Sunday, January 16, 2005


January ISSA Puget Sound Chapter Meeting

The January ISSA Puget Sound Chapter meeting will be held on Thursday, January 20 from 5:30 to 8:00 PM at Group Health Eastside Hospital in room AA13 (located in the basement). The meeting agenda and driving instructions are as follows:

***iPod door prize this month


5:30-6:00 p.m. Food & drinks by ENDFORCE, Inc.

6:00-6:05 p.m. Chapter business, announcements.

6:05-7:00 p.m. Keynote speaker - Pointsec Mobile Technologies Terry Shofner, Pointsec Mobile Technologies, Inc.

Securing the Mobile Enterprise

Mr. Shofner will be discussing the impact today's mobile workforce has on corporate security planning. The increasing amount of data and number of devices within any organization requires prudent management of corporate resources in order to insure sufficient security measures are in place to protect the enterprise and its stakeholders. The core problem is that the majority of mobile devices lack the physical and electronic access controls necessary to maintain security and as a consequence, data stored on mobile devices is much more "at risk" than transmitted data. Mr. Shofner will also be discussing the critical role of endpoint data protection and access controls in relation to compliance issues with some of today's legislation such as California SB1386, SOX, GLBA and HIPPA (April 21, 2005).

7:00-7:10 p.m. Break.

7:10-8:00 p.m.

Guest Speaker - ENDFORCE, Inc. Scott Lewis, Senior Product Manager, ENDFORCE, Inc.

The Endpoint Security Problem & the 'Scan, Block, & Quarantine' Solution

In today's IT shops, critical, high-frequency, enterprise-wide endpoint security patches and upgrades are the norm. Most enterprises dictate endpoint policies; however, with no way to easily enforce compliance, enterprises remain at significant risk. Enterprise administrators are faced with a daunting challenge: ensure that updated anti-virus software, a personal firewall, and all relevant operating system and application patches are successfully installed and running on each device connecting to the network.Historically, this challenge has been an unmanageable problem in networks of tens or hundreds of thousands of LAN and WAN connected devices. As a result, the compliance state of most endpoints pre-connection to the network is essentially unknown and enterprise networks are constantly at risk. Security software and hardware vendors have been addressing this problem through al variety of new products that fall into a category that Gartner refers to as “Scan, Block, and Quarantine”. During his presentation, Scott will review the endpoint enforcement problem and the various solutions to the problem currently available to the enterprise.

8:00 p.m. - ??? Door prizes & Personnel Networking. Door prizes include an iPod being given away by Pointsec. Must be present to win.

Driving Instructions

The ISSA Puget Sound December, 2004 general meeting will be held on December 16, 2004 from 5:30 to 8:00 PM at :

Group Health Eastside Hospital 2700 152nd Ave. N.E. Redmond, WA 98052 Room AA13 (located in the basement, next to cafeteria)

ISSA-PS Website

Wednesday, January 05, 2005


"Page Not Available"

Gadgetopia has an article on how some spyware is using an interesting technique to prevent its own removal. Seems that at least one piece of malware is hacking the hosts file to enter dummy addresses for the most popular spyware removal sites, such as Lavasoft or Ad-Aware. This causes all requests to access the sites to go into a black hole. Yet another thing to check when disinfecting a system.

Monday, January 03, 2005


WSA Security SIG January Meeting

The WSA Security SIG has finally released information for their January meeting. Although they normally meet on the first Monday of the month, this will be on a Thursday, January 6.

Flash: Although the information posted on the WSA web site continues to talk about an non-security related topic for the meeting, the information below is more likely to be correct:

"The Revolution in Manufacturing Quality - What can we learn?" Malicious Code: Trends and Techniques

1/6/05, 6:00 p.m. to 8:00 p.m.

Tom Ervin, Lead Information Security Engineer, Federal Bureau of Investigations Cyber Division

Learn from an FBI subject matter expert about the evolving nature of malicious code and what we are likely to see in 2005 based on observed trends. Gain insights about how you and your organization can better protect themselves against these enormously costly outbreaks.

Seattle University, Engineering Building, Room #400. (4th floor, East end of hallway)


Free for WSA Members and employees of member companies, $15 for non-members.

To reserve your seat, go to: (Registration link not available as of mid-afternoon on Monday 1/3. Please check later today.)

Monday, December 27, 2004


Gmail Invites

I have some Gmail account invitations to give away, yada, yada, usual verbiage. The catch is that you have to negotiate the contact icon here successfully.

