info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
NYC local event: Unigroup's 19-SEP-2019 Meeting: Tentatively: Computer Security+Investigations using Open Source Security Tools with Computer Security Industry Trends Update
1 view
Skip to first unread message
je...@panix.com
Sep 11, 2019, 12:39:50 PM9/11/19
to
======================================================================
UNIGROUP OF NEW YORK - UNIX USERS GROUP - SEPTEMBER 2019 ANNOUNCEMENTS
======================================================================
Unigroup is pleased to announce our September and October 2019 meetings:
-------------------------------------------------------------------
1. Unigroup's 19-SEP-2019 Meeting: Tentatively:
Computer Security+Investigations using Open Source Security Tools
with Computer Security Industry Trends Update
-------------------------------------------------------------------
Unigroup is finalizing the meeting topic for our September 2019
meeting and the full meeting announcement will be sent out soon.
Unigroup's September 2019 speaker will be BTBSecurity, and the
meeting topic should wind up something like:
Computer Security+Investigations using Open Source Security Tools
along with a Computer Security Industry Trends Update.
This meeting will take place on our regular Third-Thursday evening
date/time: 19-SEP-2019 6:30-9:30pm, at our normal meeting
location: The Cooper Union - School of Engineering, in NYC's
East Village (3rd Ave & 7th Street).
Please stay tuned, and save the date, if you are planning
to attend.
------------------------------------------------------------------
2. Unigroup's 17-OCT-2019 Meeting: Tentatively:
SDN/SDP - Software Defined Networking/Software Defined Perimeter
with Datacenter Networking/Security Industry Trends Update
------------------------------------------------------------------
Unigroup's October 2019 meeting will be on SDP - Software Defined
Perimeter along with a Datacenter Security+Networking Trends
Update. Our speaker is Cyxtera, who runs datacenters, and has
been promoting a standards-based SDP implementation.
Stay tuned for the full October 2019 meeting announcement.
Looking forward to seeing you at Unigroup's next meeting...
-Rob Weiner
Unigroup Executive Director
unilist (-a_t-) unigroup.org
http://www.unigroup.org
UNIGROUP OF NEW YORK - UNIX USERS GROUP - SEPTEMBER 2019 ANNOUNCEMENTS
======================================================================
Unigroup is pleased to announce our September and October 2019 meetings:
-------------------------------------------------------------------
1. Unigroup's 19-SEP-2019 Meeting: Tentatively:
Computer Security+Investigations using Open Source Security Tools
with Computer Security Industry Trends Update
-------------------------------------------------------------------
Unigroup is finalizing the meeting topic for our September 2019
meeting and the full meeting announcement will be sent out soon.
Unigroup's September 2019 speaker will be BTBSecurity, and the
meeting topic should wind up something like:
Computer Security+Investigations using Open Source Security Tools
along with a Computer Security Industry Trends Update.
This meeting will take place on our regular Third-Thursday evening
date/time: 19-SEP-2019 6:30-9:30pm, at our normal meeting
location: The Cooper Union - School of Engineering, in NYC's
East Village (3rd Ave & 7th Street).
Please stay tuned, and save the date, if you are planning
to attend.
------------------------------------------------------------------
2. Unigroup's 17-OCT-2019 Meeting: Tentatively:
SDN/SDP - Software Defined Networking/Software Defined Perimeter
with Datacenter Networking/Security Industry Trends Update
------------------------------------------------------------------
Unigroup's October 2019 meeting will be on SDP - Software Defined
Perimeter along with a Datacenter Security+Networking Trends
Update. Our speaker is Cyxtera, who runs datacenters, and has
been promoting a standards-based SDP implementation.
Stay tuned for the full October 2019 meeting announcement.
Looking forward to seeing you at Unigroup's next meeting...
-Rob Weiner
Unigroup Executive Director
unilist (-a_t-) unigroup.org
http://www.unigroup.org
je...@panix.com
Sep 19, 2019, 12:09:47 AM9/19/19
to
Unigroup is happening TODAY (Thursday evening)
Please RSVP, if you have not already done so and are planning to attend...
Updated outline...
