A group of senior security experts, including Steve Bellovin, Matt Blaze, David Farber, Peter Neumann, and CERIAS Director Gene Spafford have released comments on the recent IITRI review of the FBI’s Carnivore system. Their position paper concludes that the IITRI review is a reasonable first effort at review, but that several critical issues are left unresolved. More details are available in the full report.
The National Infrastructure Protection Center (NIPC) released an advisory on December 1st in response to an increased number of attacks on eCommerce websites running Windows NT and Internet Information Server. If you maintain machines running IIS then you should read the NIPC article.
Held as part of the 8th ACM Conference on Computer Security (CCS 2001) a special half-day workshop on data mining for security applications is being offered on November 8th, 2001. This event provides an opportunity for attendees of the ACM CCS to meet with researchers who are interested in applying data mining techniques to security applications and discuss critical issues of mutual interest during a concentrated period. For more information see the ACM CCS website.