ASIS Tidewater
DHS Threat Level Warning
Region XV Website
Thursday Aug 08/28/08

Minutes of the April 16, 2008 ASIS-Tidewater Meeting

Golden Palace Restaurant

Hampton Virginia

11:35 a.m.        Meeting was called to order by Chapter Chair, Joel Johnson.

                        Pledge of Allegiance

                        Attendee introductions

                        Members – 23

                        Guest – 1

 

Joel led a discussion about the various security disciplines represented in our membership.

 

Industry Information Exchange

  • Blueforce just won a contract for court reform for Iraq and is recruiting court personnel.
  • A recent article related that convergence is leading toward more of a focus on IT Security professionals for CSO positions.
  • Today is the anniversary of the Va. Tech massacre.
  • Col. Keith Blow, CPP was selected to join the CPP exam review/update panel.

 

Lt. Col. Packer recently received his CPP designation.

 

The May meeting will be at Christopher Newport University and the speaker will be CNU PD Chief Brown.

 

The June meeting will be at the Golden Palace with a speaker from the US Postal Inspectors.

 

The July meeting will be shared with InfraGard.  We will draw for Convention packages.

 

Membership co-chair, Donald Green, briefed attendees on the 2008 Reach Out! Campaign.

 

11:55 a.m.        Broke for the meal

 

12:10 p.m.        Joel introduced the speaker, Ed Rietscha, of Ft. Monroe TRADOC.  Ed spoke about:

  • Penetration Testing/Hacking
    • Using hacker tools to exploit vulnerabilities
  • Exploiting or “breaking in” using vulnerabilities
  • Pay loading – putting information into a system through vulnerabilities
  • Hacking trends
    • Multi billion dollar industry
    • Chinese government is heavily involved in hacking
    • Terrorists are using hacking to fund operations
    • The trends are away from worms and more to Trojans
      • Worms are direct attacks
      • Trojans are backdoor entrances
  • Availability of information and tools
    • Info and tools are very easy to find
    • Attack tools are more powerful, easier to get and more ported to Windows
    • Anyone can download exploits from Packet Storm or other sites
    • PT’s use it to test their own vulnerabilities and defenses
  • SANS Internet Storm Center tracks current hackings
  • Ed demonstrated the ease of finding information and tools using:
    • MetaSploit
    • Wireshark
    • Nessus
    • Netstat_na
    • SNORT IDS
    • Google Hacking Data Base (GHDB)
    • Microsoft Virtual PC
  • Ed discussed defenses
    • For the home computer, apply Microsoft patches that are released the 2nd Tuesday of each month
    • Regularly update applications at psi.secunia.com
    • Use a firewall such as XP version SP2 or later, or Black Ice Defender
  • After a Q&A session, the meeting was adjourned.

 

 

 

           

 

04/16/2008






Hit Counter 0
Premier Website Sponsor:

actcom


Privacy - Copyright