The National Security Agency just released several guides, with several more to be added shortly, to help Department of Defense
organizations secure Windows 2000. Many DoD organizations have adopted
the guides as standards. Sample titles:
- Microsoft Windows 2000 Network Architecture Guide
- Guide to Securing Microsoft Windows 2000 DNS
- Guide to Securing Microsoft Windows 2000 Active Directory
In a major departure from historic precedent, NSA is also making the
documents available to the security community outside the DoD.
You may download these documents directly from the NSA’s site.
The security seminar has been held every semester since 1992 and invites people from all areas of computer security, forensics and criminal investigation to talk about what they do. For more details. see the seminar page.
This semester we will have local cable coverage (Lafayette, IN area) for the seminar every Wednesday afternoon including:
- Simulcast on Purdue Channel 4 / 4:30-5:30 PM
- Simulcast on URTAS Channel 15 / 4:30-5:30 PM
- Tape Delay on Insight Channel 5 / 5:00-6:00 PM
- Tape Delay on All 3 Channels / 6:00-7:00 PM
If you have any question or would like to present at the Security Seminar, please contact Dr. Sam Wagstaff.
If you would like instant access to what CERIAS has to offer and you are running Netscape 6 or later then check out our new sidebar. Simple to add and keeps you in touch with what is happening here at CERIAS.
Space is limited in Securing Your Website, the first in a series of seminars this Fall. This day and a half course will provide you with practical tips and techniques for securing your website.
Topics that will be covered include: Network Layout, Common Events or Exploits and Appropriate Responses, Determining Appropriate Server/OS Configurations for Your Needs, Securing the Host, Pitfalls to Avoid in Popular Application Services, Web Proxying, Browser Security, and System Monitoring.
Get your registration form filled out and get it in today.
Purdue has been awarded 10 of the scholarships that began in the Fall of 2001. Several of these are still available for Spring 2002. Another 10 are for the fall of 2002, and then 10 more in fall of 2003.
Each fellowship will cover full tuition and fees for 2 years while the recipient pursues a MS degree with specialization in security. You can find out more about these scholarships and how to apply but hurry - time is running out to apply for next semester.
CERIAS Director Eugene Spafford addressed a congressional committee on October 10th and shared his concerns on security with our nations leaders. More information is available in the Purdue newswire press release.
Free to educational institutions, the first release of the CERIAS Incident Response Database, v. 1.01b, is now available:
The CERIAS Incident Response Database is a web-based system intended to be used while responding to incidents. It has for primary objective assessing the cost of incidents for various uses and criteria. Therefore it supports classifications of incidents (including custom ones) and billing. It records the time it is in use while someone is working on an incident, and attaches the dollar amount (from an hourly rate) to the incident, anonymized by the person’s role played in the incident. In order to have an accurate record of the time spent on an incident, it is feature-rich and has conveniences to encourage its use. It is hoped that it will be the primary repository and archive of incident information.
Professor Jude Shavlik from the University of Wisconsin - Madison will be doing a seminar on intrusion detection systems with low false alarms on November 3-4. This seminar is hosted by Carla Brodley of the ECE department.
For more information, check out more of the details online.
Purdue has been awarded 10 of the scholarships, to start in the fall. Another 10 are for the fall of 2003.Each fellowship will cover full tuition and fees for 2 years while the recipient pursues a MS degree with specialization in security. The fellowship also covers lodging and pays a monthly stipend, plus a summer internship. In return, the recipient is expected to make satisfactory progress towards the degree, emphasizing courses related to information security (a faculty member will be the advisor for this). Upon graduation, the student will be required to take a job with the Federal government for as many years as the student received the scholarship. For more information, including directions for application, see http://www.cerias.purdue.edu/sfs/.
Indiana Information Security Week (IISW) is April 15-19. CERIAS and several technology partners have developed IISW to bring attention to the challenges associated with information security in Indiana. Activities and programs are designed to enhance the security literacy and skills of businesses, organizations, and citizens. To learn more, visit http://www.iisw.cerias.purdue.edu.