From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Fri, 12 Apr 1996 15:39:24 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: security auditing class (fwd)
Message-ID: <199604111833.NAA03453@homeport.org>
MIME-Version: 1.0
Content-Type: text


Wow.  Looks like fun.

----- Forwarded message from Dan -----

>From firewalls-owner@GreatCircle.COM  Thu Apr 11 06:54:33 1996
Message-Id: <199604102045.NAA29570@flying.fish.com>
X-Authentication-Warning: flying.fish.com: Host zen@localhost didn't use HELO protocol
To: firewalls@GreatCircle.COM
Subject: security auditing class
reply-to: /dev/null@flying.fish.com
Date: Wed, 10 Apr 96 13:45:46 -0700
From: Dan <zen@flying.fish.com>
Sender: firewalls-owner@GreatCircle.COM
Precedence: bulk




Announcement of Free Class on Internet Security Auditing and Risk Assessment

                     *** Sponsored by Sun ***


TIME & LOCATION

  Tuesday, April 30th, 1996
  ***** This class will be given *one* time; it will *not* be repeated *****
  The class will last all day - 8 or more hours

  [Exact building/location TBA, but will be in Mountain View, CA, USA


INSTRUCTORS

  Dan Farmer                      Wietse Venema
  Sun Microsystems                Eindhoven University of Technology


GENERAL OVERVIEW

***                       WARNING                                          ***
***  This class will be aimed at experienced system administrators or      ***
***  security auditing professionals.  8 hours of class in one day is not  ***
***  for the faint of heart!  However, there are no requirements or        ***
***  prerequisites needed to attend.                                       ***
***                                                                        ***

Wietse and I are going to give a class on security auditing.  In
something like 8 hours, we are going to try and cover everything we know
(or at least the highlights) on how to do an Internet security audit.
Neither of us have any formal auditing training, but we feel that with our
combined experience (we are the authors of the TCP wrappers, COPS, and
SATAN, among other tools and papers) that we have a fair amount to say
about the subject.  If the class goes well, we plan on giving another
talk in the summer, probably in europe next time, on securing your Unix
system.


CLASS TOPICS (selected, not exhaustive)

Definition and purpose of security auditing
Software and hardware tools used
Our general philosophy about auditing
Tiger teams
Types of auditing/systems
What to examine/ignore
"Perfect" vs. incomplete data
Micro vs. macro auditing
Auditing large networks
Passive vs. active data collection
Interpretation of data collection
Auditing the security policy
*Our* auditing and security standards
Scoring methods
Overall data analysis
System design analysis
The report


REGISTRATION NOTES & INFORMATION

   We don't know how many people will show up; we will try to accomodate
   everyone, but with finite space, we might have to limit the class size.
   It will be filled in a more-or-less first come, first serve basis.

   We will be placing some notes on the web; registered participants will
   be notified of where to find them.


To register, you must send a *physical* letter with your name and e-mail
address to my wonderful Sun administrator:

   Diana Behjou
   2550 Garcia Avenue, MS PAL01-550
   Mountain View, CA  94043-1100
   USA

And request a position in the Internet Security Auditing and Risk
Assessment class.  You will receive an e-mail reply to confirm your
registration.  Again, there is no charge, but *please* don't register
unless you are certain that you'll be there, because others will suffer
if the class fills up.

E-mail will probably be ignored, unless I know you, and then I'll be
pissed off that you asked me to add you to the list instead of sending a
stupid letter, and you'll owe me a bottle of fine port or something.
There is no ulterior motive to this, other than the fact that wietse and
I are trying to write a book, and we're using this as a motivational
tool.

Enjoy.

----- End of forwarded message from Dan -----

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume