Hey All, There are a couple of announcements about upcoming events to make so I've put them together into this newsletter. After this the newsletter will only be sent to people on the misc-list so please subscribe to that if you wish to receive these in the future. The goal of the newsletter is to be monthly in the future. Topics Omaha Infragard Announcement Infotec Call For Presenters Mailing Lists at NEbraskaCERT Call for Cyber Security Forum Presenters Easy/Free CPEs for CISSPs One Security Tool One Security Website End Of Line #################### Omaha Infragard Announcement #################### The following announcement is from the Infragard Omaha Chapter: You are invited to the InfraGard Omaha Chapter September meeting. Date: Thursday, September 25, 2008 Time: 3:00-5:00pm National Safety Council 11620 M Circle Omaha, NE 68137 Link to register for the meeting http://www.actonsoftware.com/acton/form/181/0015:d-0001/0/index.htm Featuring Guest Speaker: Phyllis A. Schneck, Ph.D. Vice President, Research Integration, Secure Computing Corporation Founding Chairman and Chairman Emeritus, Board of Directors, InfraGard National Members Alliance The Role of Internet Reputation Intelligence in Protecting Critical Infrastructure, Financial and Control Systems: Making traditional “Firewalls” smarter with a decade of evolution in Information Sharing Electronics run our infrastructure and our world. Recently a top cyber agent at the FBI was quoted as saying "Computers are everywhere. Most of you drove here in one." Then consider Internet communication. Anyone, anywhere can send anything they wish to a recipient that has little to no control over whether or not the communication is received. Unwanted traffic is often a delivery vehicle for malicious payloads ranging from sales pitches to malware that leads to identity theft and enables global organized crime. Fueled by advances in data analysis and malware detection, blocking unwanted Internet traffic and connections is a necessary protection from voice and phones to desktop computers that plays a key role in critical infrastructure protection. Traditionally, firewalls are deployed to block unwanted traffic and connections, but we emphasize that a firewall is only as effective as it is intelligent. The successful attack is always about what the security product did not catch. The protection of our world, from daily life to global critical infrastructure, depends upon the security of our "cyber"/ communication systems. Our water, energy, finances and transportation depend on the accurate and timely delivery of information from the application level that we can see (e.g. a website) to the digital controls level that we cannot see (e.g. the power grid). Worldwide cyber systems are under constant and insidious attack. Even a seemingly harmless connection or even an email could deliver a payload onto the receiving machine that changes the behavior of that machine and others that interact with it. Further, the misuse of bandwidth can result in a lack of bandwidth on some routes that may affect emergency traffic. This talk explores some of the new strategies that the cyber "good guys" have formulated to protect cyber systems for global infrastructure protection – using global mathematical Internet traffic and reputation intelligence to proactively protect critical systems from the witted adversary. Traditional security products can no longer protect against current threats. Additional intelligence and situation awareness is needed: We present a trend analysis of the world's Internet traffic, tracking and correlating the behavior of individual entities, such as IP addresses, URLs or VoIP phone numbers. We then combine messaging and web data analysis techniques with evolving worldwide policy on infrastructure protection, coupling that with experiences working with government agencies to share information and promote more resilient networks. More data equates to a better understanding of the Internet ecosystem, yet requires more resources for real-time analysis, interpretation and global distribution of intelligence. This correlation is analogous to real-time information sharing of global activity, and is now readily available at the firewall – to protect, at line speed, our most critical systems at line speed from the stealthy adversary – the attacks that cannot be detected without the thousands of data points that are provided by reputation intelligence. Information is only as useful as it can be applied efficiently to prevent attacks and maintain availability. We explore efforts within the public and private sectors to enhance the exchange of information such as that described above across Federal, State and local governments and across the private sector, transcending geographical boundaries and corporate competition for infrastructure protection. #################### Infotec