Thanks guys! But I don't think there'll be any business trips in it for anyone... ;)
Dave Dave Watts wrote: > > > and besides, does your class cover securing the OS of the > > box, or just CF? > > I'm kind of hurt that you didn't read the description. Sigh. Oh well. > > The course covers secure installation of NT/2K, secure configuration of > services (IIS, CF, and every other service for that matter), web application > configuration issues (including the CF Administrator application), web > application code issues (input filtering, etc), and secure management > (auditing, logging, filesystem integrity checking, remote control > application configuration and use). > > > does it include a full vulnerability assessment of the > > client network? > > Nope. Frankly, I'm not qualified to do that. While I'm a knowledgeable > amateur in that area, I'd be reluctant to perform any serious vulnerability > assessment of a client's network. I'm capable of running nmap and the like, > but that hardly makes me a professional. I am conversant with people who are > very well qualified to do that; it's worth noting that I haven't seen yet > the automated tool which can do the entire job. > > The above-mentioned course focuses on host-based security; it doesn't cover > general network security issues, except to raise the point that those issues > should be addressed by the appropriate professionals. However, when setting > up a "bastion host", you try to eliminate as many dependencies on external > resources as possible; by doing this, you can minimize (not eliminate, > though) the concerns raised by general network security issues. > > Here in DC, Ernst & Young had a respected "ethical hacker" arm, which does > "tiger team" penetration. They used to offer courses, but I think the core > group went on to create their own dedicated security company. > > > and a flight to new zealand? :) > > I've got no response for that. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > voice: (202) 797-5496 > fax: (202) 797-5444 > > ______________________________________________________________________ Get Your Own Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation � $99/Month � Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionb FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
