The FIRST Technical Colloquium (TC) event is restricted to FIRST members only and will be held in Nov 14-16, 2005.
The Vendor SIG Meeting is open to all vendor teams irrespective if the are members of Vendor SIG or FIRST or not. Relevant guests are also welcomed. However, the Vendor SIG forum moderators can use their discretion and refuse participation.
Technical Colloquium - Plenary Session
Technical Colloquium - Hands-On Classes
Vendor SIG Meeting
Technical Colloquium - Plenary Session | |
---|---|
09:45 – 10:45 | Vulnerability Management : Past, Present and Future Tom Briglia |
10:45 – 11:15 | Coffee break |
15:00 – 15:30 | Coffee break |
Technical Colloquium - Hands-On Classes | |
---|---|
09:00 – 11:00 | US Gavin Reid (HUMAN Security, US); Mike Scheck (Cisco PSIRT, US) Design your network to aid forensics investigation Robert Sisk Introduction to Computer Forensics Chok Wee Steve Romig |
11:00 – 11:30 | Coffee break |
11:30 – 12:30 | Design your network to aid forensics investigation Robert Sisk Introduction to Computer Forensics Chok Wee Steve Romig |
12:30 – 13:30 | Lunch |
14:00 – 15:00 | US Design your network to aid forensics investigation Robert Sisk (IBM MSS – IBM Corporation, US) US Introduction to Computer Forensics Chok Wee, Dr. Uwe Kohler (ORACERT – Oracle, US) US Steve Romig (OSU-IRT – Ohio State University, US) |
15:00 – 15:30 | Coffee break |
15:30 – 17:30 | US Design your network to aid forensics investigation Robert Sisk (IBM MSS – IBM Corporation, US) US Introduction to Computer Forensics Chok Wee, Dr. Uwe Kohler (ORACERT – Oracle, US) US Steve Romig (OSU-IRT – Ohio State University, US) |
Vendor SIG Meeting | |
---|---|
09:00 – 09:15 | GB Damir (Gaus) Rajnovic (Cisco PSIRT – Cisco Systems Co., GB) |
09:15 – 10:00 | JP Vulnerability handling in JPCERT/CC Yurie Ito (JPCERT/CC, JP) |
11:00 – 11:15 | Coffee break |
11:15 – 12:00 | Responsible Security Coordination with Open Source Derrick Scholl (Sun) |
12:00 – 13:30 | Lunch |
13:30 – 14:00 | Responsible Security Coordination with Open Source Derrick Scholl (Sun) |
14:00 – 14:45 | US Tara Flanagan (Cisco Systems – Cisco Systems Ltd., US) |
14:45 – 15:00 | Coffee break |
Gavin ReidGavin Reid (HUMAN Security, US), Mike Scheck (US)
This class will first go over CVSS basics. Then have the participants score some test vulnerabilities themselves. We will then go over the results and attempt to identify any discrepancies.
November 15, 2005 09:00-11:00
Robert Sisk
This course will review network design and monitoring with the intent of identifying and providing adequate compromise detection, developing appropriate security response to suspicious "events", and increasing readiness for forensics investigation.
November 15, 2005 09:00-11:00, November 15, 2005 11:30-12:30
Damir (Gaus) Rajnovic (Cisco Systems Co., GB)
Click for Vendor SIG Meeting Program
November 16, 2005 09:00-09:15
Chok Wee
This class is an introductory class to computer forensics and requires no prior forensics experience. The presentation will focus on delivering key concepts in computer forensics. Students will have the opportunity to perform hard drive data acquisition on their laptops using some well-known tools. The instructor will perform a live forensic analysis with a commercial tool to conclude the training.
November 15, 2005 09:00-11:00, November 15, 2005 11:30-12:30
Tara Flanagan (Cisco Systems Ltd., US)
Some legal issues related to handling product security vulnerabilites.
November 16, 2005 14:00-14:45
Steve Romig
We'll demonstrate and practice some techniques for dynamic analysis of malware by running it under vmware and creating a fake environment (DNS, WWW, FTP) for it to see what it does. We'll also discuss other aspects of incident response. We will be using an incident involving a backdoor program called Nethief as our case study.
Students who wish to may use their own laptops with Linux or a Vmware Linux image. For this hands-on if preferred the use of Redhat 8 or 9 with BIND, Apache and FTP). Students who will join this class can ask the instructor for configurations procedures prior to the class.
November 15, 2005 09:00-11:00, November 15, 2005 11:30-12:30
Derrick Scholl
Sun Microsystems recently open sourced it's Solaris Operating System. I'd like to present some of the pitfalls and experiences we have encountered thus far as we learn to exist in both the open source and responsible vendor worlds. In addition, I'd like to ask some thought provoking questions and maybe even generate a discussion with other vendors about the future of responsible security coordination with open sourced products.
November 16, 2005 11:15-12:00, November 16, 2005 13:30-14:00
Yurie Ito (JP)
Yurie will be introducing the JPCERT/CC vulnerability handling/disclosure policy, legal document which JPCERT contract with vendors, vendor registration scheme of JPCERT/CC vulnerability handling, and JVN (JP Vendors status Notes) portal site. Also introducing JPCERT's international handling partnership with partner CSIRT (CERT/CC, NISCC).
November 16, 2005 09:15-10:00