All Shows

Show of 9-28-2002

  • Tech Talk Guest: Dr. Feisal Keblawi, CISSP
    • Information System Security (IIS) Manager for FAA Research and Acquisition
    • Responsible for ensuring that all systems under development afford the National Airspace System adequate protection against intrusions and malicious acts
    • ?Developed the overall IIS Architecture for FAA
    • Initiated and chaired ten IIS Conference for FAA to share information and train all ISS personnel with the agency
    • PhD in? Electrical Engineering (EE) from North Carolina State University
  • Verisign propose to Restrict .gov Whois Inquires
    • It is about time to block this data from public access
    • Data could be used by cyberterrorists
    • .edu and .org may be next
    • Not blocked yet (Check .Gov Whois Database Now)
  • Linux Peer-to-Peer Worm Slapper Still Strong but Dying
    • Exploits Buffer Overflow in SSL
    • Grew to over 6,700 servers infected
    • Growth is finally leveling off
    • Never reached Code Red or Nimda levels (400,000 and 86,000 respectively)
    • Once infected, a computer can be ordered to attack a target in one of four different ways
      • send out a deluge of data
      • force the target to execute a command
      • redirect certain requests to another computer
      • send back e-mail addresses or info about known infected servers
  • Slapper Author has been arrested
    • Slapper emailed the addresses of infected machines to a computer in the Ukraine
    • Location of Ukrainian computer could be traced
    • A 21-year-old male arrested by the authorities
  • Microsoft PPTP VPN software has security hole
    • Point-to-point tunneling protocol (PPTP) packets can overwrite kernel memory.
    • Machine can be used for DDOS
    • Microsoft working on patch after being informed by Phion Information Technologies, a German security firm.
  • Nigeria 419 Fraud Strikes Again ? Big Time
    • A bookkeeper for Michigan law has been taken for $2.1m
    • Borrowed the money from the law firm
    • Not discovered until a $35K check bounced
    • How did it work
      • The 59-year-old woman received a fax from one Dr. Mbuso Nelson of the Ministry of Mining in Pretoria, South Africa, asking for help in getting a $18m transferred to the US.
      • The victim set up a bank account, only to be told that certain expenses had to be met.? The woman wired huge sums to accounts in South Africa and Taiwan.
      • The promised $4.5m commission never arrived.
  • CyberCrime DOJ Inititive (Cybercrime.gov)
    • Sponsoring Agency: Computer Crime and Intellectual Property Section (CCIPS) of? the Criminal Division of the Department of Justice
    • Of the last six ?crimes reported four were perpetrated by insiders, one by a Russian hacker, one by a US hacker.
    • Site includes Internet crime reporting procedures
  • USC Students: No Sharing Files
    • USC student threatened with a year without computers if they are busted swapping movies or music online.
  • Rebel Offers Drive-By Wi-Fi
    • Email from Peirre Eicher
    • Michael Oh?s Car is a 300 foot diameter hot spot
    • Connect to wireless T-1 it offeres free Wi-Fi access
    • In the future is could use 3G phone technology to T-1 rate
    • Likes to drive by Starbucks caf? to grab wireless customers
    • Operates in Boston. You can download plans for car from his site:
  • Roomba Floor Vac Robot
    • Can do three rooms on one charge
    • IR guidance system
    • Avoids furniture, pets, children
    • Cost: $199.00
    • Available from Sharper Image
  • Avoiding Spam
  • IT Security Spending Defies Recession
    • According to IDC, IT security spending to be currently worth $6bn
    • Spending set to double over the next five years
    • No increases in IT security spending from the US gov?t until at least 2004
  • SANS Network Security Conference
    • Website: www.sans.org
    • October 18 through 25, 2002, Washington, DC
    • October 12th Guest: Alan Paller, Director of Research for SANS Institute
  • Belark Advisor ? for PC Audits
  • Seagate- Western Digital-Maxtor cut HD warranties
    • Email from Chip Dodge, Capital PC User Group
    • Maxtor from 3 to 1 year
    • Seagate from 3 to 1 year
    • Western Digital 3 to 1 year
  • Stratford News
    • Security Initiative
      • Security Management: CISSP
      • Security Implementation: Cisco and SANS Training Tools
      • Secure Wireless Networks
      • Certified Information Systems Security Professional (CISSP) was designed to recognize mastery of an international standard for information security and understanding of a Common Body of Knowledge (CBK)
    • Masters Degrees
      • Telecommunication Systems
      • Enterprise Business Management
    • Associate Degrees
      • Network Management and Security
      • Database Drive Web Design for E-Business
    • Next Start October 15th
      • Open House at Stratford: October 26th
      • Tech Talk will be live from the School
      • Security, Web Design, e-Business Tutorials