[GLLUG] Fwd: Michigan Information Security News
Clay Dowling
clay at lazarusid.com
Fri Jul 27 13:15:32 EDT 2012
There are some good training opportunities in here for people, thought
I'd pass it along. I attended the B-Sides conference in Detroit, and it
was amazing. The sort of in-depth technical presentations we can only
dream of getting from Penguicon.
Clay
-------- Original Message --------
Subject: Michigan Information Security News
Date: Fri, 27 Jul 2012 17:00:21 +0000
From: MiSec <news at michsec.org>
Reply-To: news at michsec.org <news at michsec.org>
To: Dowling, Clay <cdowling at arbor.net>
Having trouble viewing this email? Click here
<http://campaign.r20.constantcontact.com/render?llr=prbeadkab&v=0013FxZ1gY3q2tFwOqpkRigzRivaoQsIRu29c-bp5s_hkskQNO7F1YHKeUsL7fMUF8uCDp5Lpgv-VCy4gxFFn0UKqoeyZ1CHTCzlSGUXQgB2S2flniO-HqGCeu1hTQ-yURL>
*
_| || |_ _ __ ___ (_)___ ___ ___
|_ .. _| | '_ ` _ \| / __|/ _ \/ __|
|_ _| | | | | | | \__ \ __/ (__
|_||_| |_| |_| |_|_|___/\___|\___|
*
August 2012
Welcome to newsletter[1]. Jack Daniel, speaking at BSides Las Vegas
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fXZ5LGC4nKbWEd42v8SROzzb-wo6ckpD2PEyr02822QB2mfvx084ERIK_akDdBVg-pCKYLt-nr46hwkNX-We5WSjybIFx7Fde6U7noikoyDr27rikgesm223whKIBnel3cYZAuHsbqvv4tt2BcLOjFI>,
gave a shout out to Detroit and hit the nail on the head. "BSides is
becoming more than just an annual event." This newsletter and the events
we are doing across the state in August is a small but important part of
that change.
Thank you for joining us and for continuing the spirit of BSides Detroit
12.
Cheers!
Columbus, OH - Friday, August 3rd
*CloudDevelop*
/by Mark Stanislav (mark.stanislav at gmail.com)/
Mark Stanislav is speaking at Cloud Develop 2012
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fUzoZDcc8qBbYGDkvhgm2hivqTvIbJ_VCbsxwMQsOCV4aktSzLGYjowH-McsU5dzlbUu0yNOAkUFSKEEjpKcpfuLTKS5VOWj40M2Pa9HgfXEA==>.
Title: Keeping the Cloud Promise: Infrastructure Agility with a DevOps
Toolchain
Summary: The agility of cloud computing can often be hampered by system
administration techniques and infrastructure technologies that aren't
able to keep-up at an equal pace. The Development Operations (DevOps)
movement helps to address many of the pace issues in cloud computing by
bringing new life to team culture and implemented technologies. A
mixture of pre-created and live demonstrations will be given for how a
"DevOps Toolchain" can be implemented to build and maintain
infrastructure, both cloud and virtualized. A wide variety of software
will address provisioning, configuration management, orchestration,
monitoring, metrics, and other aspects of a fully-functional operations
model. The presentation will focus on Amazon Web Services and make
benefit of technologies such as Puppet, mCollective, Nagios, Munin, and
many others.
Friday, August 3rd
Ohio Union @ Ohio State University
1739 N. High Street
Columbus, OH 43210
Cost: $15 (or free with coupon MarkStanislav while redeemable)
Royal Oak - Thursday, August 9th
*Your Monthly Dose of BSides*
/by info at misec.org/
The #misec meetup in Royal Oak combines an hour presentation from
members, a round table discussion, and an extended networking
opportunity. This month's presenter is Jen Fox (@J_Fox
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fUCIyN4gYcI2Ry4B2f59-nCUL1V6YWGXgtuW5pW6qvM2BUKKaUsc2RA14_NC2hejAx2XNAJM5pppaiPQ-yZcctz8GMH0wHv3Yidvdm0lFnjsQ==>)
and she will be presenting The Moscow Rules for InfoSec Professionals:
Achieve Detente to Secure the Enterprise
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fW4v1bAnTU_27Cz36-86tf3HyfWUT1W0KHUoPNIG13QHDP5CFYqvqDDO7bw95jOuoN-NpWq27Dd47nvnGhMwO4C9QRN6qOH_xUet2IYQLebW2rS41k2Xi6J0JbAizGseUfRNH1V59gbzFcjIZ8Myfx4>.
