Re: Nmap presentation at SANS Network Security 99

[John S Flowers <jflowers () hiverworld com>]

Additionally, for those of you attending SANS, I'll be speaking on
Thursday morning [9am] and talking about the limitations in Firewall
technologies and intrusion detection systems.  

I'll also have a lot of good things to say about nmap and how it helped
us gain access to a customer network that also happened to be a major
firewall vendor.

P.S. Sorry for the plug, but it's more about nmap than it is about us.

-- 
John S Flowers                   <jflowers () hiverworld com>
Chief Technology Officer         http://www.hiverworld.com
Hiverworld, Inc.               Enterprise Network Security
Network Forensics, Intrusion Detection and Risk Assessment

Fyodor wrote:
> Those of you who are pretty new to Nmap and who are attending SANS Network
> Security 99 may wish to check out this tutorial by John Green of the Navy
> Surface Warfare Center on Friday morning (thanks to Greg Shipley for
> notifying me of this).
>
> http://www.sans.org/ns99/friday.htm#fri-am-7
> Using NMAP to Map Your Network and Test for Vulnerabilities
> John Green, NSWC
> Friday, October 8, 1999, 9:00 a.m. - 12:15 p.m
>
> Nmap is gaining adherents among people who want to map their networks
> and look for vulnerabilities - without acquiring commercial
> software. In this course, you'll learn how to get the software, load
> it on your system, and use it, step-by-step.  Topics Include:
>
> Introduction
>
> * What is a vulnerability assessment
> * Why are vulnerability assessments important
> * Survey of vulnerability assessment tools
>
> Getting Started With Nmap
>
> * What is Nlog
> * Downloading and installing Nmap and Nlog
> * Understanding Nmap features and options
>
> Mapping Your Network
>
> * Pre-mapping tasks
> * What the hackers want to know
> * Network mapping from outside your firewall
> * Network mapping from inside your firewall
>
> Analyzing The Results
>
> * Organizing the mapping results
> * Understanding the map
> * Indentifying vulnerabilities
>
> Follow-on Activities
>
> * Prioritizing vulnerability fixes
> * Validating fixes
> * Benefits of periodic network mapping
>
> Cheers,
> Fyodor
>
> --
> Fyodor                            'finger pgp () pgp insecure org | pgp -fka'
> Like medieval peasants, computer manufacturers and millions of users are
> locked in a seemingly eternal lease with their evil landlord, who comes
> around every two years to collect billions of dollars of taxes in return
> for mediocre services. --Mark Harris, Electronics Times