Sunday, December 19, 2004


January Eastside Weblog Meetup

East side and Seattle Weblog folks meet to eat and greet.

Tuesday, January 4, 2005 at 7:00 PM

Crossroads Mall
15600 NE 8TH Street
Bellevue, WA 98008

The group will meet in front of the Compleat Cook store, north of the stage area.

Wednesday, December 15, 2004


December Seattle Weblog Meetup

When: Weds December 15, 7 pm

Seattle Weblog Meetup

Where: Ralph's Grocery and Deli, 2035 4th Ave in Seattle, across from the Cinerama.

There's food and drink available -- you can even buy a beer and drink it in the deli area where we are. Free WiFi, too!

Special holiday note: bring your white elephants, wrapped or in bags, or just bring yourself! We have new faces every month along with a friendly regular crowd.

You can still attend even if you aren't a member of (but joining is free).

Monday, December 13, 2004


Blog Business Summit

January 24 - 25, 2005 Bell Harbor Conference Center, Seattle

The WSA is pleased to be partnering with Parnassus Ventures in bringing The Blog Business Summit to the Bell Harbor Conference Center January 24-25.

Why should businesses care about blogging, and how can they take advantage of this new way to collaborate and to disseminate their message? While far more complete answers will be revealed at the Summit, businesses should consider the following:

  • Blogs are significantly easier and cheaper to create, update, and maintain than traditional sites.
  • Blogs are consistently positioned much higher than traditional sites in Google and other search engine results.
  • Blogs broadcast RSS feeds, which are read by rapidly growing numbers (in the millions) of users who have moved from the Web browser to newsreaders as their main info portals.
  • Blogs can provide powerful and easy to use content management and workgroup collaboration capabilities for just pennies.
The Blog Business Summit will bring together some of the world’s most knowledgeable, influential, (and most profitable!) bloggers to explain the tools, techniques, and tricks of the trade to succeed in this new medium.

Attendees will learn: What blogging tools offer what relevant features * how, what and when to post to blogs * how to maximize the PR benefits from (and minimize damage from) blogs and bloggers * how blogs can make and save money * how to get your blog widely read and linked to * how to use blogs as for internal communication and collaboration * what pitfalls to avoid

Speakers include: Robert Scoble * Molly Holzschlag * DL Byron * Glenn Fleishmann * Brian Alvey * Steve Broback, and many more.


Friday, December 10, 2004


CISSP Study Group - session 1

From the Calendar of CISSP_PNW

CISSP Study Group - session 1 Sunday December 12, 2004 2:00 pm - 5:00 pm

Event Location: T-Mobile / Factoria

Notes: Please see this posting with detailed agenda, directions, and request for RSVP.

This study group is offered at no charge to all security professionals in the Seattle area. Please share the word with any of your colleagues who are studying for the exam.

For more info, contact, or To visit this group on the web, go to:


ISSA Puget Sound Chapter December Meeting

The December ISSA Puget Sound Chapter meeting will be held on Thursday, December 16 from 5:30 to 8:00 PM at Group Health Eastside Hospital in room AA13 (located in the basement). The meeting agenda and driving instructions are as follows:

Keynote speaker - TippingPoint Darren Rogers, Senior Systems Engineer, TippingPoint Technologies Bruce Bronczyk, Senior Network Administrator, eNom, Inc.

Application Security: Distributed Denial of Service (DDoS) Protection "

Mr. Bronczyk has been battling some very large DDoS SYN Flood attacks on his networks. He tested a number of the leading Intrusion Prevention System (IPS) products to defend his networks and will share with ISSA members what he discovered. Darren Rogers will elaborate on Mr. Bronczyk 's discussion about DDoS application security, using some of TippingPoint's technologies to help discuss how one can adequately defend against such an attack.

Attendees should be sure to attend this meeting hungry and will be able to select items from a B-B-Q dinner catered by Jones Barbecue. We will be giving away two $200 Fryes Gift Certificates, TippingPoint t-shirts and TippingPoint Magic Eight balls.

Driving Instructions

The ISSA Puget Sound December, 2004 general meeting will be held on December 16, 2004 from 5:30 to 8:00 PM at :

Group Health Eastside Hospital 2700 152nd Ave. N.E. Redmond, WA 98052 Room AA13 (located in the basement)

ISSA-PS Website