Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FWD: Merit Security Workshop and MJTS Announcement
- From: Paul Howell
- Date: Wed Mar 24 10:59:12 1999
Here's the announcement for the upcoming security workshop.
< paul
------- Forwarded Message
Date: Wed, 24 Mar 1999 10:57:08 -0500 (EST)
From: Mike Mosher <mmosher@merit.edu>
To: Merit Joint Technical Staff Email List <mjts@merit.edu>
Subject: Merit Security Workshop and MJTS Announcement
Message-ID: <Pine.SUN.3.95.990324104637.21672G-100000@home.merit.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-mjts@merit.edu
Precedence: bulk
Merit Network, Inc. is pleased to announce the next in our series of
MichNet Seminars, a whole-day Security Workshop, to be held on
Monday, April 19th
at
Michigan State University
in East Lansing,
9 a.m. to 5 p.m.
in the Parlor Room, at the MSU Union.
Followed by
The Merit Joint Technical Staff Meeting
the next day,
Tuesday, April 20th
9:30 a.m. to 3:30 p.m.
also at the MSU Union.
http://www.merit.edu/michnet/mjts/next.meeting.html
Computer Security is becoming an increasingly important component of an
information technology department's responsibilities. This workshop will
include presentations by Federal officials on cyber-crime, and Merit staff
sessions on security incident response policies, firewall pros and cons,
and network exploits, detections, and countermeasures. A complete agenda
with abstracts is included at the bottom of this announcement.
There will a cost to attend the Security Workshop on April 19th. The fee
will be $125.00 per person for individuals from a MichNet member or
affiliate organization, and $175.00 per person for individuals from
organizations not connected to MichNet. (As always, the MJTS meeting is
a free event.)
Merit encourages participants to stay in East Lansing for two days,
attending both the Security Workshop and the MJTS meeting. Merit will
host an informal meet-n-greet gathering, with a wet bar, Monday evening
after the Security Workshop. This social event will be at the Marriott
Hotel.
Merit has reserved a block of hotel rooms for you (until March 29th) at
the Marriott Hotel, 300 MAC Ave., E. Lansing, MI 48823, 517-337-4440
(phone), 517-337-5001 (fax). The room rate is $99.00, and you should
mention "Merit" when you make your reservation. The Marriott is just
across the street from the MSU Union.
You can register for the Security Workshop online at Merit's web page at:
http://www.merit.edu/michnet/training/next.seminar.html
Or, print out the registration form at the same address and fax it to
Gayle Terkeurst of Merit, 734-764-8450 (v), gturkey@merit.edu. Gayle's
fax number is 734-647-3185.
A confirming agenda, directions, and parking information will be emailed
to you when we receive your registration.
- --Mike Mosher
Manager for MichNet User Services
<><><><><><><><><><><><><><><><><><><><>
Security Workshop Agenda
w/ detailed abstracts
Computer Security is becoming an increasingly important component of an
information technology department's responsibilities. An indication of
the increase in computer crime is found in the most recent "Computer Crime
and Security Survey" conducted by the Computer Security Institute with
participation of the San Francisco Federal Bureau of Investigation (FBI)
Computer Intrusion Squad. Highlights of the "1999 Computer Crime and
Security Survey" include the following:
System penetration by outsiders increased for the third year in a row; 30%
of respondents report intrusions.
Those reporting their Internet connection as a frequent point of attack rose
for the third straight year; from 37% of respondents in 1996 to 57% in 1999.
Meanwhile, unauthorized access by insiders also rose for the third straight
year; 55% of respondents reported incidents.
Other types of cyber attack also rose. For example, 26% of respondents
reported theft of proprietary information (an increase of 8% over 1998).
<><><><><><><><><><><><><><><><><><><>
Merit Network, Inc., is hosting this one-day security workshop to address
the many issues faced by information technology organizations. The
workshop will consist of three major sections. An abstract for each
section appears below. Sections 1 and 2 are in the morning. Section 3
will be in the afternoon.
Section 1 - Law Enforcement
There will be two parts to this section with part one presented by Special
FBI Agents Erkan Chase and Charles Whistler, and part two presented by
Assistant United States Attorney Richard Murray of the Department of
Justice.
