Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: Joining ren-isac
From: base <base () UNM EDU>
Date: Wed, 22 Aug 2007 19:23:38 -0600

Hi all,

There are also Institutional sponsored memberships that are worth
exploring if you don't know anyone in REN-ISAC.

For details, please see:

http://www.ren-isac.net/membership.html#applying

I was able to find other REN-ISAC members at conferences I attended.
Not only are good conferences valuable as learning experiences; they
also provide actual networking opportunities of this kind that are
invaluable resources.

Thanks,

Jeff Gassaway   505-277-8148

UNM IT Security Administrator
University of New Mexico
2701 Campus Blvd NE
Albuquerque, NM 87131

MSC02 1520


On Aug 22, 2007, at 5:39 PM, Lunceford, Dan wrote:

I second Mr. Lundy's statement.

-drl


--
Dan Lunceford
Manager of Networking Services
New Mexico Tech
dan () nmt edu, 505-835-5961


If you don't know how to do something,
  then you don't know how to do it with a computer....

-----Original Message-----
From: David Lundy [mailto:dlundy () PACIFIC EDU]
Sent: Wednesday, August 22, 2007 5:33 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Joining ren-isac

Stephen:
     I've seen other encouragements to join REN-ISAC in the past and
have attempted to join.  I met the qualifications but did not know any
members who could vet for me.  So I am outside and I don't see a
way in.
Any suggestions?

David Lundy

------------------------------------------------
David Lundy
Assistant IT Security Officer
University of the Pacific
Stockton, CA 95211
Email: dlundy () pacific edu
Voice: 209-946-3951
Fax: 209-946-2898

-----Original Message-----
From: Stephen Gill [mailto:gillsr () CYMRU COM]
Sent: Wednesday, August 22, 2007 4:10 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Botnet Detection

Hi Jim,

Plenty!  I _highly_ recommend you get involved here:

http://www.ren-isac.net/

I know of few better places to be for dealing with these sorts of
issues
in the .edu environment than involved in that group.  There are a
lot of
people who can help get you up and running there very quickly with
tested, proven methods for doing exactly what you are looking for.

Some items for you to consider along the way, if you haven't already
include:

    - deploying netflow/sflow collection capabilities
    - deploying sniffer capture capability
    - deploying localized darknets and/or automated malware collectors
    - tracking DNS query logs
    - etc.

I've yet to see a silver bullet commercial appliance for battling
botnets, and you won't win the war without a good mixture of tools and
techniques.
Unfortunately botnets are only the tip of the iceberg compared to
other
malware threats - they're just generally the most obvious :/.

Again, please do consider applying for membership to REN-ISAC if you
meet the membership criteria.  You can't beat the price of admission.

Cheers,
-- steve

From: Jones, Jim R [mailto:jonesj () ITS GONZAGA EDU]
Sent: Wednesday, August 22, 2007 2:36 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Botnet Detection

Does anyone have a utility or method of detecting botnet infections?

This is becoming a serious problem that we have no way of tracking
down
at this point in time. Any suggestions are appreciated!

Jim Jones
IT Security Manager
Gonzaga University
509.323.5926



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]