======================================================================
UNIGROUP OF NEW YORK - UNIX USERS GROUP - SEPTEMBER 2019 ANNOUNCEMENTS
======================================================================
-----------------------------------------
1. UNIGROUP'S SEPTEMBER 2019 GENERAL MEETING
-----------------------------------------
---------------------------------------------------
Topic: Open Source Computer Security: Offense and Defense,
Matt Wilson - CISSP, Chief Information Security Advisor,
Matt Barnett - CISSP, GCFA, Managing Consultant,
BTB Security <www.btbsecurity.com>
When: Thursday, September 19th, 2019 (** Regular 3rd Thursday **)
Where: The Cooper Union <http://www.cooper.edu>
School of Engineering
41 Cooper Square (3rd Ave @ 7th St, bet. 6th & 7th Sts)
East Village, Manhattan
New York City
Meeting Room: LL_101 (** New Building: Lower Level **)
Time: 6:15 PM - 6:30 PM Registration
6:30 PM - 6:45 PM Ask the Wizard, Questions,
Answers and Current Events
6:45 PM - 7:00 PM Unigroup Business and Announcements
7:00 PM - 9:30 PM Main Presentation
Cost: See the Meeting+Membership Fee Schedule Below.
INTRODUCTION:
-------------
Unigroup's September 2019 meeting will be on Computer Security
using Open Source Tools. Our speakers are computer security
professionals from BTB Security, who will be covering Open Source
Tools useful for building an Arsenal for both Offensive and
Defensive security tasks. We also hope to hear their insights
regarding current computer security threats, trends and
investigations.
Unigroup's October 2019 meeting will be on SDP - Software Defined
Perimeter along with a Datacenter Security+Networking Trends
Update. Our speaker is Cyxtera, who runs datacenters, and has
been promoting a standards-based SDP implementation.
Stay tuned for the full October 2019 meeting announcement.
Unigroup has a couple handfuls of speakers lined up for our
upcoming meetings, and we are working on locking down
topics/speakers to meeting dates (see the updated Upcoming
Meetings section below).
Unigroup's Meeting Calendar:
19-SEP-2019: Open Source Security (BTB Security)
17-OCT-2019: SDN/SDP - Software Defined Networking/Perimeter (Cyxtera)
21-NOV-2019: To-be-announced.
-------------------------------------------------------------------
SPECIAL INSTRUCTIONS:
---------------------
Most Unigroup meetings are open to the public!
To REGISTER for this event, please RSVP by using the Unigroup
Registration Page:
http://www.unigroup.org/unigroup-rsvp.html
This will allow us to automate the registration process.
(Registration will also add you to our mailing list.)
Please avoid Emailed RSVPs.
Please continue to check the Unigroup web site and meeting page,
for any last minute updates concerning this meeting. If you
registered for this meeting, please check your Email for any last
minute announcements as the meeting approaches. Also make sure
any anti-spam white-lists are updated to _ALLOW_ Unigroup traffic!
If you block Unigroup Emails, your address will be dropped from
our mailing list.
Also, if you have an interest in Unigroup, be sure to receive
Unigroup information DIRECTLY from Unigroup, via direct receipt
of our Emails and by visiting the Unigroup Web Site. NO OTHER
SOURCE provides timely, accurate and complete Unigroup information.
Please RSVP as soon as possible, preferably at least 2-3 days
prior to the meeting date, so we can plan the food order.
RSVP deadline is usually the night before the meeting day.
Note: RSVP is requested for this location to make sure the guard
will let you into the building. RSVP also helps us to
properly plan the meeting (food, drinks, handouts,
seating, etc.) and speed up your sign-in at the meeting.
If you forget to RSVP prior to the meeting day, you may
still be able to show up and attend our meeting, however,
we cannot guarantee what building security will do if
you are "not on the list" (note: things tend to work out OK).
-------------------------------------------------------------------
MAIN PRESENTATION
-----------------
Topic: Open Source Computer Security: Offense and Defense
Related Topics/Keywords
-----------------------
Computer Security, Computer Security Investigations,
Computer Security Vulnerabilities, Computer Security Trends,
Open Source Security Tools, Nmap, Metasploit, Burp, Hashcat,
netcat, ettercap, arpspoof, Fail2Ban, ELK, IPTables, auditd,
Beats, Tripwire, nmap, netfilter, MFA, Cryptography, FIM.
Introduction & Description of Talk
----------------------------------
Open Source Security and Tools for Offense and Defense...
Offensive Tool Arsenal:
Nmap, Metasploit, Burp, Hashcat, netcat, ettercap, arpspoof, etc.
Defensive Tool Arsenal:
Fail2Ban, ELK, IPTables, auditd, Beats, Tripwire, etc.
The Absolute Basics:
grep, awk, BASH, Python, Sockets, Regex.
Presentation Outline
--------------------
Offensive Tools:
- Hacking Tools
- Metasploit Framework
- Burp
- Netcat / ncat
- ettercap / bettercap
- Password Basics
- Hashing Review
- Intro to using crypto libraries
- Writing our own cracker
- Using hashcat
- Nmap
- Basics
- Advanced use using scripts
- Demo
- Privilege escalation
- Basic checks
- Scripting it
Defense Tools:
- Netfilters
- What are they
- History of userspace tools
- Practical IPTABLES example
- Bonus feature
- Fail2ban
- What is this tool?
