security.itworld.com

Special: Make the most of your VPN. FREE webcast explains how.




<A HREF="http://ad.doubleclick.net/jump/ITW.Security/;abr=!ie;pos=line;sz=500x35;tile=12; ord=11142003114100" <IMG SRC="http://ad.doubleclick.net/ad/ITW.Security/;abr=!ie;pos=line;sz=500x35;tile=12; ord=11142003114100" border=0 height="35" width="500"></A>

Brent Huston

Security guide

bhuston@microsolved.com

Brent Huston is President, CEO and founder of MicroSolved, Inc., an information security company, based in Columbus, OH. He and his team perform system and network security-consulting services for Fortune 500 companies and all levels of government facilities. Brent has over a decade of experience in the security field, and is well versed in the use, and implementation of major security tools and products.

Brent developed "Passys", an open source passive intrusion detection system for Unix and has also identified previously unknown security vulnerabilities in Ascom Timeplex routers, Windows NT and Linux operating systems. He served as principle engineer for V-One Corp., a leading provider of enterprise class virtual private network (VPN) software, and has overseen the security product initiatives for various security and Unix vendors.

Brent is an accomplished author and speaker. He writes a weekly column on information security for ITworld.com, and co-authored "Hack Proofing Your E-Commerce Site" from Syngress Publishing, Inc. Other speaking engagements include various public appearances on television, media and before security and financial services organizations. Brent has also contributed to the Health Insurance Portability and Accountability Act (HIPAA) legislation.

Most recently, Brent finished an engagement with the Office of Independent Oversight and Performance Assurance in Columbus, Ohio where he was responsible for designing and implementing a state-of-the-art cyber-security testing and research lab. In addition, several Department of Energy national laboratories have utilized his expertise to perform network penetration and detection services. Brent is also the recipient of the U.S. Secretary of Energy Gold Award for Exemplary Performance for his efforts.