Thursday, August 9th, 7-9 pm
4815 Delemere Avenue
Royal Oak, MI 48073
The talk will be streamed
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fXehJi_BPA6zL9vPhJ-3F7-kNOvNsFLip4NkLZAoIob5VseZd71-UFcVeVN0URezjcMMFAqSH8Y8DWwJtoy598K9RYsWNKT8rb0mfGRYwpSGrqJkLKCI6k6Oc9ASIqA7CM=>.
Royal Oak - Saturday, August 11th
*Linux Hardening Workshop*
/by Chris J /
MiSec is starting a series of workshops. The first of these will be held
at 10am on August 11th, and should last for about six hours or so.
During that time, attendees will be installing and hardening a Linux
system from scratch. When we are done, an attendee should be able to
install a Linux distro from a network install media, harden the distro,
configure Apache, Mysql, and PHP to be secure, setup a mail server, know
how to read the related logs, and install a CMS system.
More information: http://michsec.org/2012/07/linux-hardening-workshop/
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fUNiFtmor48jUehOuHcOk0cfcCm2mwqKKvy1L-XByqh49Bgl1tgd4YP3YRE83lZQr5Rkh2QiF3DxCD7fjPBZTLIGxYFiJJYhsMfpYbcIPvx6CEx7UqL2C6R0AsrQR4zZ_tUV5N_M5KzP6AG7fabEuBy>
Tickets: http://www.eventbrite.com/event/3976648262
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fVhIn9F1nPsMFqA8Dm4j02oPUuLmzDVVUKPov7NIayhayYbtzPkiWtBR9AK9-OTkvkvwV9lxZpOJbTAZe3kh-_CsYeR5mnP9slYsLnqKPTBvfvKZeu4QJHVy6md4N9FrJE=>
Saturday, August 11th
4815 Delemere Avenue
Royal Oak, MI 48073
Livonia - Wednesday, August 22nd
*Bring Your Own Cloud lunch-and-learn*
/by J Wolfgang Goerlich (jwgoerlich at gmail.com)/
Wolfgang is doing a lunch-and-learn with Dell Compellent
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fUioocOlcVtfcWXHkXRHbUXulg2S7pH57zX_zEgvUKhuT4f68c0YRUGLg_YVakE7u0IBrtbEIYbTXvRLBHPbrnrv6Jt_Ad1rgdfY7fylGB9OkAuAPWudPf0Upc95mb6p0ofT7oezqFjXh57hkvTASmFKe8MKxJzwNOTswPx3fbMeP681IML2w5v>.
Summary: How can companies realize the dream of public utility cloud
computing, while retaining the service and security they have come to
expect from in-house IT? The answer is private cloud computing. That is,
combining the benefits of public utilities with the reliability of
in-house IT departments. In this session, we will present how a Midwest
investment firm implemented DevOps on a cloud computing model.
Wednesday, August 22nd
Flemings
17400 Haggerty Road
Livonia, MI 48152
Royal Oak - Saturday, September 15th
*Branding your Security Team Workshop*
/by Steven Fox/
What does your security team stand for? How does it add value to its
customers? How does it drive value within itself? Most managers and
customers ask these questions in some form; they want to know what your
team will do and why they should interact with it. Unfortunately, most
IT security teams approach their answer from a context alien to those
whom they serve - leaving them puzzled and frustrated.
This workshop focuses on branding techniques that will aid in reframing
your team's value proposition into a context familiar to your internal
customers. Attendees will apply these techniques in a five-step process
that will take a brand from conception to organizational inculcation.
