Security Basics mailing list archives
RE: NASA Security Audit
From: "Byron Copeland" <nodialtone () comcast net>
Date: Wed, 8 Oct 2003 22:29:31 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The "Diceman"? Yeah funny guy :) Really don't know Jay Diceman, but the NSA has a pretty squared away assessment team. Worked with them in the past.
-----Original Message----- From: Gregory M. Brown [mailto:gbrown () alvalearning com] Sent: Wednesday, October 08, 2003 12:49 PM To: SECURITY-BASICS () SECURITYFOCUS COM Subject: NASA Security Audit Well it looks as though I am finally going to be tested by the Feds. According to my CTO, a guy named Jay Diceman will be the point man. Anyone ever hear of him? I hear he is a well known security expert (ex-hacker?)for the federal government. I have downloaded the Evaluated Security Configuration document created for Microsoft by Science Applications International Corporation. There are actually 2 of these. I think those .pdf's cover the Microsoft component. I don't even want him to get as far as any MS box.
Probably already in them. I am fairly new to security (2years)
and my final exam is going to be a "Black Box" test and a "Crystal" test from some heinously gifted hacker from NASA... 1. What exactly will these 2 forms of intrusion concentrate on? 2. Is my hardware up to the task? I currently have a Fortigate Fortinet 50 configured for intrusion detection and prevention. I am currently blocking 1300+ known attacks. My FW is a CheckPoint Celestix with a physical DMZ path. The only questionable services allowed through are FTP (requirement) and Terminal Services (requirement). 3. What can I expect? Any input is GREATLY appreciated.
Expect a good assessment and concise reporting when its all done. Byron Copeland, IAM -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBP4TICmHZJr/4PEW4EQJQNACfeXXPEfxkjwhVYr89lprs2on9eJAAoLvM vxxlzxlgVYFulcIAE2XrX/yc =GcYw -----END PGP SIGNATURE----- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- NASA Security Audit Gregory M. Brown (Oct 08)
- Re: NASA Security Audit Roger A. Grimes (Oct 09)
- PIX introduction Daniel Cid (Oct 09)
- RE: NASA Security Audit Byron Copeland (Oct 09)
- Re: NASA Security Audit Eric (Oct 09)
- Re: NASA Security Audit Steve (Oct 09)
- Re: NASA Security Audit Marcos E. Rodriguez (Oct 10)
- <Possible follow-ups>
- Re: NASA Security Audit KoRe MeLtDoWn (Oct 09)
- Re: NASA Security Audit Anders Reed-Mohn (Oct 10)
- RE: NASA Security Audit Simons, Rick (Oct 09)
- RE: NASA Security Audit Raymer, Dan (Oct 09)
- RE: NASA Security Audit Johnson, Kevin (Oct 09)
- RE: NASA Security Audit Mike (Oct 10)
- Re: NASA Security Audit Cl Clay (Oct 09)
(Thread continues...)
- Re: NASA Security Audit Roger A. Grimes (Oct 09)