Security Session - Abstracts
Title:
Security Policy &
Best Practice Guidelines
G.C. SODHY, CS-USM
Security has become a very important issue, especially with the advent of
networks, Internet and the need to share information. There are basically two
issues to contend with. One is the need to make information available to as many
people as possible. On the other hand, information falling into the wrong hands
and misused may bring undesirable consequences. Hence the need for control of
information and resources.
One way of controlling information in an organization is via adopting a security
policy. To use a security policy, it must be well planned, explained to all
those affected, implemented properly and reviewed from time to time. In this
presentation, we will discuss some of the general guidelines that can be used to
plan and design a security policy. Among other aspects, we will touch on policy
framework, levels of trust, types of participants, user perceptions, levels of
control, user acceptance, remote access, information protection, virus
protection and password control.
Title: CSIRT cooperation in
Jan
Meijer, SURFnet/TF-CSIRT
The TF-CSIRT Task Force is established under the auspices of the TERENA
Technical Programme to promote the collaboration between Computer
Security Incident Response Teams (CSIRTs) in Europe. The aim of the
Task Force is:
* to provide a forum for exchanging experiences and knowledge
* to establish pilot services for the European CSIRTs community
* to promote common standards and procedures for responding to
security incidents
* to assist the establishment of new CSIRTs and the training of
CSIRTs staff.
The activities of TF-CSIRT are focused on Europe and neighbouring
countries, in compliance with the Terms of Reference approved by the
TERENA Technical Committee on the 3rd of June 2002.
The presentation will give an overview of the history of the TF-CSIRT,
past activities and results, current work in progress and planned work.
About most of the activities an shor summary will be given, the
Trusted Introducer service however will be handled in more detail.
http://www.terena.nl/task-forces/tf-csirt/
Title: Honeynet Introduction
Tang Chin Hooi, APAN Secretariat
The Honeynet Project (http://www.honeynet.org) is volunteer, non-profit research organization dedicated to
learning the tools, tactics, and motives of the blackhat community and sharing
the lessons learned.
The primary tool used to gather this information is the Honeynet.
The main objective of this presentation is to
discuss what a Honeynet is, its value,
an overview of how it works, and the risks/issues involved.
Title: DDoS
detection and response
Yoonjoo Kwon, KISTI
These days, DDoS attacks are being appeared continuously. In February 2000, many
world’s largest e-commerce sites, such as Yahoo, Amazon and so on, were brought
offline for several days by DDoS attacks. On January 25, 2003, a DDoS attack,
due to vulnerabilities of MS-SQL, stopped the national backbone network and
resulted in a network crisis in Korea.
In KREONET(Korea Research Environment Open NETwork), we have monitored amount of
network traffic using flowscan and flowscan+ since 2001. We have frequently
detected DDoS attack. So far once we detected DDoS attack, we did reaction by
manual configuration of routers. But it was so slow that we couldn’t prevent
propagation of DDoS attack. So we developed automatic DDoS detection and defense
system, NetWRAP(NetWork Resource Abuse Preventive)..
In this presentation, I will talk to you about introducing NetWRAP system.
Security BoF - Abstracts