
Contact: jamesaffeld@yahoo.com
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-------------------------------------------------------
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
