Greetings, a lot of things are happening at SANS so we bundled
everything into one, hopefully useful and compact message. SN

Table of Contents:
Desperately Seeking "Hackers" - IDNET Announcement
SANS Baltimore + Tools That Work Invite
Three Community Research Projects
Does Certification Really Matter? - Interview

===
Desperately Seeking "Hackers"

The 12th Intrusion Detection Network (IDNET) will be held March 7
and 8 in San Diego as part of SANS2003, our National conference.
IDNET will feature a target network of 16-20 machines. The targets
range from home users without firewall to a corporate network with
DMZ and internal targets. Bring your own laptop and tools to connect
the network and use whatever tools you like to attack. Points are
awarded based on difficulty of the exploit and value of the target.

If you are attending SANS2003, be sure and drop by, you can learn
a lot watching an IDNET. Live displays from vendors traffic, along
with monitoring and IDS tools, will be presented to follow attacks as
they progress. You can see how these IDS tools from various vendors
track attacks under real conditions, this is not canned traffic or
a simulation. I am hoping to understand "intrusion protection" a lot
better after seeing that class of system on the IDNET. Prizes range
from t-shirts to valuable electronic gizmos. For details and the
latest information: http://www.sans.org/SANS2003/idnet.php.

If you are not attending SANS2003 can you still participate in the
IDNET? Of course, but you have to pre-register. What better way to
demonstration your ethical hacking or penetration testing skills than
to win first prize on the IDNET! Send an email to idnetsans.org
to register.

===

SANS Baltimore + Tools That Work

I am pleased to invite you to SANS Inner Harbor, April 7-12, 2003 in
Baltimore, Maryland. SANS Inner Harbor will have seven SANS training
tracks, plus a five-day PKI course from Secure University. This
conference offers a broad spectrum of courses for everyone from brand
new infosec managers to vetted security professionals. You will leave
the conference with the skills and confidence needed to implement
effective tools and controls as soon as you get back to the workplace.
Please consider the words of one of your peers.

    "I want to applaud SANS on the level of detail that they put into
    their courses. Obtaining a GIAC Certification was by far the most
    rigorous and intense certification process that I have endured,
    other than Marine Boot Camp. The certification process was more
    stressful than jumping out of airplane at 800 feet at night into
    the ocean! KEEP UP THE GREAT WORK."

    John Bumgarner, M.A., CISSP, GCIH, IAM, SSCP
    Cyber Watch, Inc.

I also invite you to Audit and Security Controls That Work. This two day
technical conference features presentations from organizations that
demonstrate incredible system administrator to server ratios and
excellent operational efficiencies. This workshop setting is limited
to 150 attendees and is a learning opportunity that is relevant
and practical, designed for people that take audit, governance and
security seriously, and have a burning desire to work in a five
nines environment.

For more information about SANS Inner Harbor and the Auditable
Security Controls That Work technical conference, please visit the
links below. If you know others that would benefit from these timely
opportunities, please forward this message on to them.
http://www.sans.org/innerharbor03/
http://www.sans.org/audittech/

===
Three Security Community Research Projects

1) SANS invites reviewers for Business Law and Computer Security and
for SSH Step-by-Step research projects:

The first draft of our new SANS SSH Step-By-Step is ready for review.
This work includes configuration, usage and verification steps for SSH.

2) In addition, we are seeking attorneys or individuals with a strong
legal background who are interested in reviewing the first draft
of our new SANS one day course that is slated to become the book:
Business Law and Computer Security

To participate in either project, please include any relevant
experience and credentials along with your Bio/resume and respond
to reviewsans.org

Selected reviewers who make substantial contributions will receive
credit by having your name and organization listed on the inside
front cover. In addition, you will receive a free copy of the book.

3) Dartmouth ISTS Seeks Comments on Security Research Gap Analysis

The Institute for Security Technology Studies (ISTS) is doing an
analysis of the gap between needs and available technology for cyber
attack investigation. If you have tools that are useful in this field,
email Andrew MacPherson at amacphersonists.dartmouth.edu.

===
Does Certification Really Matter? - Interview with Darrin Wassom
It is a question I puzzle over and of course there is no single answer,
here is one person's experience, we would love to hear about yours.
http://www.sans.org/press/cert_matter.php

OK, back to work!

Stephen

To change your subscription, address, or other information, visit
http://www.sans.org/sansurl and enter your SD number or email address
(from the headers.) You will receive your personal URL via email.

Unsubscribing will take you off any news bulletin lists for NewsBites
or Security Alert Consensus as well as any conference information
notes.

You may also email <sanssans.org> with complete instructions and
your SD number for subscribe, unsubscribe, change address, add other
digests, or any other comments.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]