[vox] [fwd] Silicon Valley Linux User Group Notice (Bastille)

Bill Kendrick vox@lists.lugod.org
Wed, 30 Jul 2003 15:42:12 -0700 

SVLUG meets next week (second day of LinuxWorld):

-bill!

----- Forwarded message from M Wendall <mwendall@earthlink.net> -----

SVLUG Meetings are First Wednesdays of each month at 7PM-9PM!
Next Meeting: Wednesday, August 6th, 2003, 7PM-9PM
Cisco Building 9, 260 E. Tasman Drive, San Jose, CA
Speaker: Jay Beale, Lead Developer of the Bastille project
Topic: Locking down systems with Bastille Linux - an introduction for 
users, sysadmins and programmers
More Information: http://www.svlug.org/meetings.shtml
======================================================================

Bastille Linux hardens an operating system by deactivating unused 
programs or functionality, tweaking security-related settings, and 
employing other standard "tricks" like chroot prisons to block or 
contain attacks. Bastille currently locks down five Linux distributions, 
HP-UX and Mac OS X. This talk will introduce Bastille and explore how it 
can be easily extended to include new functionality, requiring only 
minimal knowledge of Perl. In the process of understanding how Bastille 
works, we'll discuss and demonstrate what actions Bastille takes on a 
sample system. This talk should prove useful to non-programmers who want 
to understand how to harden an operating system by hand or with 
automated tools. It will definitely be useful to Perl programmers who 
wish to extend Bastille.

MORE ABOUT THE SPEAKER:

Jay Beale is a security specialist focused on host lockdown and security 
audits. He is the Lead Developer of the Bastille project, which creates 
a hardening script for Linux, HP-UX, and Mac OS X, a member of the 
Honeynet Project, and a core participant in the Center for Internet 
Security. A frequent conference speaker and trainer, Jay speaks and 
trains at the Black Hat and LinuxWorld conferences, among others. A 
senior research scientist with the George Washington University Cyber 
Security Policy and Research Institute, Jay makes his living as a 
security consultant through Baltimore-based JJBSec, LLC, reachable via 
www.jjbsec.com.

Jay writes the Center for Internet Security's Unix host security tool, 
currently in use worldwide by organizations from the Fortune 500 to the 
Department of Defense. He maintains the Center's Linux Security 
benchmark document and, as a core participant in the non-profit Center's 
Unix team, is working with private enterprises and US agencies to 
develop Unix security standards for industry and government.

Aside from his CIS work, Jay has written a number of articles and book 
chapters on operating system security. He is a columnist for Information 
Security Magazine and previously wrote a number of articles for 
SecurityPortal.com and SecurityFocus.com. He authored the Host Lockdown 
chapter in 'Unix Unleashed,' served as the security author for 'Red Hat 
Internet Server' and co-authored 'Snort 2.0 Intrusion Detection.' Jay's 
currently finishing the Addison Wesley book, 'Locking Down Linux.'

Formerly, he served as the Security Team Director for MandrakeSoft, 
helping set company strategy, design security products, and pushing 
security into the third largest retail Linux distribution. He now works 
to further the goal of improving operating system security. To read 
Jay's past articles and learn about his past and future conference 
talks, take a look at his site at www.bastille-linux.org/jay.

----- End forwarded message -----

-- 
bill@newbreedsoftware.com                           Got kids?  Get Tux Paint! 
http://newbreedsoftware.com/bill/       http://newbreedsoftware.com/tuxpaint/