---------- Forwarded Message ----------
This is an automated event reminder from the Baton Rouge Chapter of the
Information Systems Security Association. For questions please contact
info@br-issa.org.
There are only 12 days left until the following event:
Event Name: Meeting - Worm Control and Deflection
Speaker: Stuart Hoffmann from Arbor Networks
Topic: Worm Control and Deflection
Date: 2004-09-07 18:30:00
Location: Bluebonnet Regional Library
Worms are a threat unlike other threats. Worms are not DoS. Worms are
not a virus threat. Worms amplify security vulnerabilities by
exploiting them worldwide within minutes. Speed, pervasiveness, and
widespread susceptibility allow worms to transcend the classic threat
model and become a service-level threat: SQL Slammer doesn't attack
individual SQL Servers, it affects the SQL Service as a whole.
Service-level threats require service-level responses. A total
service-level response can only be realized at the network level.
Speed: Worms propagate faster than the "control loops" of conventional
security technology. The IDS/IPS "detect, correlate, filter" cycle runs
slower than a worm, providing a window of vulnerability.
End effect: "Whack-a-mole" --- even with pervasive IPS deployment,
network converges to a state where all vulnerable hosts are infected.
Safety: There exist machines (trading feed, manufacturing floor,
telesurgery) that cannot be disrupted even if they are infected. 100%
accuracy does no good in these environments.
End effect: Worm defense is more expensive than the original worm
outbreak.
Pervasiveness: Most network security technology is deployed at the
Internet perimeter. Worms get in anyways: infected laptops, partner
networks.
End effect: Without pervasive internal coverage of detection &
mitigation technology, worm spread cannot be stopped.
At this presentation you will learn how to protect yourself from this
threat.
To learn more visit the calendar at:
http://www.br-issa.org/calendar.php3
Know someone who might want to join the ISSA? Have a colleague you'd
like to bring along? Feel free to send them this email.
The Baton Rouge Chapter of the Information Systems Security Association
- http://www.br-issa.org
...
-------------------------------------------------------
-- Joey Kelly < Minister of the Gospel | Linux Consultant > http://joeykelly.net "I may have invented it, but Bill made it famous." --- David Bradley, the IBM employee that invented CTRL-ALT-DEL ___________________ Nolug mailing list nolug@nolug.orgReceived on 08/26/04
This archive was generated by hypermail 2.2.0 : 12/19/08 EST