380LULA Meeting Aug 21: Snort - Lightweight Network Intrusion Detection System
- Aug 9, 2001LULA 2001 August Meeting Announcement - Repost freely.
Linux Users Of Los Angeles - http://www.lula.org
Topic: Snort - A Lightweight Network Intrusion Detection System
Speaker: Drew Beach
Date and Time: Tuesday, August 21, 2001, 7-9 pm
Location: Digital Domain, 300 Rose Avenue, Venice, CA
Entrance for walk or drive in is on 3rd Street.
Cost: Free to members and general public
Today's Internet security concerns demands keeping abreast
of the latest methods to protect your computers and data.
The average computer on the Internet is attacked many
times daily. To protect your computers and data from this
onslaught, it helps to keep up with advances in Internet
security methods. Traffic sniffing is the primary method
of detecting cracking attempts before the damage is done
and alerting staff of attacks as they are initiated, not
after the fact. Snort is a popular software package for
all types of computers from gateway firewalls to home
Overview of Intrusion Detections Systems
Limitations of Snort and Other Intrusion Detection Systems
How does Snort Work
- Rule Matching, Writing Custom Rules
- Logging options, including Database Systems
Tuning to Reduce Noise and Increase Performance
Where to Place Snort Boxes on a Network
Real-time and Offline Analysis Tools
Configuring Snort for Active Response
Come hear long time Linux guru Drew Beach talk about
using Snort to protect office and home networks.
Drew Beach's Autobiography:
As a consultant, my work involves developing large
scale Internet based applications and systems,
always with security as a design consideration
instead of an afterthought. The companies I have
designed applications and systems for include 3Com
Corporation, Secure Computing Corporation, and NEC
Systems, Inc, as well as many others.
My major areas of security focus include building secure
applications, securing servers, firewall configuration,
network design and intrusion detection. I am a SANS GIAC
Certified Incident Handler and Advisory Board member.
<http://www.sans.org/giactc/GCIH_board.htm> I am active
in the Linux community, promoting security awareness and
understanding. Aside from that, I spend most of my free
time keeping up to date with the rapid changes in security
AFTER MEETING FOOD AND DRINKS
Please come and join many of us for informal chatting,
a buffalo burger and beer at the Firehouse Restaraunt,
a very short walk from Digital Domain.
_Special_ Map, Driving Directions, Aerial Photo URL:
Viewing is highly recommended for ease of parking
and entry and finding the theatre at the facility.
Digital Domain is a SECURE FACILITY
PARKING AND ENTRY METHOD:
Parking either on 3rd Street or in the DD parking lot,
which is on 3rd Street, to the east of Digital Domain.
Rose and Hampton Drive are good parking areas, too.
To walk or drive in push the 'button' on speaker box
to left of the driveway to have the guard open the
gate. Go talk to the guard and say "LULA" and
he will direct you to the meeting theatre.