Wow. Looks like fun. ----- Forwarded message from Dan -----

From firewalls-owner@GreatCircle.COM Thu Apr 11 06:54:33 1996 Message-Id: <199604102045.NAA29570@flying.fish.com> X-Authentication-Warning: flying.fish.com: Host zen@localhost didn't use HELO protocol To: firewalls@GreatCircle.COM Subject: security auditing class reply-to: /dev/null@flying.fish.com Date: Wed, 10 Apr 96 13:45:46 -0700 From: Dan <zen@flying.fish.com> Sender: firewalls-owner@GreatCircle.COM Precedence: bulk

Announcement of Free Class on Internet Security Auditing and Risk Assessment *** Sponsored by Sun *** TIME & LOCATION Tuesday, April 30th, 1996 ***** This class will be given *one* time; it will *not* be repeated ***** The class will last all day - 8 or more hours [Exact building/location TBA, but will be in Mountain View, CA, USA INSTRUCTORS Dan Farmer Wietse Venema Sun Microsystems Eindhoven University of Technology GENERAL OVERVIEW *** WARNING *** *** This class will be aimed at experienced system administrators or *** *** security auditing professionals. 8 hours of class in one day is not *** *** for the faint of heart! However, there are no requirements or *** *** prerequisites needed to attend. *** *** *** Wietse and I are going to give a class on security auditing. In something like 8 hours, we are going to try and cover everything we know (or at least the highlights) on how to do an Internet security audit. Neither of us have any formal auditing training, but we feel that with our combined experience (we are the authors of the TCP wrappers, COPS, and SATAN, among other tools and papers) that we have a fair amount to say about the subject. If the class goes well, we plan on giving another talk in the summer, probably in europe next time, on securing your Unix system. CLASS TOPICS (selected, not exhaustive) Definition and purpose of security auditing Software and hardware tools used Our general philosophy about auditing Tiger teams Types of auditing/systems What to examine/ignore "Perfect" vs. incomplete data Micro vs. macro auditing Auditing large networks Passive vs. active data collection Interpretation of data collection Auditing the security policy *Our* auditing and security standards Scoring methods Overall data analysis System design analysis The report REGISTRATION NOTES & INFORMATION We don't know how many people will show up; we will try to accomodate everyone, but with finite space, we might have to limit the class size. It will be filled in a more-or-less first come, first serve basis. We will be placing some notes on the web; registered participants will be notified of where to find them. To register, you must send a *physical* letter with your name and e-mail address to my wonderful Sun administrator: Diana Behjou 2550 Garcia Avenue, MS PAL01-550 Mountain View, CA 94043-1100 USA And request a position in the Internet Security Auditing and Risk Assessment class. You will receive an e-mail reply to confirm your registration. Again, there is no charge, but *please* don't register unless you are certain that you'll be there, because others will suffer if the class fills up. E-mail will probably be ignored, unless I know you, and then I'll be pissed off that you asked me to add you to the list instead of sending a stupid letter, and you'll owe me a bottle of fine port or something. There is no ulterior motive to this, other than the fact that wietse and I are trying to write a book, and we're using this as a motivational tool. Enjoy. ----- End of forwarded message from Dan ----- -- "It is seldom that liberty of any kind is lost all at once." -Hume