Have you ever written a new Snort rule but had no test traffic to see if it alerts? Or tried to craft traffic to perform some pen testing using a restrictive command line packet crafting tool, but gave up because it couldn't do what you wanted it to do? A new one-day, hands-on course by network security guru Judy Novak, called SEC567 Power Packet Crafting with Scapy will be offered in Sacramento (https://www.sans.org/packet-crafting-scapy-2009/description.php?tid=3712).
And for the CISOs and security tools vendors:
On November 12-13 at the 1105 Summit on the Critical Security Controls (https://1105govinfoevents.com/EventOverview.aspx?Event=csc09), we'll announce the 2009 selection of products that have been user-verified to automate one or more of the continuous security controls now being prioritized by federal and DIB and critical infrastructure employers. There are about 48 hours left to get any other tools that work into the list. If you market a product that automates one of them, make sure George King (firstname.lastname@example.org) has had the chance to vet it with a major federal user.
************************************************************************* SANS NewsBites November 03, 2009 Volume: XI, Issue: 87 *************************************************************************
European Commission Wants UK to Beef Up Privacy (November 2, 2009)
The European Commission says that the UK government has not adequately protected citizens' privacy. The concerns centers on 2006 and 2007 trials of the Phorm targeted behavioral advertising technology in which people were not informed that their surfing habits were being tracked. European Union telecommunications commissioner Viviane Reding wants "the UK authorities to change their national laws to ensure that British citizens fully benefit from the safeguards set out in EU law concerning confidentiality of electronic communications." The UK has two months to respond to the Commission's letter. -http://news.bbc.co.uk/2/hi/technology/8337685.stm [Editor's Note (Schultz): With all the emphasis on privacy in the UK, it seems odd that the UK government has not pushed protecting privacy in computing more than it has so far. ]
House Ethics Committee Report Accidentally Leaked Through P2P Network (October 30, 31 & November 2, 2009)
Global Information Security Report Sees Security Spending Stabilizing (November 2 & October 30 & 14, 2009)
According to PricewaterhouseCoopers's 7th Annual Global State of Information Security Survey 2010, 63 percent of CIOs around the world say that they intend to maintain or increase information security spending, despite economic conditions. The study surveyed more than 7,200 executives at companies in 130 countries. The report also indicates that while social networking and cloud computing are increasing in popularity and hold promise for increased productivity, they are also the source of increased security threats. -http://www.siliconrepublic.com/news/article/14288/cio/cios-unwilling-to-scrimp-o n-security-in-tough-times
Facebook Awarded US $711 Million in Damages in Spam Case (October 30 & November 2, 2009)
Automated Tools Will Help Reduce Costs of FISMA Compliance (October 30, 2009)
The Office of Management and Budget (OMB) has introduced a Federal Information Security Management Act (FISMA) reporting tool that automates the process and significantly reduces the amount of paper used in compliance reporting; the system is expected to cut associated costs as well. Federal CIO Vivek Kundra says that the White House also plans to release a security dashboard in spring 2010, possibly modeled on one already in use at the US Department of State, to help agencies address cyber security issues effectively. -http://www.techweb.com/article/showArticle?articleID=221400138§ion=secur ity -http://voices.washingtonpost.com/securityfix/2009/10/a_makeover_for_federal_cybe rse.html?wprss=securityfix -http://www.govinfosecurity.com/articles.php?art_id=1894 [Editor's Note (Pescatore): The updates in 800-53 rev3 and the proposed FISMA enhancements are much more important to the security of federal systems than is making it easier to produce reams of reports, or have a dashboard that is not connected to the engine. Like many compliance regimes (see Sarbanes Oxley), FISMA has stayed static and the goal becomes compliance vs. security - the money spent has brought way less increase in security than it should have. ]
Eugene Schultz, Ph.D., CISM, CISSP is CTO of Emagined Security and the author/co-author of books on Unix security, Internet security, Windows NT/2000 security, incident response, and intrusion detection and prevention. He was also the co-founder and original project manager of the Department of Energy's Computer Incident Advisory Capability (CIAC).
John Pescatore is Vice President at Gartner Inc.; he has worked in computer and network security since 1978.
Stephen Northcutt founded the GIAC certification and currently serves as President of the SANS Technology Institute, a post graduate level IT Security College, www.sans.edu.
Dr. Johannes Ullrich is Chief Technology Officer of the Internet Storm Center and Dean of the Faculty of the graduate school at the SANS Technology Institute.
Ed Skoudis is co-founder of Inguardians, a security research and consulting firm, and author and lead instructor of the SANS Hacker Exploits and Incident Handling course.
Rohit Dhamankar is the Director of Security Research at TippingPoint, where he leads the Digital Vaccine and ThreatLinQ groups. His group develops protection filters to address vulnerabilities, viruses, worms, Trojans, P2P, spyware, and other applications for use in TippingPoint's Intrusion Prevention Systems.
Prof. Howard A. Schmidt is the President of the Information Security Forum (ISF) and author who has served as CSO for Microsoft and eBay and as Vice-Chair of the President's Critical Infrastructure Protection Board.
Tom Liston is a Senior Security Consultant and Malware Analyst for Inguardians, a handler for the SANS Institute's Internet Storm Center, and co-author of the book Counter Hack Reloaded.
Dr. Eric Cole is an instructor, author and fellow with The SANS Institute. He has written five books, including Insider Threat and he is a senior Lockheed Martin Fellow.
Ron Dick directed the National Infrastructure Protection Center (NIPC) at the FBI and is the incoming President of the InfraGard National Members Alliance - with 22,000 members.
Mason Brown is one of a very small number of people in the information security field who have held a top management position in a Fortune 50 company (Alcoa). He is leading SANS' global initiative to improve application security.
David Hoelzer is the director of research & principal examiner for Enclave Forensics and a senior fellow with the SANS Technology Institute.
Mark Weatherford, CISSP, CISM, is Chief Information Security Officer of the State of California.
Alan Paller is director of research at the SANS Institute.
Marcus J. Ranum built the first firewall for the White House and is widely recognized as a security products designer and industry innovator.
Clint Kreitner is the founding President and CEO of The Center for Internet Security.
Brian Honan is an independent security consultant based in Dublin, Ireland.
David Turley is SANS infrastructure manager and serves as production manager and final editor on SANS NewsBites.
Please feel free to share this with interested parties via email, but no posting is allowed on web sites. For a free subscription, (and for free posters) or to update a current subscription, visit: