[nflug] meeting possibilities
Brad Bartram
brad.bartram at gmail.com
Wed Feb 14 15:35:58 EST 2007
The cube might work out great for demo purposes.
brad
On 2/14/07, Mark Musone <mmusone at shatterit.com> wrote:
> I've actually been considering getting like a dozen 1G jump drives, with a
> live distro on them for the meetings. That way people could plug it into the
> ITT tech computers and completely boot off of them and not touch the actual
> ITT machines..it'd be good for many hands-on presentations, yours included
> possibly..
>
> I'm just not sure how ITT tech would feel about it..
>
> I've also got 2 laptops I could bring, and even a 24Seven Cube with multiple
> Ethernet cards
>
>
> -Mark
>
>
> -----Original Message-----
> From: nflug-bounces at nflug.org [mailto:nflug-bounces at nflug.org] On Behalf Of
> Brad Bartram
> Sent: Wednesday, February 14, 2007 2:51 PM
> To: nflug at nflug.org
> Subject: Re: [nflug] meeting possibilities
>
> For a real basic demo - (1 system to show things working) - all I'd
> need would be a system that runs linux with two or three nics. The
> distro isn't important as I'd be doing a custom install onsite to show
> the process. Since it wouldn't be live and collecting data, the
> harddrive could be almost any size over 10 - 20gb.
>
> To do a full honeynet setup, I'd need a basic linux system - could be
> anything. The second system would need to be like the one I described
> above. I could use my laptop as the thrid monitoring system - or even
> use an available windows system.
>
> The only critical system is that one with the three nics. Everything
> else can be found or made to fill a purpose.
>
> The other thing I would need would be a hub or switch - I have one I
> can bring - so if anyone else has one - that would be great.
>
> Just to remind everyone - I'm putting it out now, but I can't do it
> this month. Just so noone gets excited for this saturday ;-)
>
> brad
>
> On 2/14/07, Cyber Source <peter at thecybersource.com> wrote:
> > Brad Bartram wrote:
> > > I could handle this in a few different ways...
> > >
> > > First, I could give a pure presentation on how things work and how
> > > things get setup. That's not too big of a deal in terms of logistics.
> > >
> > > Second, I could give a practical demonstration and actually set up a
> > > Generation III honeynet. The caveats to this would be that I would
> > > need three computers (two in a pinch), one with three network cards,
> > > and two hubs / switches. That would give a fully self contained
> > > honeynet with a monitoring station completely seperate from the rest
> > > of the building's network. The other caveat is that it may be a
> > > little time consuming in terms of getting things setup and working on
> > > the fly.
> > >
> > > The third option is to combine the first two approaches - a little
> > > theory and setup a standalone system.
> > >
> > > I'm good with any of the approaches - I'll let those who are
> > > interested decide.
> > >
> > > Brad
> > >
> > > On 2/14/07, Cyber Source <peter at thecybersource.com> wrote:
> > >> Brad Bartram wrote:
> > >> > I don't know if anyone would be interested, but I figured I would
> > >> > throw it out.
> > >> >
> > >> > I'm currently doing some projects working with honeypots, and
> > >> > honeynets. I would be more than happy to do a presentation on the
> > >> > overview and concepts. The only caveat would be that I can't do it
> > >> > for this month's meeting. It would have to be for the following
> month
> > >> > or the one after.
> > >> >
> > >> > Let me know if it's something y'all would be interested in seeing.
> > >> > It's definitely a novel use of linux.
> > >> >
> > >> > Brad
> > >> >
> > >> > On 2/13/07, Mark Musone <mmusone at shatterit.com> wrote:
> > >> >>
> > >> >> Another actual presentation could be talking about the linux boot
> > >> >> process.
> > >> >>
> > >> >> I've found that it's very helpful to really understand the boot
> > >> process,
> > >> >> what happens, why, what initrd is, the boot loaders, init, standard
> > >> >> linux
> > >> >> processes, root disks, (x)inetd, running programs at boot
> > >> time...etc..
> > >> >>
> > >> >> That might be better than the migration one...
> > >> >>
> > >> >>
> > >> >> Mark
> > >> >>
> > >> >>
> > >> >> _______________________________________________
> > >> >> nflug mailing list
> > >> >> nflug at nflug.org
> > >> >> http://www.nflug.org/mailman/listinfo/nflug
> > >> >>
> > >> > _______________________________________________
> > >> > nflug mailing list
> > >> > nflug at nflug.org
> > >> > http://www.nflug.org/mailman/listinfo/nflug
> > >> >
> > >> You say when and I'll be there with bells on! Is this something that
> you
> > >> would actually try to implement? Would ITT allow such a thing Richard?
> > >> _______________________________________________
> > >> nflug mailing list
> > >> nflug at nflug.org
> > >> http://www.nflug.org/mailman/listinfo/nflug
> > >>
> > > _______________________________________________
> > > nflug mailing list
> > > nflug at nflug.org
> > > http://www.nflug.org/mailman/listinfo/nflug
> > >
> > I may have a relic around I could throw together to kinda get ready,
> > what exactly would you need as far as OS (Linux flavor) and hardware?
> > _______________________________________________
> > nflug mailing list
> > nflug at nflug.org
> > http://www.nflug.org/mailman/listinfo/nflug
> >
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
>
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
>
_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug
More information about the nflug
mailing list