[ISN] The May Report: 01/31/2002: Calling all hackers: Bill wants folks with SNORT and "John the Ripper"

From: InfoSec News (isnat_private)
Date: Fri Feb 01 2002 - 03:01:31 PST

  • Next message: InfoSec News: "[ISN] AFCEA Courses For 2002"

    ---------- Forwarded message ----------
    Date: Thu, 31 Jan 2002 17:12:37 -0600
    From: Claire Dolinar <claireat_private>
    Reply-To: owner-mayreportat_private
    To: mayreportat_private
    Subject: The May Report: 01/31/2002: Calling all hackers: Bill wants  folks
        with SNORT and "John the Ripper"; 
    January 31, 2002
    The May Report
    Your inside source on Chicago's high tech community
    The May Report: 01/31/2002: Calling all hackers: Bill wants folks with
    SNORT and "John the Ripper"; 
    Ron May: editor, reporter, commentator, and publisher.
    773-871-2000 x1
    For personal & confidential: 312-670-6336
    E-mails for Ron: ronat_private Unless otherwise requested by the 
    sender, all correspondence addressed to Ron May and/or The May Report is 
    subject to publication in the newsletter and on the website.
    Administrative matters should be directed to Claire Dolinar 
    * I received a call this morning from a self-described hacker who told
    me that I might be interested to learn that Microsoft is "calling all
    hackers." Bill Gates announced a few days ago that security and
    trustworthiness is the number one concern of Microsoft. In order to
    make sure that their sites are safe, Microsoft is asking hackers to
    help them with penetration issues and intrusion detection. I asked the
    guy--who did identify himself to me, but asked to remain
    anonymous--how they found him.  He explained that it's really a pretty
    small community, and once you are on the list of people who know about
    this stuff, they keep track of you.  Specifically, he mentioned a
    product called "SNORT." Microsoft wants people with SNORT experience.
    Here is a note I received after my conversation with this person. The
    buzz words are fascinating.
    Date: Thu, 31 Jan 2002 08:39:02 -0800 (PST)
    From: Name withheld upon request.
    Subject: Microsoft is looking for some hackers
    To: ronat_private
    I spoke to you this morning. My name is (name withheld). About a week ago I 
    got a call from a headhunter representing Microsoft. It seems that 
    Microsoft is trying to make good on Bill's promise to secure Microsoft 
    products. They asked if I would do some
    penetration testing and intrusion detection. Keep my name confidential 
    because I am interested in the business. I am attaching some info on me 
    just FYI
    Here is an excerpt from his resume which keeps any identity confidential, 
    of course. I am printing it so that you can see what these guys do, and 
    take a look at the names of the tools they use.
    "Provide security design and implementation for clients.
    Responsibilities include:
    - Manage eight security consultants and developers that were responsible 
    for intrusion detection, policies and procedures.
    - Provided intrusion detection for a large (type of firm removed) firm 
    operating in a heterogeneous environment running Solaris and  Windows 
    NT/Windows 2000 networked by TCP/IP that led to the cracker being 
    discovered. Tools included but were not limited to
    SNORT, Root Tool Kit and NMAP. In addition policies and procedures were 
    refined and developed.
    - Moderator for internet security seminars detailing vulnerabilities and 
    risk analysis.
    - Provided computer forensic assistance to municipal law enforcement 
    agency. Tools included but were not limited to EnCase, Crack and John the 
    - Provided risk assessment along with penetration testing of websites 
    Apache, I-Planet and ISS. Tools included traceroute, SNORT, NMAP, whois, 
    sniffer, etc.
    - Audit and implement security rules for the enterprise infrastructure that 
    included firewalls, screening routers, PKI, intrusion detection etc."
    Contributors: Jonathan Plotkin: web cartoonist and provocateur; Dan 
    Limbach: Editor of Schmoozemonger.com, and founder of In A World, Inc., 
    "The Idea Petri Dish"; Jeffrey Gilbert: contributing columnist on strategy. 
    Jeffrey is a founder of BLINK, Inc. which, among other things, provides 
    strategic consulting services to startups.
    Advertising: Paul May and Mike Rhoades
    Executive Assistant: Claire Dolinar
    Administrative Asst. Juli Scaro
    ++++++ Contact Information+++++
    Claire Dolinar (executive assistant): 773-871-2000 x 2
    773-871-4933 (Fax).
    Advertising or business issues:
    Available space to get your message across to over 14,000 subscribers.
    Call Paul May @ 312-377-4211 or e-mail paulat_private
    Include your phone number please.
    +++++++++++ website +++++++++++
    If you are a new reader or want to research Chicago High-Tech, 
    entrepreneurs, high tech firms, dot coms, VC's, angels, and the movers and 
    shakers, go now: http://www.themayreport.com. Our Archives have many of the 
    past reports and there is no charge.
    To SUBSCRIBE: Send your request to claireat_private and put 
    "subscribe" in the subject line.
    To UNSUBSCRIBE: Send your request to claireat_private and put 
    "unsubscribe" in the subject line. (Do not merely hit the "Reply" button 
    after receiving a newsletter, as your unsubscribe request may be sent to 
    bounced mail box and remain unprocessed.)
    Note that being added to or removed from the distribution list is not an 
    automated process; they are manually prepared and processed once a day. 
    Please be patient. If we have difficulties unsubscribing your address we 
    will notify you.
    Is a colleague forwarding the May Report to you? Why not receive it 
    directly from us? Subscribe now! There is no charge for our newsletter.
    ++++++++ EVENTS +++++++++
    send to claireat_private with events in the subject line.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Fri Feb 01 2002 - 06:02:38 PST