ORC Owl Logo 2  

Owl River Company

 
  Your IP is: 54.224.13.210

Content for Herrold presentation 'Hardening Linux', to be delivered at the first (annual?) Central Ohio ISSA November "Super-Training", Nov. 7-12, 2005.

About the event:
We will work in Symposium seminar fashion, working through the Hardening process, developing a Plan from Requirements, and work our way down through Design, Provisioning, Verification, Testing, Operational concerns, Event Response, and Recovery.
 Hear the description  
 Hear the description 
    The session will be limited to 12 participants, based on physical constraints at the facility, and will be hands on. A successful participant will have used and be comfortable with a Unix-like operating system, and have at least a basic understanding of IP networking. Additionally due to its small size, we anticipate there will be give and take from each participant present.
    We will be working on a CentOS 4 base, with tools from the Owl River package archive, particularly including ettercap. Each is freely available and under a non-restricting license; a participant who wishes to benefit the most will have done and installation of the distribution, and considered how they would harden it. Participants may bring additional test laptops or test desk units, as we will be quite 'hands on'.
    We ask that participants send a pre-event email that they will be attending, to: issa2005 at owlriver dot com, and to read the content linked at the bottom of this page, in advance of the event. We will send a reminder followup and any late-breaking additions by email so that participants can pre-review, consider how they would respond, and bring a printed copy of a couple of these pieces [certainly the CISP/PCI piece]; Please also bring a notebook or legal pad, and writing implements to the event.

About the speaker:
Mr. Herrold is a principal at Owl River Company (http://www.owlriver.com/), a high-end Unix consultancy, with strong Open Source underpinnings. Its principal clientele are firms in the financial services industry, and ISPs.
    He has been active with Linux development since 1994, serves as the editor of the RPM packaging tool website (the pre-2007 http://rpm.org/, now removed to: http://oldrpm.org/), and is a principal in and security matters representative to the Linux distribution, inter-vendor private vulnerability response and co-ordination group for the cAos (http://caosity.org/) and CentOS (http://centos.org/) community Linux distributions.
    Apropos to his topic and presentation at the conference, he also served in the external NDA 'testers-list' testing and advisory group for Red Hat Linux from its inception, and particularly participated in the post RHL 7.2 re-examination of the change from a 'default open' to a 'mostly closed' distribution.
    He is a frequent speaker on Open Source, Unix and Linux, and info-sec matters; long time leader of the Central OH Linux User Group (http://colug.net/); and a founder of the cAos [rpm based community leading edge distribution], and the fast-growing [2005 Netcraft survey - pdf - new window] CentOS [community RHEL-based distribution rebuild] .

See also (listed alphabetically):
NIST
Red Hat
SANS
Visa CISP / PCI
Build Sheet

Other Voices (listed alphabetically):
Bastille Linux
Crypto-Gram (Bruce Schneier)
Dug Song
Google
UC Davis Symposium notes on Fedora [2005] (local PDF copy)
random Google result
alkalay.net a Brazilian author's presentation and enterprise level Linux evaluation ((local copy of PDF) // (later version w/ disclaimer -- see new p 2) // (Open Office format))
024 keypunch
As the audio mentions: I've been at it for a little while.

Discussion Materials (listed alphabetically):
COPYRIGHT.text  - CS690E.html  - CandW-intrusion_detection.pdf  - Linux-Distributions-Avi-20060111.en_US.sxi  - Linux-Distributions-Avi-20060819.pt_BR.odp  - Linux-Distributions.Avi-en_US.20051106.pdf  - Linux-Distributions.Avi-en_US.20051106.sxi  - Linux-Distributions.Avi-en_US.20060111.pdf  - MUOhio_CIR_Plan.pdf  - RH-rhs333.html  - RH-site.txt.html  - RPH-rpm-Va.txt.html  - SecuringFedoraNotes.pdf  - aixhardening.html  - avaya-svc2498.pdf  - berkuta.pdf  - cd.iso  - chkconfig--list  - chkconfig--list.html  - chung.pdf  - cisp_PCI_Data_Security_Standard.pdf  - cs1.PNG  - herrold_interview_ISSA.mp3  - icon-speaker.gif  - isolinux-howto.text  - ks.cfg.txt.html  - market-share-breakover.pdf  - mk-grub-iso.sh.text  - rfc2350.txt.pdf  - rfc3013.txt.pdf  - rhel-sg-en.pdf  - sources.html  - timo-bootable-building.pdf  - timo-bootable-building.ps  - top-ten.text  - top-ten.txt.html  - top10reasons.pdf  - verisign-managed-security-005298.pdf
       

Back to Top Page
[legal] [ no spam policy ] [ Copyright] © 2008 Owl River Company
All rights reserved.

Last modified: Thu, 02 Aug 2007 16:18:31 -0400
http://www.owlriver.com/issa/index.php