The following was politely stolen from Andy IT Guy.

Please plan on attending this month and please take a moment and let us know if you will be there so we can have an accurate count for food. Send an email to Meetings-Atlanta@naisg.org and we will add you to the list.

DATE: Wednesday, May 13th
TIME: 7pm (Networking, Food & Drinks); 730pm (Presentation)
LOCATION: MARTA Bid Room

TOPIC:

Integrating Security into Your QA Cycle

In this interactive discussion, Errata Security co-founders Rob Graham and Dave Maynor will share tips on how – and why – to integrate security into your QA cycle. They will engage the audience with a Top 10 list of tweaks and tricks to make sure products ship bug free, and maintain the highest level of security and quality. They also will discuss a list of free tools available to help with this process.

Robert Graham: Founder & CEO

Mr. Graham learned hacking as a toddler from his grandfather, a WW-II codebreaker. His first IDS was written more than 10 years ago designed to catch Morris-worm copycats. He is the author of several pending patents in the IDS field. He is the author of well-regarded security-related documents http://www.robertgraham.com/pubs and is a frequent speaker at conferences. Prior to founding Errata Security he co-founded, was the CTO, and chief-architect at Network ICE (now owned by ISS).

David Maynor: Founder & CTO

David Maynor is a founder of Errata Security and serves as the Chief Technical Officer. Mr. Maynor is responsible for day-to-day technical decisions of Errata Security and also employs a strong background in reverse engineering and exploit development to produce Hacker Eye View reports. Mr. Maynor has previously been the Senior Researcher for Secureworks and a research engineer with the ISS Xforce R&D team where his primary responsibilities included reverse engineering high risk applications, researching new evasion techniques for security tools, and researching new threats before they become widespread. Before ISS Maynor spent the 3 years at Georgia Institute of Technology (GaTech), with the last two years as a part of the information security group as an application developer to help make the sheer size and magnitude of security incidents on campus manageable. Before that Maynor contracted with a variety of different companies in a widespread of industries ranging from digital TV development to protection of top 25 websites to security consulting and penetration testing to online banking and ISPs.

Errata Security: Mission

Errata Security is a privately held firm started in 2006 by experts in the cybersecurity industry. The mission of Errata Security is to give access to the skills and talent of cutting edge researchers to companies that don’t want to staff their own research team. This mission is accomplished through consulting with clients through professional services, product testing and verification, and the Hacker Eye View service that provides in-depth analysis of events and vulnerabilities that affect today’s IT staff.

The Atlanta Chapter of NAISG will be holding its next meeting on Wednesday, March
11th at 7:00 PM. Food and refreshments will be provided by
Stonesoft – http://www.stonesoft.com/us/.

Presentation Topic: Virtualization – Failure to Plan = Planning to Fail

While virtualization offers organizations improved efficiencies, lower
energy costs and consolidation of data centers. Unfortunately, failing to
include security with your virtualization plans is nothing but planning to
endure virtual security breaches. The speaker will lead a discussion on the
different approaches that organizations are taking to secure their virtual
environments.

Greg Mead is a senior solutions architect for Stonesoft Inc. Greg has more
than 19 years of experience in senior solutions architect and sales
engineering roles in the information technology industry, including more
than 10 years in systems security. Prior to joining Stonesoft, Mead held
positions with Compuware, Nortel Networks, Intrusion.com, Group
Technologies Corp., and Computer Advantage, Inc. Mead is a certified
information systems security professional (CISSP).

If you have not yet done so, please send a courtesy e-mail to
Meetings-Atlanta@naisg.org indicating that you plan to attend the
meeting so that we can order the correct quantity of pizza.

Location:
MARTA Headquarters
2424 Piedmont Rd.
Atlanta, GA 30324

View Larger Map

It’s at the intersection of Piedmont Rd. and Morosgo Dr. across from
the twin AT&T towers. This is the location of the Lindburgh Station.
The meeting will be held in the Bid Room on the first floor. You will
have to sign in at the security desk.

3. THINGS TO COME
Everyone should also look forward to April’s meeting. We are talking
with the guys over at xtremesecurity.com about presenting. They are
pentest guru’s and we are looking forward to hearing what they have to say.

Umm…yes it can…I’ll prove it. http://twitter.com/adminian

Here’s a screenshot of the error I received today while trying to change the design of my page at Twitter:

I imagine this is a recent validation rule. I’ve been using Twitter since .. well … before you I bet. I’ve never had this issue. I guess I will contact twitter and tell them to make me the exception…Think they will?

*******************************************************************************************
National Information Security Group (NAISG) Atlanta, Ga. Chapter
*******************************************************************************************
In this newsletter:
1. What is NAISG?
2. January Meeting
3. Things to come
4. Chapter Leadership
5. Spread the word
6. Looking for Presenters and Sponsors
7. Online Resources
8. Network with other NAISG members on LinkedIn
*******************************************************************************************

1. WHAT IS NAISG?
The National Information Security Group (NAISG) is pleased to announce that it will be launching a chapter for the metropolitan Atlanta area. NAISG is an information security association with members and chapters around the world and which offers security presentations, networking opportunities and other resources. Unlike other security organizations, there are no dues, fees or qualifications associated with membership. Please join us at our chapter’s kickoff meeting to learn more about our group and the valuable resources that it can offer you. Oh, and did we mention the free pizza?

2. JANUARY MEETING
The Atlanta Chapter of NAISG will hold its kickoff meeting on January 14th at 7:00 PM. Pizza and refreshments will be provided by Symantec.

Presentation Topic: The talk will be given by Renault Ross of Symantec. He will be speaking on End Point Security and NAC.

If you have not yet done so, please send a courtesy e-mail to Meetings-Atlanta@naisg.org indicating that you plan to attend the meeting so that we can order the correct quantity of pizza.

