Dear Colleague,

It is with great pleasure that I invite you to SANS Audit Immersion
Symposium for 2002. The groundbreaking work by the Center for
Internet Security in partnership with the U.S. government to create
the Gold Standards for system security creates a special opportunity
for the defensive information community in general and especially
for information system auditors. For the first time we have a widely
accepted standard and automated audit tools to ensure security controls
are implemented properly. This Symposium will provide a learning and
networking opportunity not to be missed.

- SANS Audit Immersion Symposium
- Tuesday, December 3 – Sunday, December 8, 2002
- Walt Disney World Swan Hotel, Orlando, Florida

At SANS Audit Immersion Symposium, we are offering two tracks. The
first, IT Security and Audit Kickstart, is appropriate if you are new
to information security or information systems audit. It is classroom
lecture-based and will prepare you for more advanced training in
the future. In the evening, we invite you to work hands-on with
the free Gold Standard training. We are also offering our hands-on
Auditing Networks, Perimeters and Systems track, the most advanced
technical information system audit course in the world. You will use
tools like Net Stumbler, Nessus, NMAP, Nlog, learn to assess web apps,
and router/firewall ACLs. Four days out of the six days in the track
will include hands-on exercises with the demonstrated tools on a live
in-class network. You'll be able to use what you learn the day you
get home to implement controls that work in the real world.

Students in either track are welcome to participate in free hands-on
and lecture evening activities, including two special sessions of
Securing Windows 2000 -- Gold Standard Training, the course that is
selling out all over the country. Sign up for the free session of Gold
Standard training when you register for the Audit Symposium. These
sessions are limited to Audit Symposium participants only.

If you are ready for training from the best security professionals
in the field and dedicated enough to take advantage of free hands-on
training in the evening, you will learn more in a single week at
SANS than you could possibly learn in a year in the workplace. The
Immersion Audit Symposium is a special opportunity and we encourage
each of you to take advantage of this chance to learn the tools and
techniques at the leading edge of information systems auditing. For
more details and to register go to http://www.sans.org/auditsymposium/

Free -- Securing Windows 2000 -- Gold Standard Training

Audit Symposium attendees can attend night sessions of this course
in Orlando for no additional fee, but this Benchmark training course
is also available at many other locations. In order to help train
the 150,000 professionals needed to apply the Gold Standard, SANS is
teaching the special Hands-On Windows 2000 course at locations across
the world. We are pleased to offer a course that combines labs and
lecture to teach the Gold Standard and the tools, SECEDIT.EXE, SECURITY
CONFIGURATION & ANALYSIS, SECURITY TEMPLATES, HFNETCHECK.EXE and the
CIS SCORING TOOL, that can be used to establish, maintain and audit the
Gold Standard in one, tightly packed day. Full details on the tools
needed, the course description, and other locations for taking the
course can be found at http://www.sans.org/Win2KWorldTour/Win2K.php/

Featured Paper

The following paper is part of a series of special selected papers, it
has been hand picked to provide you with free quality information. Only
the highest quality papers are considered for this series, I hope
you enjoy it!

Title: Auditing the Netscreen-5 Firewall Used as a VPN Gateway
By: Dan Strom

Virtual Private Networks (VPNs) are used as a means of
securely transporting confidential information across the public
Internet. Verifying that the VPN is configured correctly is critical
to the confidentiality of the data. This paper focuses on the audit
of the Netscreen-5XP firewall appliance used as an IPSec VPN gateway.

Presented in this paper is a brief description of the system, including
assumptions made that will impact the audit. The results of research on
procedures for auditing firewalls and VPNs are presented. A suggested
audit checklist for the Netscreen-5XP is followed by an actual audit
and evaluation of the audit. Finally, suggestions for future work
are discussed.

Full paper at: http://rr.sans.org/featured/Dan_Strom_GSNA.pdf
Additional Papers are available in the SANS Reading Room at
http://rr.sans.org

More World-Class SANS Training

Opportunities to take SANS training have never been more convenient or
more necessary in the ever-changing world of information security. We
are constantly adding more venues, check http://www.sans.org/new.php
for newly added training that meets your needs as a security
professional. Upcoming events include:

- SANS Houston, October 21-26, 2002: http://www.sans.org/Houston
- SANS Montreal, November 4-9, 2002: http://www.sans.org/Montreal
At these two conferences we will present the same two highly
informative tracks: SANS Security Essentials and Intrusion Detection
In-Depth. These tracks cover everything you need to know from the
foundations of security to detecting the latest attack patterns of
intruders. The Security Essentials track is fast-paced, intensive
coverage of the essentials that security professionals and system
administrators need to know. Our Intrusion Detection In-Depth track
is taught by the top practitioner/authors in the field, people on
the front lines that can give you the newest and most up-to-date
information that you need to detect attackers.

- SANS Minneapolis, November 4-9, 2002: http://www.sans.org/Minneapolis

This conference is a solution for people that can't come to the
Audit Symposium in December, it offers alternative dates for taking
Auditing Networks, Perimeters, and Systems, the most advanced technical
information system audit course in the world.

- SANS Spain, November 11-16, 2002: http://www.sans.org/Spain
- SANS Amsterdam, November 20-26, 2002: http://www.sans.org/Amsterdam
We will be teaching SANS Security Essentials in Barcelona, followed by
three of our most highly regarded tracks at our European conference in
Amsterdam: SANS Security Essentials; Firewalls, Perimeter Protection
and VPNs; and Intrusion Detection In-Depth. This combination of tracks
covers a wide variety of topics all extremely important to any site's
overall security readiness!

- SANS Maryland, December 2-7, 2002: http://www.sans.org/Maryland
This conference will offer one track, our highly recognized hands-on,
six days, Intrusion Detection In-Depth track. This track is taught
by the top practitioner/authors in the field, people on the front
lines that can give you the newest and most up-to-date information
that you need to detect attackers.

SANS First Wednesday Webcast

SANS is pleased to present the next in our "First Wednesday" free
webcasts.
Mark your calendar for October 2, 1:00 PM EDT (1700 UTC).
This presentation (featuring Dustin Childs) covers the basics of event logs
in Windows NT and 2000, the managing of logs, and tackles several items you
should know before completely trusting those logs. Plus Pentasafe's Todd
Tucker on VigilEnt Intrusion Manager - Log Analyzer. Listen live and ask
questions, or, once you have an access code, sign on later to listen to the
webcast at your leisure.
See http://www.sans.org/webcasts/october2.php for more information.

Respectfully,
Stephen Northcutt The SANS Institute

To change your subscription, address, or other information, visit
http://www.sans.org/sansurl and enter your SD number (from the
headers.) You will receive your personal URL via email.

Unsubscribing will take you off any news bulletin lists for NewsBites
or Security Alert Consensus as well as any conference information
notes.

You may also email <sanssans.org> with complete instructions and
your SD number for subscribe, unsubscribe, change address, add other
digests, or any other comments.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]