Call For Presenters #################### Infotec has posted their Call for Presenters for their 2009 Conference. The conference will be down at the Qwest Center again from April 13-15th, 2009. There is a section of the conference devoted to Information Assurance this year again. Abstracts are due by September 30th. Links: infotec: http://www.infotec.org infotec CFP: http://www.aiminstitute.org/infotec/index.php?option=com_content&task=view&id=13&Itemid=26 #################### Mailing Lists at NEbraskaCERT #################### Currently NEbraskaCERT runs two public mailing lists csf-announce which is for Cyber Security Forum announcements and other NEbraskaCERT business and misc-announce which we make available to other security groups and for other items we find interesting. To subscribe to csf-announce send an e-mail to csf-announce-subscribe with the subject of subscribe and it will send you an e-mail to confirm your subscription. To subscribe to misc-announce send an e-mail to misc-announce-subscribe with the subject of subscribe and it will send you an e-mail to confirm your subscription. The e-mails also include information on how to unsubcribe from the mailing lists as well. Currently almost all traffic goes to the csf-announce list but we are going to start using the misc-announce list more in the future #################### Call for Cyber Security Forum Presenters #################### As always we need presenters for the Cyber Security Forums (CSF)s. These are a great opportunity to speak to a small, receptive audience about a security topic you are working on or are interested in. It is also a very nice plan to do a trial run of a talk before you present at a national convention. Quick description of a CSF We do the CSFs the third Wednesday of the month. We usually alternate between breakfast CSFs (7:30 am) and Lunch CSFs (11:30 am). The Presentation is typically between 45-60 minutes long, we have done some two parters to accommodate longer presentations. We typically have between 25-40 people attending the presentation. So if you're interested in possibly speaking at one or you have any questions please drop me a line at csfrsvp nebraskacert.org #################### Easy/Free CPEs for CISSPs #################### One of the easiest way to get CPEs it to subscribe to Security magazines. Subscribing to Information Security and SC Magazine will get you 5 CPEs per magazine. Both magazines offer free subscriptions and perhaps the best part is that ISC^2 will usually put those CPEs into the system for you automatically (provided you use the same e-mail address for both your ISC^2 account and your magazine subscriptions. There are also some other fine security magazines out there as well such as CSO magazine which I don't believe automatically add to the ISC^2 system. Links SC Magazine: http://www.scmagazineus.com/ Information Security Magazine: http://searchsecurity.techtarget.com CSO magazine: http://www.csoonline.com/subscribe Caveats You should confirm that the CPEs are awarded This is my understanding and I could be wrong on this. I received CPEs for Information Security Magazine and SC magazine automatically added to my account when I reviewed my CPEs last month. #################### One Security Tool #################### The tool for this round is Virus Total. You can use Virus Total one of two ways either by e-mail or by downloading and installing an extension to Windows Explorer. What VirusTotal does is run a suspicious file against 35 different virus detection engines. This is useful if you've got a file you're not sure about and are trying to make sure doesn't have a virus. There are some size limits (20Mb for E-mail) and (10Mb for the Explorer extension). Also keep in mind that some of the tools migh register false positives as well. If you get 1 tool that lists a concern I wouldn't be to concerned, 5 or above matches starts to get a bit more dicey. Link http://www.virustotal.com/metodos.html #################### One Security Website #################### TheFreeCountry is an excellent website pointing to free resources on the web. The Security resources page has links to some very cool tools. The website maintainer does an excellent job of keeping the info up to date and including new resources. It is also a nice resource for finding disposable e-mail addresses and websites for experiments as well. Links: TheFreeCountry.org: http://www.thefreecountry.org security section: http://www.thefreecountry.com/security #################### End Of Line #################### This is the first newsletter. If you have any feedback/questions please let me know at aaron.grothe < at > nebraskacert.org or ajgrothe@gmail.com. If anyone has any corrections to the newsletter please let me know and I'll include them in the next newsletter. Regards, Aaron 0-0-0 NEbraskaCERT www.nebraskacert.org