NYLUG will meet Wednesday 19 November 2003 in the IBM building at 57th Street
and Madison Avenue on the Island of the Manahattoes.
You must register in advance to attend, or have registered for an earlier
NYLUG meeting in the IBM building. Particulars below in official
announcement.
After the formal meeting tribesfolk will gather to eat and drink together.
For full and exact information see the Official NYLUG Announcement below.
Jay Sulzberger <secretary@lxny.org>
Corresponding Secretary LXNY
LXNY is New York's Free Computing Organization.
http://www.lxny.org
<blockquote
from="official NYLUG announcement"
edits="zero">
---------- Forwarded message ----------
Date: Mon, 17 Nov 2003 10:30:00 -0500 (EST)
From: John Bacalle <jbacalle@nylug.org>
Reply-To: Announcements for NYLUG <nylug-announce@mail.nylug.org>
To: NYLUG Announcements <nylug-announce@nylug.org>
Subject: [nylug-announce] NY Linux Users Grp. 19 November Meeting:
Hank'ering for Something Better, or, Snort Blows
November 19th, 2003
Wednesday
6:30pm-8:00pm
IBM Headquarters Building
590 Madison Avenue at 57th Street
9th Floor, home to the IBM Linux Center of Competency
** RSVP Instructions **
Unless you have already rsvp'ed for a prior meeting, everyone
should RSVP to attend. http://rsvp.nylug.org
Check in with photo ID at the lobby for badge and room number.
Todd Lewis (Hank Project)
-on-
Hank'ering for Something Better, or, Snort Blows
While struggling to make Snort (the free software NIDS, Network
Intrusion Detection System) bend to his will Todd Lewis decided to
build a better mousetrap---and we might be the better off for it. So
began work on Hank, an acronym for Hank Acts on Network Kaptures. A
userland networking tool, a shape shifter of sorts, it can be a packet
analyzer, a packet filter, to wit a TCPdump, IPTables, Snort stand-in
yet so much more. Hank is planned, coded to be much more than those
individual pieces, the whole greater than the sum of the previous'
chores.
Todd proclaims jettisoning the Unix golden rule, one tool one purpose,
in Hank's case is well worth the results.
Released under the GNU GPL, Hank is a modular userland tool useful in
examining network traffic and taking an according action. It is useful
in bridging the gap between NIDS and firewalls. Hank can be used as a
network intrusion detection system (NIDS), like Snort, as a network
analysis tool like TCPdump or Ethereal, or as a packet filter,
firewall. Hank is designed to be easily extensible to new protocols
requiring handling on the job, or as they are invented. User base needs
and follow-up are important to Todd as Hank is a direct result of
unresponsive feedback from the segment market leader. Important as well
for, courting continuing development and critique is desired.
Todd will relay his frustrations^Wexperiences with Snort, he will
expound on what drove him to try something new, on how far he has come,
on what insights he has intuited, and the revelations he has divined.
Plus what he considers his successes and failures along the way. This
presentation should be interesting for folks wondering, precisely where
does free software come from? Perhaps individuals who have thought
about starting their own free software project, or anyone who enjoys
hearing people make fun of other people's "crappy code" (ahem,
"Snort!"). Heckling is expected and welcome.
This announcement has been brought to you by the letters P, C and T.
And the number 1---that's you baby, you're number one. Happy
Thanksgiving! rangers. See you at the meeting.
For More Information Visit:
* Hank (Hank Acts on Network Kaptures)
http://hank.sourceforge.net/
* Snort Network Intrusion Detection System
http://www.snort.org/
* TCPdump Packet Analyzer
http://www.tcpdump.org/
* IPTables/Netfilter Packet Filter, Mangler
http://www.netfilter.org/
* Usenet Discussion
http://groups.google.com/groups?hl=e...oogle+Searc h
About Todd Lewis:
Todd Lewis has been working with Linux systems for nearly a decade.
Starting at the College of Wooster (Ohio), working nights sysadmining
an ISP in Alabama remotely, Todd used Linux 1.3.20's Appletalk support
to have his $500, 40 MHz, AMD 386 replace a $3,000 Macintosh server in
file storage duties at the student newspaper, which he edited. It has
been only constant improvement ever since! After a four-year stint at
MindSpring, where he ran the world's second-largest Web farm and
fourth-largest email system, Todd went to SecureWorks, where he
convinced company upper-management into a Linux-based free software
strategy based on Snort. While there Todd reprogrammed Snort to use the
Linux kernel's then new netfilter infrastructure to be the world's
first userspace packet filter firewall/NIDS. This work motivated him to
try to build Hank. After taking a few years off to pursue education and
entrepreneurship, Todd presently lives and works in lower Manhattan.
Free Stuff!
Swag of undetermined value and quantity may be distributed on a
first-come, first-served basis. Arrive early for the best selection.
Keysignings
GPG cryptography. Immediately after the presentation and continuing
at Stammtisch we will be gathering for a keysigning. For those who
already have keys, please remember to bring paper printouts of your
40-character key fingerprint, as per the instructions in our howto
docs. If you haven't created a key yet, and for keysigning details,
our howto docs are a must read. http://www.nylug.org/keys
Stammtisch
After the meeting ... Join us around 8:30pm or so at TGI Friday's,
located at 677 Lexington Avenue and 56th Street, second floor.
Northeast corner.
Please see our home page at http://www.nylug.org for the HTMLized
version of this announcement, our archives, and a lot of other good
stuff.
Monthly Reminder!
Please read the NYLUG-Talk Posting Guidelines at:
http://www.nylug.org/mlistguide/
__________________________________________________ ______________________
November 2003 - The New York Linux Users Group, NYLUG.org
_______________________________________________
nylug-announce mailing list
nylug-announce@mail.nylug.org
http://www.nylug.org/mailman/listinfo/nylug-announce
</blockquote>