More
information: http://michsec.org/2012/07/branding-your-security-team-workshop/
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fXEfk_LAcEn1mrW2-SXSvMPveeGGuPZkOqkshRlXS1s2AIyY-gRXmGRH3Qd03p-9qM6G_z8K90m6QXxMiAPnbt-80JoFAVVXw9AP5a0ZwC5YfTKyrDHnLpfz_eAbtderH8ITV3nTOvfKrcsaM7yM9Vwg2-4G5iv1OQ=>
Tickets: http://www.eventbrite.com/event/3976830808
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fWuMyPDKoV3oc2yPR3GPccQ25F2IfF0gtLjOQF3NG8FpaDLyJ5rr2SCVNarqEuqQoFXUYIgyzYYJOv5yBQLA2_WrBGkG5IlbV5mG2l3w3KKczgTP4AxxNh97asuqoe4FqA=>
Saturday, September 15th
4815 Delemere Avenue
Royal Oak, MI 48073
Grand Rapids - September 27th and 28th
*Invading GrrCON*
/by Jaime Payne (marketing at grrcon.org)/
GrrCON
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fVkPwiE2ywQzcRtbSLcHtZH4NQ0DSh4OnFHb6GN1-CW9YnUkRzWnLuYeQCShrqd6tI7hs0gSDO2JMHrZ57-cheWqBx6sAfQc20wL0Nw6nbQAA==> is
an information security and hacking conference being held in the
Midwest. This conference was put together to provide the Midwest
regional information security community with a venue to come together
and share ideas, information, solutions, forge relationships, and most
importantly engage with like minded people in a fun atmosphere.
GrrCON has attracted infosec professionals and hackers with
international notoriety, such as Kevin Mitnik, atlas 0f D00m, Kevin
Johnson, Mike Kemp, Rafal Los and exhibits by some of the nation's
leading organizations. A number of active local Michigan people, like
Steven Fox, J Wolfgang Goerlich, Matt Johnson, Chris J, and others are
also speaking. This is THE Michigan infosec event of the fall. Don't
miss it.
For attendees of BSides Detroit, GrrCON is offering a 15% discount on
tickets. Use the discount code: motown
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fX3-jLBOE5QnBhhC8l6eFaA5JzklyaTfLLWz0xFnigaKAgEIGVSlcyKsUmKl_aZB_uoWPSIqBMbAz22IJF9sopdjFjfF6AZkhWofORLq90jQtyJ3jzyscn5>.
September 27 and 28
DeVos Place
303 Monroe Ave
Grand Rapids, MI 49503
Detroit - March 2013
*SE in SE Michigan*
/by Leonard Isham (leonard.isham at gmail.com)/
The Social-Engineer.com Social Engineering for Penetration Testers
program
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fVySAWWVTBPniN8Fb_2gKittFEH0F4gfWgW6840ejaYQJzhnOJb2PPhxcf6XKgKG-WgIrQ_ZpGS5Yx-UtFuIFZHwX0zaC-UGKs34qmaenzcPfI2zkWwNnkQ-7nYLgZ41OnJwYlVVdV0xOjdVjbmXLJh>
is a 5-day immersion into the world of a professional social engineer.
We are working to bring this 5-day, hands-on, thrill ride that is filled
with information-packed discussion, performance based exercises and live
demonstrations to the SE Michigan area.
Sign up to express your interest in bringing this class to the area. We
need a minimum of 10 people signed up by September 2012 to book it.
http://www.social-engineer.com/se_for_pentesters_misec_detroit_class/
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fUsTbr3PSswP7kg7JyXeH3bQCB8mezzuIAABOMQQYO6XRSyAcQnZqnpFUIyta_ngI7_9tVwZNInfOjimQdVAkvuIFIEHZAjBLw5XDV82oahNQevYtK-3afHQsKRk9OUz0jn4WYNRk9Ess2BE5IDy6B2s2JNahhpLCK1EaiQ5gyGRA==>
Online - coming soon
*Capture the Flag Contests*
/by Derek Thomas /
We are working on a CTF challenge website.
More
information: http://michsec.org/2012/07/coming-soon-ctf-proving-ground/
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fWS3LncsXtaDe-rkiwwzv683Z1Lfz16pBGdoG5vWsfNTgx07ayaqNw9qOXdI2gtreG63pQOYxReScCq5nXj3LHbpIu47kgMTai2ELIr9SE9CM32UIIKwYaYr9CKVwFEOGccate37jhe5Fp9mt85eKA2AR3VvO81SXg=>
Teaser challenge: http://ctf.michsec.org/web01/
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fWJMVxNThZp5CttaClMNtf7asoMQMdRF1rFDmRxeBeRb6g6X6zJ5xhD28Te7_wmHYXpc18J6OOTvDH5Kj6objuzk-0Ai9PCZErDHSJK1giFRnvh6gHXcplE>
Get involved
Here are some links to get involved with the local community. This
includes the recordings from BSides Detroit 12 and past #misec meetups.