- Why would I use it?
- Practical and interesting examples
- DEMO
- Beats
- What are they?
- Monitoring process and network activity with Auditbeat
- Monitoring host health with Metricbeat
- Auditd
- What is it and why do I care?
- Hold the phone ... we'll combine Beats, Auditd, and FIM in a moment
- File Integrity Monitoring (FIM)
- What is it?
- What is that wire I tripped over?
- Practical example using Auditbeat
- Multifactor Authentication SSH
- Let's just add an additional layer to help the cause
- ELK
- Not the big deer, but what is it?
Special Teams:
- Some of our favorite commands and topics
Overtime:
- Bonus info
References & Web Resources:
---------------------------
To-be-announced.
-------------------------------------------------------------------
Speakers Biography
------------------
Chris McGinley - CISSP, CCE, Managing Partner, BTB Security
Over 25 years in/around IT, with 15 focused on information security.
Master tinkerer and problem solver that's broken into every system
in existence from the 1980s onward, but doesn't get to practice his
craft any more. Still actively building, maintaining, and
architecting networks, systems, and applications. Huge open source
advocate with a penchant for Gentoo Linux and all of its versatility.
Matt Wilson - CISSP, Chief Information Security Advisor, BTB Security
The guy with all of the answers when it comes to information security.
Throughout his career Matt has fostered the development of assessment
methodologies, toolsets, and techniques for the delivery of security
assessments, penetration testing, application assessments, compliance
assessments, security awareness trainings, and policy review and
development. More recently, Matt has been actively engaged in the
continued maturation of BTB's CISO Advisory Practice and RADAR
Managed Detection & Response service.
Matt Barnett - CISSP, GCFA, Managing Consultant, BTB Security
Master social engineer and physical security tester - there may not
be a building/office/secured space that Matt can't get into. Well
rounded, with an extensive background in technical assessments as
well as enterprise architecture and design, Matt offers both tactical
and strategic insight to customers looking to enhance their
information security posture.
-------------------------------------------------------------------
Company Biography
-----------------
Extracted from http://www.btbsecurity.com/who-we-are ...
BTB Security provides Information Security, Digital Forensic,
Compliance, and Integration services to individuals and
organizations across all industries.
Founded in 2006, BTB Security was built with some fundamental
goals in mind: To build a customer base and name within the
professional services industry by telling the truth and
practicing with integrity. To deliver high-quality and high-value
projects for every service we offer. To become a trusted advisor
with every customer, no matter how big or small. To conduct
business in a manner that focuses on ethics, decency, and
service. BTB's founding partners have experience delivering,
managing, and selling consulting services for Big Four, security
specialty, and Value Added Reseller employers. Not only have
the BTB partners acted as consultants, they've managed corporate
information security groups in public and private organizations.
For further information, visit the BTB Security Web Site:
https://www.btbsecurity.com
-------------------------------------------------------------------
Giveaways:
----------
Addison-Wesley Professional/Prentice Hall PTR, and O'Reilly have
been kind enough to provide us with review copies of some of their
books, which we will continue to raffle off as giveaways at our
meetings. The publishers always ask that the persons receiving
the books provide a review and/or feedback about their books.
Unigroup would like to thank both companies for the support
provided by their User Group programs.
As always, all of the books will be available for review at the
start of the meeting.
Note: Our book supply is currently running low, and we need to
restock.
-------------------------------------------------------------------
Fee Schedule:
-------------
Unigroup is a Professional Technical Organization and User Group,
and its members pay a yearly membership fee. For Unigroup members,
there is usually no additional charges (ie. no meeting fees) during
their membership year. Non-members who wish to attend Unigroup
meetings are usually required to pay a "Single Meeting Fee".
Yearly Membership (includes all meetings): $ 50.00
Student Yearly Membership (with current! ID): $ 25.00
Non-Member Single Meeting Fee: $ 20.00
Non-Member Student Single Meeting (with! ID): $ 5.00
* Payment Methods: Cash, Check, American Express.
MasterCard, VISA, Discover (since 2013).
! Students: We are looking for proof that you are
currently enrolled in classes (rather than working
full-time), and as such, your Student ID should show
a CURRENT date. We have been presented Student IDs
containing NO dates whatsoever, and in the
current environment, perpetual/non-expiring access
to university facilities just does not feel right.
