RE: Thanks Leif (fwd)

I would certainly be interested in a more in depth presentation on
knoppix-std. As an Information Assurance technician I get a lot of use out
of this. It's a great forensics/Vulnerability Assessment/network diagnostics
tool. It is also very scary to know that anyone such as a disgruntled
employee could simply boot this and wreak havoc on an internal network. It
also emphasizes the need for the use of disk encryption such as EFS to
protect the data once a perpetrator has physical access to a machine/server.
Knoppix-STD in combination with an usb datastick (or an outbound nc/ftp
session to an attacker controlled machine) would be a very simple way to
gleam a lot of information or for use with offline attacks utilizing
rainbowcrack etc. I hope you all are utilizing Intrusion Detection schemes
both externally and internally to offer some detection capabilities in
environments where information needs utmost protection.
Speaking of which, has anyone presented/discussed anything in regards to IDS
tools such as Snort logging to a mysql/postresql database with an
ACID(Administrative Console for Intrusion Detection) php frontend? It's
certainly a Security Professional's best friend...

-----Original Message-----
From: aklug-bounce@aklug.org [mailto:aklug-bounce@aklug.org] On Behalf Of
Leif Sawyer
Sent: Wednesday, April 21, 2004 2:29 AM
To: aklug@aklug.org
Subject: RE: Thanks Leif (fwd)

Mike Tibor jokingly replied to:
> Jon Reynolds, whom wrote:
>> Thanks for showing up at the Friday meeting and sharing some of the
>> tools you use. I especially like the std you passed around. ;) If you
>> would ever be interested in doing a presentation on some of what you
>> know let me know and we can set one up.
>
> Wow, you passed around an STD?!? This wasn't some unique
> demonstration of "promiscuous mode", was it?

In case everybody else is wondering, I demoed the Knoppix
Security Tools Distribution. Well, I'm not sure if demo is the right
word, more like showed off the lovely window manager and its many
menus. But I did go over some of the tools that it includes and also
let folks know that it's locally mirrored in the Misc Distros directory
on my linux archive http://games.gci.net/pub/Linux

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed Apr 21 06:36:33 2004