NANOG 37: Security BOF Agenda

Hash: SHA1


- -danny

- --------------------------------------

Security BOF - NANOG 37
Moderators: Danny & Roland

- ---
Probing Open Recursive Name Servers
John Kristoff

Analyzing the results of remote open recursive name server
probes. We look at the effectiveness of different probing
techniques against different sets of data including reflectors
used in recent attacks, other known open recursives and a
large set of DNS server queriers. Some of the who and what
are open will be briefly examined as as well as some
unexpected responses to our probes that may invite further

- ---
Infrastructure Security Survey Results
Craig Labovitz

- ---
Does Web 2.0 = Security 0.0?
Roland Dobbins

'Web 2.0' hosted applications are going mainstream; recent events
have highlighted the fact that not only enterprises, but millions of
small businesses, SOHO users, and individuals who depend upon
these applications are adversely impacted when disruptive network
events occur. However, there has to date been little or no
engagement between the traditional computer security community,
the operational security community, and the developers/providers
of these applications.

What can be done - and what *should* be done, and by whom - to
help integrate 'Web 2.0' application providers into the operational
security community? What role, if any, should nsp-sec play?

- -----
Email question for discussion from Monika Machado

What tools are used by network operators for event correlation and
aggregation and how effective are these tools for trending, analysis
and reacting to incidents?

- ---
Open MIC/Discussion

- -----