Location:
MARTA Headquarters
2424 Piedmont Rd.
Atlanta, GA 30324

It’s at the intersection of Piedmont Rd. and Morosgo Dr. across from the twin AT&T towers. This is the location of the Lindburgh Station. The meeting will be held in the Bid Room on the first floor. You will have to sign in at the security desk.

3. THINGS TO COME
The members of the Advisory Counsel and I are very excited about some of the future presenters and topics. We are looking forward to having some of the top talent from the Atlanta area come and present on topics ranging from Compliance issues to Encryption.

4. CHAPTER LEADERSHIP
Ian Philpot – Atlanta Chairperson
Andy Willingham – Advisory Counsel
Renault Ross – Advisory Counsel

5. SPREAD THE WORD
If you know of individuals who would like to join our chapter or form new ones in their area, please point them to http://www.naisg.org for signup information.

6. LOOKING FOR PRESENTERS AND SPONSORS
The Atlanta chapter is looking for people interested in presenting to our group. The presentation must be vendor neutral and is not an opportunity to promote one vendor or solution over another. We are also looking for Sponsors willing to provide us a permanent Location to host the meetings. We’re expecting this group to grow and attract many of the best security experts in the area and will be great exposure for any company. We anticipate 20-50 people to attend regularly based on other groups performance.

7. ONLINE RESOURCES
NAISG has just reformatted its Resources page, breaking it down by category such as antivirus, antispam, firewalls, etc. We are soliciting white papers, blog URLs, products to list and more to add as resources to these pages, so please send these our way and we’ll add your listing. (And of course, we continue to maintain the Internet bandwidth test utility as one additional tool available to our membership. This tool is hosted on our own server and provides accurate readings of upload and download speeds. Just click the Start button on the page to initiate the test. http://www.naisg.org/Resources.

8. NETWORK WITH OTHER NAISG MEMBERS ON LINKED-IN
Join more than 1,230 other NAISG members on LinkedIn at http://www.linkedin.com/e/gis/43269/7DC2303017E0.
*******************************************************************************************

Well, it’s getting kick-off time for the Atlanta chapter of the National Information Security Group. I’ve got a great team of guys working with me on making this a success. I will be posting an announcement to the list this week giving the details. I’ve not gotten all of my ducks in a row yet, but it’s coming together. By the November Meeting we should have a permanent location and a couple of sponsors. There will be more to come…

After you enable an Edge server and configure EdgeSync the message routing changes in the exchange organization (obviously).

Outbound Messages

• User to Mailbox server
• Hub scoops it up from mailbox server and determines its heading to the internet
• Hub to Edge
• Edge uses the edgesync – sitename (internet send connector) to send to internet

Inbound messages

• Sending Server to Edge using the Default internal receive connector server name
• Edgesync-inbound to sitename connector to Hub
• Hub uses the Default Server name connector to receive
• Hub to mailbox server

Just a brief overview…for more info: Google

/ip

Zero touch installs have always fascinated me, but spending big bucks to do it isn’t always an option. I’m not out to provide away of doing this, but I am developing some ideas. Some of my posts may contain information that will not be used, but I’ve found it relevant. Providing a base profile for users can be accomplished numerous ways. This is just one of them…

Create a profile and configure it how you want it setup. Then under the Advanced tab in the System applet select User Profiles. Select the user profile you just setup and select Copy to (set the appropriate permissions) the netlogon share. Then rename the folder to Default User.

ref: 168475

If you want to setup Mandatory profiles, copy the profile in the same way to a folder called Mandatory. Rename Ntuser.dat to Ntuser.man. In AD Users and Computers select the users properties and set the Profile Path to the “Mandatory” folder.

ref: 323368

/ip

I don’t know about you, but it would be helpful for me to have computer/user accounts created in an OU instead of the default CN-Users location. Microsoft provides a solution for this, granted it’s not the best but it will do. The following commands are used to do this.

User accounts: redirusr ou=myusers,DC=corp,dc=com
Computer accounts: redircmp ou=mycomputers,DC=corp,dc=com

In mapping the computer build process for zero touch deployment this was a problem area as I use GPOs heavily. Now I can have all computer accounts created in a “staging” OU that GPOs apply too. Sure they still have to be moved, but with proper naming and maintenance scripts this also can be accomplished.

ref: Q324949

/ip

Hoff over at Rational Survivability brings a good point (read, duh [but most don't do]) to light — Follow the suggested security guidelines. How many times have we followed the step-by-step setup instructions, and we don’t give security a second thought. Could it be because the security guidelines are not step-by-step…who knows? If Schneier is right, and security will just become part of it…maybe a good place to start is to integrate the security into the setup and documentation. Even if the vendor doesn’t — you should.

An interesting quote on VMWare from his post.

Jon Oberheide, a researcher and PhD candidate at the University of Michigan, is releasing a proof-of-concept tool called Xensploit that lets an attacker take over the VM’s hypervisor and applications, and grab sensitive data from the live VMs.

Really?  Take over the hypervisor, eh?  Hmmmm.  That sounds super-serious!  Oh, the humanity!

I’ve got to agree…

Tags: Security, Thoughts, VMWare, Hypervisor, Xensploit, Shoutout

I use RDP a lot and having to disconnect from my session to switch to another window is not an option. The problem  lies somewhere with compiz. What supposed to happen when you hit ctrl+alt+enter is that it windows the session…but it doesn’t. Here is my fix.

sudo apt-get install compizconfig-settings-manager
System > Prefrences > Advanced Desktop Effects Settings
Utility > Workarounds > uncheck Legacy Fullscreen Support

That should do it…now off to figure out using SSL with rdesktop.

Tags: TechSupport, Fix, Ubuntu, rdesktop, compiz