How to be aware of security problems on your network

Presented at DEF CON 7 (1999), July 10, 1999, 6 p.m. (50 minutes)

A critical component of network security is being aware of what is occurring on your systems so you can spot security problems before they become a big headache. The Abacus Project is a suite of free security tools that allows administrators to monitor critical aspects of system operations on a variety of Unix hosts to help increase their awareness.

The core components of the project attempt to address the more common indicators of an attack such as: 1) Strange messages in audit files indicating errors or invalid input that indicate security problems. 2) Port probes that are a pre-cursor to attack and compromise. 3) Compromised user accounts and suspicious user activity.

The three currently released tools address the above issues using generic techniques that work on a number systems. These tools are: Logcheck, PortSentry, and HostSentry.

This talk will detail why it is important to watch your systems closely for problems and how these and other free security tools can help bolster your site security using a variety of simple techniques.

Presenters:

• Craig H. Rowland
  Craig H. Rowland is a security software developer and consultant currently working for Cisco Systems Inc. His area of focus falls into network attack tool programming and intrusion detection systems. He is the author of several free security tools on the Internet and maintains the Psionic Software website to distribute security tools, papers, and advice.

Links:

• https://infocon.org/cons/DEF CON/DEF CON 7/DEF CON 7 video/DEF CON 7 - Rowland - How To Be Aware Of Security Problems On Your Network.mp4
• https://www.youtube.com/watch?v=DMbn3YUjHPU

Similar Presentations:

• DerbyCon 3.0 All in the Family (2013) / Some defensive ideas from offensive guys.
• AppSec USA 2015 / Security as Code: A New Frontier
• DEF CON 17 (2009) / Dangerous Minds: The Art of Guerrilla Data Mining