Security Session - Abstracts
Title: Security Policy & Best Practice Guidelines
G.C. SODHY, CS-USM
Security has become a very important issue, especially with the advent of networks, Internet and the need to share information. There are basically two issues to contend with. One is the need to make information available to as many people as possible. On the other hand, information falling into the wrong hands and misused may bring undesirable consequences. Hence the need for control of information and resources.
One way of controlling information in an organization is via adopting a security policy. To use a security policy, it must be well planned, explained to all those affected, implemented properly and reviewed from time to time. In this presentation, we will discuss some of the general guidelines that can be used to plan and design a security policy. Among other aspects, we will touch on policy framework, levels of trust, types of participants, user perceptions, levels of control, user acceptance, remote access, information protection, virus protection and password control.
Title: CSIRT cooperation in
Jan Meijer, SURFnet/TF-CSIRT
The TF-CSIRT Task Force is established under the auspices of the TERENA
Technical Programme to promote the collaboration between Computer
Security Incident Response Teams (CSIRTs) in Europe. The aim of the
Task Force is:
* to provide a forum for exchanging experiences and knowledge
* to establish pilot services for the European CSIRTs community
* to promote common standards and procedures for responding to
* to assist the establishment of new CSIRTs and the training of
The activities of TF-CSIRT are focused on Europe and neighbouring
countries, in compliance with the Terms of Reference approved by the
TERENA Technical Committee on the 3rd of June 2002.
The presentation will give an overview of the history of the TF-CSIRT,
past activities and results, current work in progress and planned work.
About most of the activities an shor summary will be given, the
Trusted Introducer service however will be handled in more detail.
Title: Honeynet Introduction
Tang Chin Hooi, APAN Secretariat
The Honeynet Project (http://www.honeynet.org) is volunteer, non-profit research organization dedicated to
learning the tools, tactics, and motives of the blackhat community and sharing the lessons learned.
The primary tool used to gather this information is the Honeynet. The main objective of this presentation is to
discuss what a Honeynet is, its value, an overview of how it works, and the risks/issues involved.
Title: DDoS detection and response
Yoonjoo Kwon, KISTI
These days, DDoS attacks are being appeared continuously. In February 2000, many world’s largest e-commerce sites, such as Yahoo, Amazon and so on, were brought offline for several days by DDoS attacks. On January 25, 2003, a DDoS attack, due to vulnerabilities of MS-SQL, stopped the national backbone network and resulted in a network crisis in Korea.
In KREONET(Korea Research Environment Open NETwork), we have monitored amount of network traffic using flowscan and flowscan+ since 2001. We have frequently detected DDoS attack. So far once we detected DDoS attack, we did reaction by manual configuration of routers. But it was so slow that we couldn’t prevent propagation of DDoS attack. So we developed automatic DDoS detection and defense system, NetWRAP(NetWork Resource Abuse Preventive)..
In this presentation, I will talk to you about introducing NetWRAP system.
Security BoF - Abstracts