If your ID contains no date, please bring
additional proof of current enrollment. Thanks,
NOTE: Simply receiving Unigroup Email Announcements does
NOT indicate membership in Unigroup.
Members: Remember to bring your Unigroup membership card with
you to the meeting, to confirm your yearly renewal date!
-------------------------------------------------------------------
Food:
-----
Complimentary Food and Refreshments will be served.
We expect to have Pizza, soft drinks, and cookies/brownies
at this meeting.
BTB Security will be sponsoring the food service for this meeting.
Thanks BTB Security!
-------------------------------------------------------------------
Directions:
-----------
The Cooper Union <http://www.cooper.edu>
School of Engineering (*** New Building ***)
41 Cooper Square (3rd Avenue @ 7th St, between 6th & 7th Streets)
East Village, Manhattan
New York City, 10003
Meeting Room: ** (See Above, Room Changes Month-to-Month)
Located on the East side of Cooper Square. Look for the
new building with the non-traditional appearance.
Entrance is at the corner of 3rd Avenue and 7 Street.
Building lobby sign-in is required at the guard's desk.
Enter the building, check in with the guard at the lobby for
directions to Unigroup (the room varies from month-to-month).
Nearest mass transit stations are:
'6' to Astor Place (stops right at The Cooper Union),
then walk 1 block East and 1 block South.
'R' to 8th Street, then walk about 2 blocks East
then 1 block South.
'4/5/N/Q' to Union Square, then walk South and East.
or transfer to the downtown '6' to Astor Place.
'B/D/F/V' to Broadway-Lafayette, then walk North and East,
or transfer to the uptown '6' to Astor Place.
Free street parking in the area becomes available at 6pm.
There are also parking lots on Broadway, at (or just south of)
Astor Place (8th Street), across from the West side of
Cooper Square, as well as various others in the area.
-----
Please mark this meeting on your calendar and join us!
Please tell your friends about Unigroup!
----------------------------------------------------------------------------
----------------------------------------------------------------------------
--------------
2. PRIOR MEETINGS
--------------
** Formal Thank You's to our previous speakers will appear
in an upcoming announcement. Unigroup issues a "Thank You"
to all our speakers and sponsors!
Our thanks goes to The Cooper Union School of Engineering,
and its staff, for hosting our meetings.
----------------------------------------------------------------------------
----------------------------------------------------------------------------
----------------------------
3. LOCAL TRADE SHOWS AND EVENTS
----------------------------
To-be-announced.
----------------------------------------------------------------------------
----------------------------------------------------------------------------
-----------------
4. UPCOMING MEETINGS
-----------------
We have a series of meetings in the works:
- 201909: Open Source Security Tools and Current Security Threats
- 201910: SDN/SDP - Software Defined Networking/Perimeter
- 2019??: Multi-Path Redundant Networking/Routing/Switching
- 2019??: IBM AIX Tuning and AIX Update
- 2019??: Linux on ARM
- 2019??: AI+ML using Open Source Tools
- 2020??: The Latest C++ Standards, Part 2, C++20.
- 2020??: Programming for Performance with GPUs.
- Planning: New CPU Architectures, x86 and ARM.
- Planning: The State of the C++ Ecosystem.
- Planning: Popular Linux Distribution Round-Up and Comparison
- Planning: Building a Data Server with ZFS
- Planning: Virtualization: KVM, Xen/XenServer, VirtualBox
- Planning: DNS / Dynamic DNS
- Planning: Fibrechannel and iSCSI Storage
- Planning: IPsec and VPNs (possibly 2 meetings)
- Planning: Cloud and Grid Computing
- Planning: Unix/Linux Authentication
- Planning: NO SPAM!
- Planning: Crypto / PKI / GPG-PGP
- Planning: The latest on *BSD (FreeBSD/NetBSD/OpenBSD)
- Planning: The latest on AIX
- Planning: Security Threats & Anti-Virus
- Unix/Linux/BSD Clusters and Clustered Databases
- Patching and Updating Unix/Linux/BSD (rpm. yum, yast, apt, etc.)
- Building Custom Kernels Unix/Linux/BSD
- Building a Firewall using FreeBSD and Linux
- LAMP Part 2 - PHP/Python
- Unix 40th+ Birthday Celebration
- Samba
- High Performance Internet Servers / Web Acceleration
- Unix Office Tools: Word Processors, Spreadsheets, Accounting Packages.
- GNU Development Environments
- Java and/or JavaScript Programming
- Web Development Frameworks
** Unigroup Needs Speakers!!
Please let us know about any other meeting topics that you may be
interested in. Potential speakers on Unix/Linux/BSD related
technology topics should please contact the Unigroup Board.
