[ISN] Free SANS Web Briefing: IDNET

From: mea culpa (jerichoat_private)
Date: Thu Apr 01 1999 - 23:04:19 PST

Next message: mea culpa: "[ISN] Want IBM Advertising? Better have a privacy Policy!"

Previous message: mea culpa: "[ISN] DOD needs cyberattack authority"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded From: The SANS Institute <sansat_private>

Re:    Free SANS Web Briefing #4: Tuesday, April 6, 1999
Topic: Comparing Intrusion Detection Systems, ID'Net 99
Time:  Tuesday, April 6, 1999, 1 pm EST
Hosts: Stephen Northcutt and Rob Kolstad
Cost:  Free (with high value)

One of the questions we received from the March 2 web broadcast (on the
advanced network scanning tool called nmap) was: "what is the best
intrusion detection software?" 

Three weeks ago Stephen was part of a working group to help frame the
research agenda for the President's Decision Directive 63, which deals
with intrusion detection.  On the last day there was a discussion period
with a single hot topic: how to compare intrusion detection systems. 

This webcast will focus on one approach to this problem, SANS's Intrusion
Detection Network ID'Net which was operational at the ID'99 conference in
San Diego and will run again at the SANS Conference (May 7-14 in
Baltimore, MD).  We will discuss the history and challenges of comparing
intrusion detection systems and some of the results of this first effort. 

Guests on the broadcast will be:
  * Simson Garfinkle, co-author of Practical Unix Security who
    demonstrated Sandstorm's TCP Demux network forensic tool and was
    able to capture and analyze the attacks
  * Steve Schall, senior network engineer from ODS, who demonstrated
    his company's network switch which has an integrated intrusion
    detection capability.
  * Paul Proctor, Chief Technology Officer
    at Centrax who showed their new network intrusion detection
    capability on ID'Net and he will discuss his experiences
  * Chris Pettit, a senior network engineer for NCI, who is the chair
    of the next ID'Net in May.

Should be a great show; hope to see you there!

When:     Tuesday, April 6, 1999  (and later for `reruns')
          10 am Pacific Time, 11 am Mountain, noon Central,
          1 pm Eastern, 1800 GMT
Duration: 60 minutes
Cost:     Free
How:      Register at http://www.sans.org/apr6.htm

The website should reply within a minute or two with the URL and password
for the free broadcast.  If you don't get a reply within a few minutes,
please let Rob know at <sansat_private>. 

Feel free to share this announcement with any potentially interested
parties. 

                                                Rob

ps: This message is coming to you from our shiny new mail server.
    Please direct comments, complaints, duplicates, corrections,
    and unsubscribes to <sansat_private> -- please include your SD
    number from the header.


-o-
Subscribe: mail majordomoat_private with "subscribe isn".
Today's ISN Sponsor: Hacker News Network [www.hackernews.com]

Next message: mea culpa: "[ISN] Want IBM Advertising? Better have a privacy Policy!"
Previous message: mea culpa: "[ISN] DOD needs cyberattack authority"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:21:39 PDT