gmane.comp.security.linux

Call for Papers: SLAML 2011

Marc Casas Guix — 2011-02-02T16:44:02

_Managing Large-Scale Systems via the Analysis of System Logs and the 
Application of Machine Learning Techniques (SLAML 2011)_

At the ACM Symposium on Operating Systems Principles

October 23-26, 2011

Carcais, Portugal


  Important Dates

    *

      Full paper submission due:* Friday, June 17*^*th* *, 2011*

    *

      Notification of acceptance: *Friday, July 15*^*th* *, 2011*

    *

      Final papers due: *Friday, August 12*^*th* *, 2011*


  Overview

Modern large-scale systems are challenging to manage. Fortunately, as 
these systems generate massive amounts of performance and diagnostic 
data, there is an opportunity to make system administration and 
development simpler via automated techniques to extract actionable 
information from the data. This workshop addresses this problem in two 
thrusts: (i) the analysis of raw system data logs, and (ii) the 
application of machine learning to systems problems. We expect the large 
overlap in these topics to promote a rich interchange of ideas betwee

Final Penultimate last Call for Papers for CanSecWest 2011 (deadline Jan. 17th, conf March 9-11)

Dragos Ruiu — 2011-01-13T11:41:05

"First they ignore you, then they ridicule you, 
then they fight you, then you win." -- Mahatma Ghandi.

Well if Fox's new comedy show "Breaking In" is any
indication, infosec has now entered Ghandi's second 
stage. http://goo.gl/ZpLDp [youtube] (hat tip to Adam 
O'Donnell for this humorous find, and Sam Bowne for 
the quote/quip)

But on a slightly more serious note.

CanSecWest is nearing in the second week of March, and 
this year I've waited on sending out the CFP note/reminder. 
It's been up on the site for a while with a Dec 29 deadline, 
but this is the real last call for submissions. If you don't get 
them in by this weekend they won't make the selections 
review process next week. We'll try to announce the 
selections the week following. After 11 years, most 
of you should know the drill, but for those who haven't 
submitted or attended before, the fine print and usual 
further information is attached below.

Other info:

We are doing more dojo training courses  than ever this 
year (17!) and they

[Tool] The 'Snort like' log monitoring system == Sagan

Champ Clark III [Softwink] — 2010-06-25T00:49:44

Sagan release version 0.1.0
http://sagan.softwink.com
Written by Champ Clark (AKA 'Da Beave') and the Softwink, Inc team
Date: 06/24/2010

Softwink announces the release of Sagan, a real time log monitoring
system.

Sagan is a multi-threaded, real time system- and event-log monitoring system,
but with a twist. Sagan uses a "Snort" like rule set for detecting "bad 
things" happening on your network and/or computer systems. If Sagan detects 
a "bad thing" happening, that event can be stored to a Snort database
(MySQL/PostgreSQL) and Sagan will correlate the event with your
Snort Intrusion Detection/Intrusion Prevention (IDS/IPS) system.  Sagan 
is meant to be used in a 'centralized' logging environment,  but will 
work fine as part of a standalone Host IDS system for workstations.

Sagan is fast:  Sagan is written in C and is a multi-threaded application. 
Sagan is threaded to prevent blocking Input/Output (I/O). For example, 
data processing doesn't stop when an SQL query is needed.  It is also meant
to be a

EUSecWest 2010 MiniCFP (conf Jun 16/17) and PacSec 2010 CFP (conf Nov 10/11, deadline July 30)

Dragos Ruiu — 2010-05-27T14:01:44

EUSecWest 2010 MiniCFP (PacSec CFP Follows)

One of our presenters was unable to get corporate approval for his 
travel and cancelled out. As such we are opening up one or two 
available slots for last minute submissions. We are also offering
a referral bounty of a free conference registration for high quality
replacement papers on short notice. (The Conference is on June 16/17
at the Melkweg in Amsterdam.) Please forward submissions to
secwest10 [at] eusecwest.com, and please include the name of
the referrer for the bounty award.

The current confirmed speakers for EUSecWest are:

Special party (16th) musical guests: Plump DJs (others TBA)

   Legic Prime: Obscurity in Depth
   Karsten Nohl & Hendryk Plötz, Security Research Labs

   Having fun with Apple's IOKit
   Ilja Van Sprundel, IOActive

   Escaping the Sandbox
   Stephen Ridley, Matasano

   Milking a horse or executing remote code in modern Java web frameworks
   Meder Kydryraliev, Google

   Hacking Printers for fun and profit
   Andrei Constin

EUSecWest Amsterdam 2010 Call For Papers (short deadline May 5 - conf June 16/17)

Dragos Ruiu — 2010-04-30T06:50:30

EUSecWest CALL FOR PAPERS

   AMSTERDAM, Nederland -- The sixth annual EUSecWest applied technical
   security conference - where the eminent figures in the international
   security industry will get together share best practices and technology
   - will be held in downtown Amsterdam at the the Melkweg Multimedia
   Center near Leidseplein on June 16/17, 2010. The most significant new
   discoveries about computer network hack attacks and defenses,
   commercial security solutions, and pragmatic real world security
   experience will be presented in a series of informative tutorials.