----------------------------------------------------------------------------
----------------------------------------------------------------------------
--------------------
5. UNIGROUP INFORMATION
--------------------
Unigroup is one of the oldest and largest Unix User's Groups serving
the Greater New York City Regional Area since the early 1980s.
Unigroup is a not-for-profit, vendor-neutral and member funded
volunteer organization. Unigroup holds regular and special event
meetings throughout the year on technical topics relating to the
Unix/Linux/BSD Operating Systems and User Communities. Unigroup
meetings tend to be focused towards System Administrators, Network
Administrators, and Software Developers.
Unigroup holds regular meetings planned for (at a minimum) the Third
THURSDAY of Odd Months. We generally try to hold Field Trip or
Vendor Specific Meetings on the Even Months, although we do have the
ability to hold monthly meetings at our regular meeting location.
Planned regular meeting dates are (usually 3rd Thursdays):
09/19/2019, 10/17/2019, 11/21/2019, 01/16/2020, 02/20??/2020, ...
Also watch for Special Event meetings and "Field Trips" to the
facilities of local hardware and software vendors.
=========================================================================
= For Unigroup Information, Events and Meeting Announcements be sure to =
= visit our World Wide Web Home Page: =
= http://www.unigroup.org =
=========================================================================
For further information or to get on the Unigroup Electronic Mail Mailing
List send an EMail message to:
unilist (-a_t-) unigroup.org
To contact the Board of Directors of Unigroup, send an EMail message to:
uniboard (-a_t-) unigroup.org
If you have recently attended a meeting and you are not receiving
Email announcements, please send us an Email and we will make
corrections to our lists.
Please Email the Board with any suggestions, especially potential
meeting topics and speakers. Unigroup welcomes contributions and
content suggestions for our newsletter. Unigroup is a volunteer
organization and we need your assistance! Please let us know if you
can help!
----------------------------------------------------------------------------
----------------------------------------------------------------------------
Please RSVP, if you have not already done so and are planning to attend...
Updated outline...
======================================================================
UNIGROUP OF NEW YORK - UNIX USERS GROUP - SEPTEMBER 2019 ANNOUNCEMENTS
======================================================================
1. UNIGROUP'S SEPTEMBER 2019 GENERAL MEETING
-----------------------------------------
---------------------------------------------------
Topic: Open Source Computer Security: Offense and Defense,
with Computer Security Industry Trends Update
---------------------------------------------------
Speakers: Chris McGinley - CISSP, CCE, Managing Partner,
---------------------------------------------------
Matt Wilson - CISSP, Chief Information Security Advisor,
Matt Barnett - CISSP, GCFA, Managing Consultant,
BTB Security <www.btbsecurity.com>
When: Thursday, September 19th, 2019 (** Regular 3rd Thursday **)
Where: The Cooper Union <http://www.cooper.edu>
School of Engineering
41 Cooper Square (3rd Ave @ 7th St, bet. 6th & 7th Sts)
East Village, Manhattan
New York City
Meeting Room: LL_101 (** New Building: Lower Level **)
Time: 6:15 PM - 6:30 PM Registration
6:30 PM - 6:45 PM Ask the Wizard, Questions,
Answers and Current Events
6:45 PM - 7:00 PM Unigroup Business and Announcements
7:00 PM - 9:30 PM Main Presentation
Cost: See the Meeting+Membership Fee Schedule Below.
INTRODUCTION:
-------------
Unigroup's September 2019 meeting will be on Computer Security
using Open Source Tools. Our speakers are computer security
professionals from BTB Security, who will be covering Open Source
Tools useful for building an Arsenal for both Offensive and
Defensive security tasks. We also hope to hear their insights
regarding current computer security threats, trends and
investigations.
Unigroup's October 2019 meeting will be on SDP - Software Defined
Perimeter along with a Datacenter Security+Networking Trends
Update. Our speaker is Cyxtera, who runs datacenters, and has
been promoting a standards-based SDP implementation.
Stay tuned for the full October 2019 meeting announcement.
upcoming meetings, and we are working on locking down
topics/speakers to meeting dates (see the updated Upcoming
Meetings section below).
Unigroup's Meeting Calendar:
19-SEP-2019: Open Source Security (BTB Security)
17-OCT-2019: SDN/SDP - Software Defined Networking/Perimeter (Cyxtera)
21-NOV-2019: To-be-announced.
-------------------------------------------------------------------
SPECIAL INSTRUCTIONS:
---------------------
Most Unigroup meetings are open to the public!