More links selected by the Security guide


	Justify my lab Network Computing, Feature
	Attack lab design and security mini how-to Geekspeed.net, Resource
	Steganography and digital watermarking tools Johnson and Johnson Technical Consultants, Resource
	Counter-hackers: Saviors or vigilantes? About.com, Feature
	Competitive intelligence and spying can overlap Associated Press, Feature
	Articles and papers related to active defense University of Washington, Resource
	Server may become crucial virus defense Ft. Worth Star Telegram, Feature
	Recent outbreaks show evolution of virus writers Washington Post, Feature
	P2P file sharing: Ethics and the law About.com, Resource
	Physical security audit checklist KnowledgeLeader, Resource
	Health group boosts mail security Federal Computer Week, Feature
	DefCon forum DefCon.org, News
	Demonstrating ROI for penetration testing SecurityFocus, Feature
	Internet worms change form, threaten greater havoc Reuters, News
	Hacking contest promotes security Cnet, News
	Hand-held devices easy to hack Reuters, News
	Internet threat looms as thousands of hackers meet Yahoo News, News
	Full disclosure debate bibliography Paul Clark, Resource
	Panel defends flaw disclosure guidelines ZDNet, Feature
	Sarbanes-Oxley: Non-compliance could mean jail time, so choose your vendors wisely ZDNet, Feature
	InstallShield accuses Wise of corporate espionage SearchWin2000.com, Feature
	Despite IT efforts, corporate P2P use rampant Datamation, News
	Assessing Internet security risk SecurityFocus, Feature
	Securing e-mail security.itworld.com, Resource
	Who are the hackers? Nicekids.net, Feature
	Five tips for effective patch management McAfee Security, Tip
	Due diligence gets its due Bank Systems and Technology, Feature
	Time for a P2P file sharing policy ZDNet, Feature
	Using firewalls to detect and block Web server attacks Spirit.com, Feature
	Andy Hertzfeld on secure e-mail Cryptonomicon.net, Weblog
	Filtering research Paulgraham.com, Resource
	Filtering junk mail: A performance comparison between genetic programming and naive Bayes University of Waterloo, Research
	Yesterday's hardware helps solve today's security problems MicroSolved, Inc., Newsletter
	Spoofing the war drivers IBM developerWorks, Feature
	War driving: Who's browsing your wireless network? searchNetworking.com, Feature
	802.11 security and war driving WarDrive.net, Resource
	WarChalking.org WarChalking.org, Resource
	WarDriving.com WarDriving.com, Resource
	Extending the life cycle of your hardware Linux HOWTO, Resource
	Fight relay spam the honeypot way Homestead.com, Tutorial
	NetBSD/i386 firewall project Dubbele.com, Tutorial
	The future of 68k Macs and Amigas - with OpenBSD OpenBSD Journal, Forum
	Using open source to create a cohesive firewall/IDS system SANS Institute, Tutorial
	Building firewalls with iptables EarthWeb, Tutorial
	Sendmail filter attacks spam East Bay Business Journal, Product information
	A guide to war driving and detecting war driving SANS Institute, Research
	Patch work gets harder eWeek, Feature
	How to select a personal firewall MicroSolved, Inc., Feature
	Malware myths and misinformation: Attachments, AV software, and firewalls SecurityFocus, Feature
	Firewall feedback Information Week, Feature
	Windows freeware and commercial personal firewalls for SOHO, small office, and home Is-it-true.org, Resource
	Have DSL and firewalls, will telecommute Information Week, Feature
	Securing all clients Computerworld Australia, Feature
	Are 'personal firewalls' mostly snake oil? SamSpade.org, Opinion
	Personal firewalls: What they do and what they don't do Word to the Wise, Feature
	A call for better intrusion detection MicroSolved, Inc., Feature
	Fielding a 'prevent' defense Federal Computer Week, Feature
	Security wars: Can intrusion detection even the score? Earthweb, Feature
	What isn't intrusion prevention? Information Security, Opinion
	Denial of service attacks and the emergence of intrusion prevention systems SANS Institute, Research
	Realistic expectations for intrusion detection systems SecurityFocus, Feature
	Protecting the SQL Server MicroSolved, Inc., Feature
	Using ROI to make smart decisions MicroSolved, Inc., Feature
	Dos and don'ts: Smoothing out patch-management woes searchEnterpriseLinux.com, Tip
	GroupShield for Exchange ROI calculator McAfee Security, Resource
	The TCO proposition: Hardware vs. software approaches for firewalls and VPNs TeleChoice, Research
	Security cost/analysis worksheet CaDan, Resource
	Security firms tout savings, not safety ZDNet, Feature
	Quantifying ROI a hefty challenge for IT searchSecurity.com, Product information
	Protect your data by hiring the right penetration test vendor TechRepublic, Feature
	Industry maps out security blueprint for business ZDNet, Feature
	Social engineering - for the good guys SANS Institute, Feature
	Security: Outta site SC Magazine, Feature
	Dos and don'ts: Policing user security policies SearchWindowsManageability, Tip
	Employers must educate staff about security policies SearchSecurity.com, Feature
	Firewall + firewall policy = improved security Net-security.org, Tip
	SANS Institute security policy project SANS Institute, Resource
	Legal eagles introduce evidence of security policies' worth SearchSecurity.com, Feature
	Risk profiling Windows Security, Feature
	Fighting the enemy within: Security policies combat social engineering ZDNet, Feature
	Why security policies fail Control Data, Research