Part 1 - Computer Crime Investigation by the FBI
The FBI, in response to increasing instances in which criminals target
major components of information and economic infrastructure systems, has
established National Infrastructure Protection and Computer Intrusion
Squads in selected offices throughout the United States. Special Agent
Erkan Chase heads up the Michigan section of the National Infrastructure
Protection and Computer Intrusion Squad. The mission of these squads is
to investigate violations of the Computer Fraud and Abuse Act of 1986,
including intrusions to public switched networks, major computer network
intrusions, privacy violations, industrial espionage, pirated computer
software and other crimes where the computer is a major factor in
committing the criminal offense. Special Agent Chase will discuss what
systems and network administrators can do to assist an investigation.. He
will focus on how UNIX and WindowsNT operating systems and router logging
capabilities can be used to gather evidence for criminal prosecution. He
will also discuss how to contact the FBI when a computer hacker is
on-line.
Special Agent Charles Whistler will discuss his work as a computer forensic
expert. Also, as the Michigan coordinator for the Awareness of National
Security Issues and Response (ANSIR) Program, he will describe the program and
how interested people can participate. ANSIR is the "public voice" of the FBI
for espionage, counterintelligence, counterterrorism, economic espionage,
cyber and physical infrastructure protection and all national security issues.
The program is designed to provide unclassified national security threat and
warning information to U.S. corporate security directors and executives, law
enforcement, and other government agencies. It also focuses on the "response"
capability unique to the FBI's jurisdiction in both law enforcement and
counterintelligence investigations.
Part 2 - Computer Crime Laws by the Department of Justice
Assistant United States Attorney Richard Murray is an expert in computer crime
law. He is one of Michigan's Computer-Telecommunications Coordinators (CTC).
As a CTC, Mr. Murray has the following general responsibilities:
1. Resident consultant to the U.S. Attorney's office. Each CTC
receives special training and periodic updates in relevant legal and
technological topics. Each CTC, by staying current in the field, is
able to assist his or her own office on high-tech issues--both in cases of
crimes against information technology and in any case which involves
electronic search and seizure or some other technical aspect.
2. Liaison on technical cases/issues. The CTCs will also serve as the
principal point of contact on technical cases and issues with the Computer
Crime and Intellectual Property Section of the Criminal Division.
Additionally, they will work on technical/legal issues with other United
States Attorneys' Offices, investigative agents, technical experts,
communications carriers, and electronic service providers. CTCs across the
country will form a network of specialists who can expedite technical
assistance in computer crime investigations, which are often multi-agency,
multi-district, or international.
3. Leader and legal consultant to their local technical support network.
CTCs will establish a local network of federal agents and technical experts to
share information about developing technologies and the government's
constantly-changing capabilities to search, seize, and analyze electronic
evidence and investigate network crimes. They should also include regional
experts from state and local law enforcement, educational institutions, and
the technical and telecommunications industries to strengthen and augment
federal technical expertise in their districts, both for operations and for
training.
Mr. Murray will respond to several cases put to him by MichNet members by
describing applicable computer crime laws, both federal and state. He
will also discuss the issues he faces as a prosecutor in the court system
and share what systems and network administrators can do to aide in an
investigation.
We hope that this will be a very interactive session as Mr. Murray's
explanations generate questions. Attendees will be encouraged to ask
questions and to get clarifications on computer crime laws.
Section 2 - Incident Response Procedures for MichNet Members and Affiliates
The Internet's growth includes an increase in the number of abusive
incidents and the visibility of security threats to your organization.
What are your organization's Incident Response Procedures?
Mike Mosher, Manager for MichNet User Services, as well as the Merit Abuse
Response Team, will discuss Merit Network's role in handling incident
reports, including the role of the Merit Network Operations Center (NOC),
and the Merit Abuse Response Team.
Mosher will also discuss decision options during abusive attacks...Do you
fix the security hole and move on? Or do you sit and watch the activity
(being careful not to tip off the intruder), collect evidence, and notify
law enforcement authorities?
With regard to Internet cracking activity, when should you call the
police? Are you prepared to react accordingly if/when a law enforcement
agency calls you?
Section 3 - Computer and Network Security
Paul Howell of Merit Network will present several tutorials in computer and
network security. The topics will include:
1. Security policy development and general security paradigms
including: developing a security posture, performing a risk assessment,
policy development, and auditing your site.
2. A variety of technical solutions, including:
a comparison of proxy based vs. packet filter firewalls; firewall pros
and cons; establishment of a DMZ; network intrusion detection methods;
integrity management of filesystems; network time protocol; syslog
configuration and operation; secure shell installation and operation;
secure remote access options; determination of a network profile for your
site; cryptography primer; important log files and good logging practices;
and security within the X Window System.
3. Howell will present exploits du jour in some detail, examining
several exploits found on the Internet. Included will be where exploits
can be found, how they operate, detection, and countermeasures.
------- End of Forwarded Message
|