To REGISTER for this event, please RSVP by using the Unigroup
Registration Page:
http://www.unigroup.org/unigroup-rsvp.html
This will allow us to automate the registration process.
(Registration will also add you to our mailing list.)
Please avoid Emailed RSVPs.
Please continue to check the Unigroup web site and meeting page,
for any last minute updates concerning this meeting. If you
registered for this meeting, please check your Email for any last
minute announcements as the meeting approaches. Also make sure
any anti-spam white-lists are updated to _ALLOW_ Unigroup traffic!
If you block Unigroup Emails, your address will be dropped from
our mailing list.
Also, if you have an interest in Unigroup, be sure to receive
Unigroup information DIRECTLY from Unigroup, via direct receipt
of our Emails and by visiting the Unigroup Web Site. NO OTHER
SOURCE provides timely, accurate and complete Unigroup information.
Please RSVP as soon as possible, preferably at least 2-3 days
prior to the meeting date, so we can plan the food order.
RSVP deadline is usually the night before the meeting day.
Note: RSVP is requested for this location to make sure the guard
will let you into the building. RSVP also helps us to
properly plan the meeting (food, drinks, handouts,
seating, etc.) and speed up your sign-in at the meeting.
If you forget to RSVP prior to the meeting day, you may
still be able to show up and attend our meeting, however,
we cannot guarantee what building security will do if
you are "not on the list" (note: things tend to work out OK).
-------------------------------------------------------------------
MAIN PRESENTATION
-----------------
Topic: Open Source Computer Security: Offense and Defense
Related Topics/Keywords
-----------------------
Computer Security, Computer Security Investigations,
Computer Security Vulnerabilities, Computer Security Trends,
Open Source Security Tools, Nmap, Metasploit, Burp, Hashcat,
netcat, ettercap, arpspoof, Fail2Ban, ELK, IPTables, auditd,
Beats, Tripwire, nmap, netfilter, MFA, Cryptography, FIM.
Introduction & Description of Talk
----------------------------------
Open Source Security and Tools for Offense and Defense...
Offensive Tool Arsenal:
Nmap, Metasploit, Burp, Hashcat, netcat, ettercap, arpspoof, etc.
Defensive Tool Arsenal:
Fail2Ban, ELK, IPTables, auditd, Beats, Tripwire, etc.
The Absolute Basics:
grep, awk, BASH, Python, Sockets, Regex.
Presentation Outline
--------------------
Offensive Tools:
- Hacking Tools
- Metasploit Framework
- Burp
- Netcat / ncat
- ettercap / bettercap
- Password Basics
- Hashing Review
- Intro to using crypto libraries
- Writing our own cracker
- Using hashcat
- Nmap
- Basics
- Advanced use using scripts
- Demo
- Privilege escalation
- Basic checks
- Scripting it
Defense Tools:
- Netfilters
- What are they
- History of userspace tools
- Practical IPTABLES example
- Bonus feature
- Fail2ban
- What is this tool?
- Why would I use it?
- Practical and interesting examples
- DEMO
- Beats
- What are they?
- Monitoring process and network activity with Auditbeat
- Monitoring host health with Metricbeat
- Auditd
- What is it and why do I care?
- Hold the phone ... we'll combine Beats, Auditd, and FIM in a moment
- File Integrity Monitoring (FIM)
- What is it?
- What is that wire I tripped over?
- Practical example using Auditbeat
- Multifactor Authentication SSH
- Let's just add an additional layer to help the cause
- ELK
- Not the big deer, but what is it?
Special Teams:
- Some of our favorite commands and topics
Overtime:
- Bonus info
References & Web Resources:
---------------------------
To-be-announced.
-------------------------------------------------------------------
Speakers Biography
------------------
Chris McGinley - CISSP, CCE, Managing Partner, BTB Security
Over 25 years in/around IT, with 15 focused on information security.
Master tinkerer and problem solver that's broken into every system
in existence from the 1980s onward, but doesn't get to practice his
craft any more. Still actively building, maintaining, and
architecting networks, systems, and applications. Huge open source
advocate with a penchant for Gentoo Linux and all of its versatility.
Matt Wilson - CISSP, Chief Information Security Advisor, BTB Security
The guy with all of the answers when it comes to information security.
Throughout his career Matt has fostered the development of assessment
methodologies, toolsets, and techniques for the delivery of security
assessments, penetration testing, application assessments, compliance
assessments, security awareness trainings, and policy review and
development. More recently, Matt has been actively engaged in the
continued maturation of BTB's CISO Advisory Practice and RADAR
Managed Detection & Response service.