* BSides Detroit website
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fUdGLpw99R4vJF2PHCB4ZZyscab-egzXjTiNeBQmDhxR6eZyjuqvvMjcCrKjlZL1dY25RrIzrDLfKkXbNxeWSoXpSl1ZcEfHL53W1790J2ZFQ==>
* BSides Detroit YouTube
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fUVsBhVQuUxUNRAfvrfp4Idrzp2cx07i9jPhtugzmnm5l1_h-NN3ES_ujSQw9OWneBsMfMBh_41I6TJoBzkQ48sxHIjRxjJQrhcPPyu2-YQODXRAq9p-QUEt0FHl_lW-VM=> -
includes recorded talks from this year's event
* BSides Detroit on Twitter
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fVcFRAlQh8jdK81mmT6ML-y6KNIyMmYBVR9hZfE4NzSPaE6yDoCHtC_YiI3Fia3Wmi146D6AogMmo0fk-DJIjAaPMXYt_ssrXUvWXmE0JF_Gy7bXSsoDJvn>
* #misec website
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fXIg1fwTLCRQy0mKKH9YAVXj37Y4ryyEzCjggL5cCjnnU6RUdYoOidVRrZ7btZbRNQhCqurOyzNU06uV2GCxVLJ1J73jXibXYo=>
* #misec YouTube
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fVvWH6dQCc98aFgfYPaVcCxPrFaK4Pf80JdUibCzh0DqABiy8BBlXubiASzyPw9N2MO8XPK881wJFug72Y4IhwMgEOgqP08M842Cwb1n9gG8rZ6J4e1AJFQgsKOJjrHMFI=> -
includes recorded talks from meetups
* #misec on Twitte
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fUeAQzIiH003JlqavfsTgHzCsB9TS6giNAiF_IpGfuTa5H7EM6GPUZSAu1FwWnLEzLIjrZ9Cf-F240Fj3Uox9UwEhvt_tZ5stml5208M_TKyjczoLAolqEy_mgq2RFy9B0TPK-aHzF6JA==>r
* #misec on IRC
<http://r20.rs6.net/tn.jsp?e=001TWnnMQ2m2fVXabpo26GB1xe6HoC4EINLCN6OQz6bUo7Wo8dquGV6iElrdk7x2ZbVYOth_02dPkqBfLccPeBZKZyqZMDB8_apUI_NmKpTezltfPGRQA6SXq78Y_ZmZuoBvuKaN0IoeFqJLOYCJiPMlQ==>
Drop us an email (news at michsec.org) with your Michigan information
security meetup, challenge, event, or idea. We will get you into the
newsletter.
Michigan Information Security*
*
Join Our Mailing List
<http://visitor.r20.constantcontact.com/email.jsp?m=1110349841967>
Forward this email
<http://ui.constantcontact.com/sa/fwtf.jsp?llr=prbeadkab&m=1110349841967&ea=cdowling%40arbor.net&a=1110380553173>
<http://visitor.constantcontact.com/do?p=un&mse=001GL6cz-YdcNxLtmVbm6p2FiWiiZcI-J91&t=001U_0-nMcfrKvGMWLbtyTAQw%3D%3D&llr=prbeadkab>
<http://www.constantcontact.com/index.jsp?cc=news08>
This email was sent to cdowling at arbor.net by news at michsec.org
<mailto:news at michsec.org> |
Update Profile/Email Address
<http://visitor.constantcontact.com/do?p=oo&mse=001GL6cz-YdcNxLtmVbm6p2FiWiiZcI-J91&t=001U_0-nMcfrKvGMWLbtyTAQw%3D%3D&llr=prbeadkab>
| Instant removal with SafeUnsubscribe
<http://visitor.constantcontact.com/do?p=un&mse=001GL6cz-YdcNxLtmVbm6p2FiWiiZcI-J91&t=001U_0-nMcfrKvGMWLbtyTAQw%3D%3D&llr=prbeadkab>™
| Privacy Policy <http://ui.constantcontact.com/roving/CCPrivacyPolicy.jsp>.
misec| The Street| Detroit| MI| 48201
More information about the linux-user
mailing list