Sven Lehmberg (Siemens)
Protecting Windows NT systems also depend on the configuration of all features and functions available. As the actual status of any installation might be unknown it is mandatory to understand what to look for to assess that status. The presentation goes into the details how to do such audit.
MD5: 861a352776f769400cb4e6782f30b7ef
Format: application/pdf
Last Update: June 7th, 2024
Size: 781.37 Kb
Kevin Houle (CERT Coordination Center, US)
Kevin Houle is a senior member of the technical staff at the Sofware Engineering Institute, home of the CERT(R) Coordination Center (CERT/CC). Kevin currently leads the CERT/CC Artifact Analysis Team and is responsible for overseeing the analysis of all attack tools collected by the CERT/CC. He and his team collaborate internationally to advance the state of artifact analysis. Kevin has also led the CERT/CC Incident Handling Team and has contributed to numerous CERT/CC published security alerts, documents, papers, and courses since joining the SEI in 1998.
MD5: c162d7bc0776390ba45b158046eae13a
Format: application/pdf
Last Update: June 7th, 2024
Size: 964.14 Kb
Andrew CormackAndrew Cormack (GB)
Since 1993 CERTs in Europe at least yearly met to exchange information and keep everyone up to date about recent developments. Since Summer 1999 there is a new effort - facilitated by TERENA as umbrella organization for national research and educational networks - to have regular meetings and coordinate efforts that might be beneficial for all teams. Andrew reviewed this new approach.
MD5: 433016a6542c74c9c23092e46b7050bf
Format: application/pdf
Last Update: June 7th, 2024
Size: 64.21 Kb
Philippe Bourgeois (CERT Industries, Services and Tertiaire)
MD5: cd3c2dcb5544a29fe42fb05243934324
Format: application/pdf
Last Update: June 7th, 2024
Size: 581.7 Kb
Dr. Wietse Z. Venema (IBM, US)
More on statistics, this time about the (digital :) footprints of software ...
MD5: e8a4f17f6ea1df9236fe1483d37ffd50
Format: text/plain
Last Update: June 7th, 2024
Size: 100.55 Kb
Dr. Wietse Z. Venema (IBM, US)
Wietse Venema is known for his software such as the TCP Wrapper and the POSTFIX mail system. He co-authored the SATAN network scanner and the Coroner's Toolkit for forensic analysis, and wrote a book on forensic computing with Dan Farmer. Wietse received awards from the System Administrator's Guild (SAGE) and from the Netherlands UNIX User Group (NLUUG). He completed his two-year term as the chair of the international Forum of Incident Response and Security Teams (FIRST). Wietse has a Ph.D. in physics and is a research staff member at the IBM T.J.Watson research center in the USA.
MD5: e2f0dc1bce8165ed95f68629139912c0
Format: application/pdf
Last Update: June 7th, 2024
Size: 40.37 Kb
Dirk Reimers (SecuNET)
Based on his development of CastingNT Dirk showed the amount of information which is available for Windows NT systems with a limited amount of highly automated probing. He also discussed how the information changes depending on the level of access the probing user is already granted (for example as CastingNT is run by a legitimate user).
MD5: 2896076c126b08ade52a09a1ea7252df
Format: application/pdf
Last Update: June 7th, 2024
Size: 1.81 Mb
Neil Long (Oxford University)
MD5: bb430bd42f5a60c98559fa8ac642f496
Format: application/pdf
Last Update: June 7th, 2024
Size: 16.58 Kb
Keld Frimann Nielsen (TDC Tele Danmark A/C)
Very similar to the efforts of FIRST within the network/Internet domain the telecommunication sector is facing the same or very similar problems while dealing with attacks, fraud and crime.
MD5: 533ca084825faccc5d769ba76444ffe4
Format: application/pdf
Last Update: June 7th, 2024
Size: 136.51 Kb
Don StikvoortKlaus-Peter KossakowskiDon Stikvoort (Open CSIRT Foundation), Klaus-Peter Kossakowski (DFN-CERT Services GmbH, DE), Klaus-Peter Kossakowski (Software Engineering Institute, DE)
Within the past few month, there was reasonable discussion among European CSIRTs how to react on the end of the EuroCERT project. One outcome was to formalize the previously informally handled introducer process. Instead of relying on volunteers to bring in new teams into the already established web of trust, the necessary basis for this should be established by an entity, collecting authentic and timely information about existing CSIRTs. With TIPSI, a process and criteria were developed, to facilitate these.
MD5: 0b5791ce1e78e1ec5226e83da7a1b443
Format: application/pdf
Last Update: June 7th, 2024
Size: 1.03 Mb