Matt Barnett - CISSP, GCFA, Managing Consultant, BTB Security
Master social engineer and physical security tester - there may not
be a building/office/secured space that Matt can't get into. Well
rounded, with an extensive background in technical assessments as
well as enterprise architecture and design, Matt offers both tactical
and strategic insight to customers looking to enhance their
information security posture.
-------------------------------------------------------------------
Company Biography
-----------------
Extracted from http://www.btbsecurity.com/who-we-are ...
BTB Security provides Information Security, Digital Forensic,
Compliance, and Integration services to individuals and
organizations across all industries.
Founded in 2006, BTB Security was built with some fundamental
goals in mind: To build a customer base and name within the
professional services industry by telling the truth and
practicing with integrity. To deliver high-quality and high-value
projects for every service we offer. To become a trusted advisor
with every customer, no matter how big or small. To conduct
business in a manner that focuses on ethics, decency, and
service. BTB's founding partners have experience delivering,
managing, and selling consulting services for Big Four, security
specialty, and Value Added Reseller employers. Not only have
the BTB partners acted as consultants, they've managed corporate
information security groups in public and private organizations.
For further information, visit the BTB Security Web Site:
https://www.btbsecurity.com
-------------------------------------------------------------------
Giveaways:
----------
Addison-Wesley Professional/Prentice Hall PTR, and O'Reilly have
been kind enough to provide us with review copies of some of their
books, which we will continue to raffle off as giveaways at our
meetings. The publishers always ask that the persons receiving
the books provide a review and/or feedback about their books.
Unigroup would like to thank both companies for the support
provided by their User Group programs.
As always, all of the books will be available for review at the
start of the meeting.
Note: Our book supply is currently running low, and we need to
restock.
-------------------------------------------------------------------
Fee Schedule:
-------------
Unigroup is a Professional Technical Organization and User Group,
and its members pay a yearly membership fee. For Unigroup members,
there is usually no additional charges (ie. no meeting fees) during
their membership year. Non-members who wish to attend Unigroup
meetings are usually required to pay a "Single Meeting Fee".
Yearly Membership (includes all meetings): $ 50.00
Student Yearly Membership (with current! ID): $ 25.00
Non-Member Single Meeting Fee: $ 20.00
Non-Member Student Single Meeting (with! ID): $ 5.00
* Payment Methods: Cash, Check, American Express.
MasterCard, VISA, Discover (since 2013).
! Students: We are looking for proof that you are
currently enrolled in classes (rather than working
full-time), and as such, your Student ID should show
a CURRENT date. We have been presented Student IDs
containing NO dates whatsoever, and in the
current environment, perpetual/non-expiring access
to university facilities just does not feel right.
If your ID contains no date, please bring
additional proof of current enrollment. Thanks,
NOTE: Simply receiving Unigroup Email Announcements does
NOT indicate membership in Unigroup.
Members: Remember to bring your Unigroup membership card with
you to the meeting, to confirm your yearly renewal date!
-------------------------------------------------------------------
Food:
-----
Complimentary Food and Refreshments will be served.
We expect to have Pizza, soft drinks, and cookies/brownies
at this meeting.
BTB Security will be sponsoring the food service for this meeting.
Thanks BTB Security!
-------------------------------------------------------------------
Directions:
-----------
The Cooper Union <http://www.cooper.edu>
School of Engineering (*** New Building ***)
41 Cooper Square (3rd Avenue @ 7th St, between 6th & 7th Streets)
East Village, Manhattan
New York City, 10003
Meeting Room: ** (See Above, Room Changes Month-to-Month)
Located on the East side of Cooper Square. Look for the
new building with the non-traditional appearance.
Entrance is at the corner of 3rd Avenue and 7 Street.
Building lobby sign-in is required at the guard's desk.
Enter the building, check in with the guard at the lobby for
directions to Unigroup (the room varies from month-to-month).
Nearest mass transit stations are:
'6' to Astor Place (stops right at The Cooper Union),
then walk 1 block East and 1 block South.
'R' to 8th Street, then walk about 2 blocks East
then 1 block South.
'4/5/N/Q' to Union Square, then walk South and East.
or transfer to the downtown '6' to Astor Place.
'B/D/F/V' to Broadway-Lafayette, then walk North and East,
or transfer to the uptown '6' to Astor Place.
Free street parking in the area becomes available at 6pm.
There are also parking lots on Broadway, at (or just south of)
Astor Place (8th Street), across from the West side of
Cooper Square, as well as various others in the area.
-----
Please mark this meeting on your calendar and join us!
Please tell your friends about Unigroup!