   The EUSecWest meeting provides international researchers a relaxed,
   comfortable environment to learn from informative tutorials on key
   developments in security technology, and collaborate and socialize with
   their peers in one of the world's most scenic cities - a short walk
   away from several large hotels and the Leidseplein entertainment and
   shopping district, conveniently close to many famous museums,
   con

Re: Hardening CentOS

Tony Murphy — 2009-11-24T16:25:55

Here is a link to a YouTube demo of the 3.1 product that was shot at the
RedHat Summit earlier this year.  The new product coming out in Dec 2009
will also support Novell SUSE and OpenSUSE and Fedora 11.

http://tcs-security-blanket.blogspot.com/ is the technical blog for the
product and has tons of great content.

Demo



Tony Murphy wrote:

Re: Linux Hardening

Tony Murphy — 2009-11-24T16:19:10

Security Blanket by TCS is an automated lockdown tool for Linux and Solaris. 
TCS helped create the linux 2.6 kernel and is listed on the NSA webpage for
having created the MLS extensions to SELinux.

The product blog is http://tcs-security-blanket.blogspot.com/ with tons of
content, example reports, links to industry recognized lockdown criteria

Security Blanket supports:
RHEL 4 and above
Oracle Ent Linux 4 and above
Fedora 10 and above
SUSE 11 and above
OpenSUSE 11 and above
Solaris 10 x86 and SPARC

It runs on System z, SPARC, 32 bit and 64 bit x86 architectures and PowerPC

Here is a demo of the 3.1 GA version and a newer version from RedHat Summit
2009 and a new product will release Dec 2009


jvicente wrote:

Replicating the Gonzalez Cyber Attacks through Penetration Testing

Core Security — 2009-11-21T00:07:10

--------------------------------------------------------------------------------
YOU'RE INVITED: IT SECURITY ON DEMAND WEBCAST
 
"Replicating the Gonzalez Cyber Attacks through Penetration Testing"
Register: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
---------------------------------------------------------------------------------
 
Recently, we saw the indictment of cybercrime kingpin Albert Gonzalez, one of the accused masterminds behind high-profile data breaches at Heartland Payment Systems, Hannaford Bros. Supermarkets, 7-Eleven, and TJX. Next week, Core Security Technologies will present a hands-on look at the attacks Gonzalez and his co-conspirators are believed to have used in breaching these organizations.
 
Leveraging the actual indictment document as a guide, Core Security senior product manager Alex Horan will use CORE IMPACT Pro penetration testing software to demonstrate the techniques by which Gonzales allegedly stole millions of credit card numbers* - showing you

Smart-Card Open Test Toolkit

Tommaso Cucinotta — 2009-10-28T07:24:30

Hi all,

I would like to announce the availability of SCOTT, an open, modular and
extensible smart-card shell, which can be used for interacting with
smart-card devices, i.e., browsing its contents or also using the
on-board capabilities, as well as for automating such smart-card
operations by means of scripts. The envisioned usage scenario is around
automated smart-card configuration like needed during the development of
smart-card based applications, where one may have to repeatedly perform
a set of operations onto a smart-card, usually for testing purposes. For
example, "formatting" a card and loading some certificates and keys, or
loading some (updated version of a) JavaCard Applet. This is the
motivation for the project name: Smart-Card Open Test Toolkit.

The idea is to have a basic core constituted by a command-line
interactive shell, where external plugins define sets of commands which
can be:
-) commands related to some particular smart-card API, like the "system"
scott-pcsc plug-in, which provides

SecurityTubeCon CFP, Venue: Cyberspace!

Vivek Ramachandran — 2009-09-10T04:45:34

Dear All,

SecurityTube.net is pleased to announce the CFP for SecurityTubeCon, the 
first hacker conference, to be held completely online!

SecurityTubeCon is aimed at democratizing hacker conferences by allowing 
any researcher, regardless of his physical location, to share his work 
with the community. Unlike other Cons we will not *accept / reject* 
speakers. If you have something interesting to share, you WILL be heard. 
The idea behind SecurityTubeCon is not to pass judgments on your work, 
instead, it aims at providing a platform for knowledge exchange.

Once speakers send in their talk abstracts, we will put it online for 
the community members to decide which talks they want to attend. On the 
day of the conference, speakers will broadcast their talks using 
screencasting software and the interested participants will tune in. The 
participants will use IRC / chat rooms to ask questions to the speakers 
during the talks.

What else is unique about SecurityTubeCon?

a. This conference will be held com