	Securing the enterprise: Trust no one? Animato, Feature
	Privacy worries plague e-biz Smallbusinesscomputing.com, Feature
	Electronic Privacy Information Center Epic.org, Resource
	Developing privacy and security policies The eCom Research Center, Resource
	The rules for writing a privacy policy Business 2.0, Feature
	Web site privacy policies: A checklist for corporate management Bodman, Longley & Dahling LLP, Feature
	Guide to online privacy Center for Democracy and Technology, Feature
	Dealing with the Gramm-Leach-Bliley Act State of Massachusetts, Resource
	Privacy policy basics from American Express American Express Merchant Services, Feature
	IBM releases Tivoli Privacy Wizard to help standardize policies Serverworld, Product information
	The feds may enforce your privacy policy MSI, Feature
	Former DoubleClick exec named U.S. privacy czar Slashdot, Forum
	Worst practices in customer privacy management Gartner, Feature
	eBay modifies privacy policy with Toysmart in mind News Factor, Feature
	Creating a privacy policy Internet Tips, Tutorial
	Latest worms - the antivirus resource Virusall.com, Feature
	Virus Bulletin Virus Bulletin Ltd., Tip
	A real-time worm watcher WormWatch.org, Resource
	Ethical worms: A bad idea SearchSecurity.com, Opinion
	Handling the next worm outbreak MicroSolved, Inc., Feature
	Planning physical security strategies ZDNet, Feature
	Steganography revealed SecurityFocus, Feature
	Q1 suffers major increase in worms, attacks eSecurity Planet, News
	Build your own security lab on a shoestring budget SANS Institute, Research
	Weekend Internet attack exposes flaws in security preparation Access Control and Security Systems, Feature
	Analysis of the Sapphire worm Caida.org, Research
	Use a sandbox to catch worms and viruses WindowsSecurity.com, Feature
	Fighting the spam monster - and winning Information Week, Feature
	Fortifying your firewall Network Magazine, Feature
	Did IDSs detect the SQL worm? Insecure.org, Forum
	Gramm-Leach-Bliley Act FAQ Amis Group, LLC, Feature
	Privacy research: Gramm-Leach-Bliley Act Compliance Headquarters, Feature
	HIPAA fact sheet: National standards for transactions, security and privacy United States Department of Health and Human Services, Resource
	The Gramm-Leach-Bliley Act vs. best practices in network security SANS Institute, Feature
	Privacy law experts for hire Federal Computer Week, Feature
	Microsoft says service packs do not violate privacy laws SearchWin2000.com, News
	A clearinghouse of HIPAA-related links HIPAA Gives.org, Resource
	HIPAA: Building an action plan SearchSecurity.com, Tutorial
	Instant messaging and HIPAA Instant Messaging Planet.com, Feature
	Electronic transactions and code sets compliance checklist Massachusetts Medical Society Online, Feature
	Getting ready for HIPAA Massachusetts Medical Society Online, Feature
	HIPAA is around the corner: April 14 deadline Massachusetts Medical Society Online, Feature
	Egress filtering: Fencing in the bad guys Earthweb, Feature
	Google: Net hacker tool du jour Wired, Feature
	Securely connecting your system to the Internet: A primer SANS Institute, Research
	Fighting words Information Week, Feature
	Defense in depth for DNS SANS Institute, Research
	Egress filtering for a healthier Internet Hacking Linux Exposed, Feature
	Bayesian nets, latent semantics, despamming, and other speculations Due Diligence, Feature
	Expert weighs code release after Slammer IDG News Service, Feature
	Use watermarking to fight site mirroring security.itworld.com, Newsletter
	Spy games: International espionage is hitting the high-tech world ABC News, Feature
	Strikeback: Why I should have the right to kill a malicious process on your machine SecurityFocus, Opinion
	Keeping ahead of DNS attacks ZDNet, Feature
	Security training: A call to arms searchNetworking.com, Feature
	How to avoid domain pain VNUNet, Interview
	A multilevel defense against social engineering SANS Institute, Research
	The thin grey line Cnet, Feature
	Ask these questions before you hire a hacker Cnet, Feature
	You can't outsource liability for security Information Week, Feature
	Employee hardening with social re-engineering GIAC.org, Research
	The changing face of security penetration testing SC Infosec News, Feature
	Hackers, software companies feud over disclosure of weaknesses Seattle Times, Feature
	Protect yourself from physical intrusion SANS Institute, Research

Sponsored links
	HP Wireless Solutions for business. Proven technology. Superior service.
	How do you maximize return on your IT investments? Learn more now.
	Setting the pace of PC technology. HP Compaq Desktops, starting at $367.
	By networking your storage, you can reduce costs, protect your information--and simplify management.
	SMBs: Specialized News, Webcasts, white papers, and newsletters. Go NOW!
	Achieve Maximum Effectiveness and Productivity for Remote Workers
	Organizations need adaptable, intelligent networks to meet the need for security, mobility and converged voice, video, and data.
	The latest advancements in secure remote access right at your fingertips.
	Find the Right Balance Between Useful Wireless Networks and Security


	www.itworld.com security.itworld.com smallbusiness.itworld.com storage.itworld.com utilitycomputing.itworld.com wireless.itworld.com
	About Us Privacy Policy Terms of Service Webcast & Marketing Solutions Copyright © 2003 Accela Communications, Inc. All rights reserved