----------------------------------------------------------------------------
----------------------------------------------------------------------------
--------------
2. PRIOR MEETINGS
--------------
** Formal Thank You's to our previous speakers will appear
in an upcoming announcement. Unigroup issues a "Thank You"
to all our speakers and sponsors!
Our thanks goes to The Cooper Union School of Engineering,
and its staff, for hosting our meetings.
----------------------------------------------------------------------------
----------------------------------------------------------------------------
----------------------------
3. LOCAL TRADE SHOWS AND EVENTS
----------------------------
To-be-announced.
----------------------------------------------------------------------------
----------------------------------------------------------------------------
-----------------
4. UPCOMING MEETINGS
-----------------
We have a series of meetings in the works:
- 201909: Open Source Security Tools and Current Security Threats
- 201910: SDN/SDP - Software Defined Networking/Perimeter
- 2019??: Multi-Path Redundant Networking/Routing/Switching
- 2019??: IBM AIX Tuning and AIX Update
- 2019??: Linux on ARM
- 2019??: AI+ML using Open Source Tools
- 2020??: The Latest C++ Standards, Part 2, C++20.
- 2020??: Programming for Performance with GPUs.
- Planning: New CPU Architectures, x86 and ARM.
- Planning: The State of the C++ Ecosystem.
- Planning: Popular Linux Distribution Round-Up and Comparison
- Planning: Building a Data Server with ZFS
- Planning: Virtualization: KVM, Xen/XenServer, VirtualBox
- Planning: DNS / Dynamic DNS
- Planning: Fibrechannel and iSCSI Storage
- Planning: IPsec and VPNs (possibly 2 meetings)
- Planning: Cloud and Grid Computing
- Planning: Unix/Linux Authentication
- Planning: NO SPAM!
- Planning: Crypto / PKI / GPG-PGP
- Planning: The latest on *BSD (FreeBSD/NetBSD/OpenBSD)
- Planning: The latest on AIX
- Planning: Security Threats & Anti-Virus
- Unix/Linux/BSD Clusters and Clustered Databases
- Patching and Updating Unix/Linux/BSD (rpm. yum, yast, apt, etc.)
- Building Custom Kernels Unix/Linux/BSD
- Building a Firewall using FreeBSD and Linux
- LAMP Part 2 - PHP/Python
- Unix 40th+ Birthday Celebration
- Samba
- High Performance Internet Servers / Web Acceleration
- Unix Office Tools: Word Processors, Spreadsheets, Accounting Packages.
- GNU Development Environments
- Java and/or JavaScript Programming
- Web Development Frameworks
** Unigroup Needs Speakers!!
Please let us know about any other meeting topics that you may be
interested in. Potential speakers on Unix/Linux/BSD related
technology topics should please contact the Unigroup Board.
----------------------------------------------------------------------------
----------------------------------------------------------------------------
--------------------
5. UNIGROUP INFORMATION
--------------------
Unigroup is one of the oldest and largest Unix User's Groups serving
the Greater New York City Regional Area since the early 1980s.
Unigroup is a not-for-profit, vendor-neutral and member funded
volunteer organization. Unigroup holds regular and special event
meetings throughout the year on technical topics relating to the
Unix/Linux/BSD Operating Systems and User Communities. Unigroup
meetings tend to be focused towards System Administrators, Network
Administrators, and Software Developers.
Unigroup holds regular meetings planned for (at a minimum) the Third
THURSDAY of Odd Months. We generally try to hold Field Trip or
Vendor Specific Meetings on the Even Months, although we do have the
ability to hold monthly meetings at our regular meeting location.
Planned regular meeting dates are (usually 3rd Thursdays):
09/19/2019, 10/17/2019, 11/21/2019, 01/16/2020, 02/20??/2020, ...
Also watch for Special Event meetings and "Field Trips" to the
facilities of local hardware and software vendors.
=========================================================================
= For Unigroup Information, Events and Meeting Announcements be sure to =
= visit our World Wide Web Home Page: =
= http://www.unigroup.org =
=========================================================================
For further information or to get on the Unigroup Electronic Mail Mailing
List send an EMail message to:
unilist (-a_t-) unigroup.org
To contact the Board of Directors of Unigroup, send an EMail message to:
uniboard (-a_t-) unigroup.org
If you have recently attended a meeting and you are not receiving
Email announcements, please send us an Email and we will make
corrections to our lists.
Please Email the Board with any suggestions, especially potential
meeting topics and speakers. Unigroup welcomes contributions and
content suggestions for our newsletter. Unigroup is a volunteer
organization and we need your assistance! Please let us know if you
can help!
----------------------------------------------------------------------------
----------------------------------------------------------------------------
0 new messages