Daniel VanBelleghem Solving Network Mysteries
0Daniel VanBelleghem, CISSP - SRA International
Solving Network Mysteries
Have you ever wondered what data is traveling around your network? Internal network activity is seldom what you expect and often remains a mystery to most system administrators. Understanding what users are doing, how they comply with corporate security policies and how they communicate both inside and outside a network is an integral part of understanding your internal security posture. However, thisunderstanding is often overlooked.
This session will present a collection of ãreal lifeä observations demonstrating that what really happens on your internal network is not what you think. These observations will explore common traits collected from solving real network mysteries.
Examples of observations to be examined during this session include:
- Uncovering installed Distributed Denial of Service (DDOS) agents
- Finding Trojan Horses and other backdoors
- Exposing harassing e-mails in the workplace
- Discovering corporate resources misused and abused
The various audit and monitoring methodologies used to detect, analyze and recover from these observations will be presented. Current trends in analysis tools will be discussed and tips will be offered on how to analyze your audit and monitoring activities with high-quality and consistent results. Potential benefits you should expect from performing audit and monitoring inside your network will be discussed, to include positive user behavior, an increased incident response capability and improved overall accountability. Recommendations on dealing with sensitive issues such as inappropriate web surfing, threatening or harassing behavior and others will be provided along with possible alternative solutions.
This perspective on network activity has invaluable information to all professionals involved in the technical or policy aspects of managing security and privacy in electronic communications
Daniel VanBelleghem, currently is a member of the Information Assurance group at SRA International. In this role, he conducts security-related research and consulting activities including providing strategic guidance to customers, analyzing network traffic for security-related incidents, and designing security solutions to maintain integrity and prevent loss of intellectual capital. Before joining SRA, Dan was in the security consulting business with the firms Network Forensics, Deloitte & Touche and Booz Allen & Hamilton.
Dan holds a Master of Science degree in Systems Engineering from Virginia Tech, a Bachelor of Science degree in Electrical Engineering from Northeastern University and is a Certified Information Systems Security Professional (CISSP). Dan's professional affiliations include the International Information Systems Security Certification Consortium (ISC2) and the High Technology Crime Investigations Association (HTCIA).
Black Hat - USA - 2001 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security