FYI, we are having a meeting tomorrow to discuss this year's ISSA
agenda. If you are interested in security, you will probably want to
show up.
-------- Original Message --------
Subject: Re: [Discuss] meeting topic ideas
Date: Wed, 20 Feb 2008 14:37:51 -0600
From: Mark A. Lappin <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
(more ideas)
File sharing & file security, file auditing --- this might be one of those
Windows vs Linux vs Mac things. Differences in what you can do.
Permissions sets on NAS/SAN devices
Permissions over/on iSCSI and access methods for iSCSI
(I guess partly ties to #1 as well)
This could be general shared resources security & permissions
Internal PKI Infastructures
Wireless Security @ Home & @ Work -- what is good/sufficient, what is
commonly recommended, false senses of security. Maybe do a mini-version at
a CCCC monthly meeting in exchange for the meeting location usage?
Desktop/Laptop (not server) security w/ Windows or Linux -- what your
machine
advertises, how to silence it, myths about workgroups, subnets, routers, net
bios, smb.
And maybe, just for kicks move away from some of the technical stuff and as
an exercise for the brain look at some of the theory behind security
algorithms --- i.e. we accept certain things such as the Diffie Helman Key
Exchange and what it involves/entails but how does it work mathematically,
same for 3DES, MD5, etc -- why would you use one over the other and what
advantages does each offer over the other and not necessairly which
technology set is using each individual algorithm but WHY a specific
technology uses that algorithm.
.....we never did talk about PKI
Security strategies for legacy systems, what is/does defense in depth
consist
of and does it work or are we just spinning our wheels
Programming around SQL injection
on Ronnie's suggestions:
Virtual Server Virtual Machines --- yes
L2 and L3 devices --- also VLANS, mabye something in there too about
multiple subnets on the same switch and/or how a router works with such
things from an ACL perspctive.
re Group Policy --- bring it on, and specific areas of interest suggestions
by all means, its a huge topic area.
Mark L.
If anybody gets lost or needs directions the number of the cccc office is
225-273-7113. I won't be able to get there till 12:30ish or so, if nobody
is up there when you get there just sit tight and I'll be up there ASAP to
open the door.
Mark A. Lappin, MCSE:Security | Lee Michaels Fine Jewelry
IT Manager
11314 Cloverland Avenue | Baton Rouge, La 70809
Ph: 225.291.9094 ext. 245 | Fax: 225.293.2021 | Mobile: 225-362-2770
www.lmfj.com
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Ronnie Gilkey
Sent: Wednesday, February 20, 2008 2:12 PM
To: [EMAIL PROTECTED]
Subject: [Discuss] meeting topic ideas
1) Virtual server and virtual machine security
2) Layer 2 & Layer 3 device security (routers & switches)
3) More group policy -- Mark's last presentation was great and I'd like to
see some more detailed implementations / strategies / tricks with group
policies.
Ronnie
_______________________________________________
Discuss mailing list
[EMAIL PROTECTED]
http://br-issa.org/mailman/listinfo/discuss_br-issa.org
_______________________________________________
Discuss mailing list
[EMAIL PROTECTED]
http://br-issa.org/mailman/listinfo/discuss_br-issa.org
--
Puryear Information Technology, LLC
Baton Rouge, LA * 225-706-8414
http://www.puryear-it.com
Author, "Best Practices for Managing Linux and UNIX Servers"
http://www.puryear-it.com/pubs/linux-unix-best-practices
Identity Management, LDAP, and Linux Integration
_______________________________________________
General mailing list
[email protected]
http://mail.brlug.net/mailman/listinfo/general_brlug.net
