####################
Topics
####################

Intro
NEbraskaCERT February CSF
One Security Group: Nebraska HTCIA
One Security Tool: Knoppix 6.0
One Security Website: Sans Internet Storm Center
One Book Review: 19 Deadly Sins of Software Security
One Quick Question & Answer: "What is AHS?"
End Of Line

####################
Intro
####################

This is the Fifth of our Monthly newsletters from NEbraskaCERT.
We missed January's Newsletter so we're making sure to get the February
one out a little early :-)

####################
NEbraskaCERT February CSF
####################

NEbraskaCERT will be holding our February CSF on the 18th at the
Bellevue Lifelong Learning Center from 7:30am to 9:00am.  We're
still finalizing the speaker, so that info will be in the CSF
announcement going out next week.

For more information please hit our website at 
http://www.NEbraskacert.org/CSF or better yet sign up for
our CSF announce list at 
mailto: csf-announce-subscribe@nebraskacert.org

####################
One Security Group - Nebraska HTCIA
####################

The International High Technology Crime Investigation Association 
(HTCIA) has a Nebraska chapter.  HTCIA is mostly concerned with 
investigation and security technologies such as Forensics and
other issues such as evidence handling.

Matt Churchill from Nebraska HTCIA did a presentation on Computer
Forensics for NEbraskaCERT in November.

Website: http://nehtcia.org/

Next Meeting: http://nehtcia.org/2009/01/nebraska-htcia-meetings.html
	Nebraska HTCIA's next meeting is February 25, 2009 @ 10:30 a.m.
	at the La Vista Police Department Community Conference Room
	Room 7701 S 96th St. (Just north of 96th/Giles Rd).

####################
One Security Tool: Knoppix 6.0
####################

Knoppix was one of the first Live CDs that really showed what the 
live CDs could do.  It was also the platform for a lot of the Security
bootable CD-roms toolkits for several years.  Other the last couple 
of years Knoppix releases have slowed down and a lot of the 
security Live CDs have moved to Ubuntu or Slackware as a base.  

There are some really big changes in this new release such as 
much faster booting, along with an upgrade to the next version 
of Debian Linux/Sid.

Due to space constraints some of the old Security/Network Tools have 
been removed from this release.  I'm sure someone will remaster this
version and put the security tools back in place.

Website: http://www.knoppix.com/

####################
One Security Website: Sans Internet Storm Center
####################

I hadn't read this website in a while, I have a problem with any 
site that tries to classify the Internet Threat Level.  I came 
across a link to this page "How to Suck at Information Security"

http://isc.sans.org/diary.html?storyid=5644 

while reading another site.  This one page is a pretty accurate 
summation of a lot of the problems I run into at companies.  
I was  actually fighting with the "Expect SSL to address all 
security problems with your web application." in meetings last week.

Website: http://isc.sans.org/

####################
One Book Review - 19 Deadly Sins of Software Security
####################

I just bought this book three weeks ago and am finishing it up right
now.  It goes from the basics of buffer overflows into some areas
that don't get a lot of thought such as poor usability and correctly
implementing all the parts of SSL including Certificate Revocation
Lists.

One problem with the box is that is pretty short less than 300 pages
so some of the sins get more information than others.

One thing I did like is the sins have a section about spotting the
sin during code reviews which is a plus.

If you're a developer or manage developers I would say it should be
on your bookshelf, right next to Code Complete.

Title:		19 Deadly Sins of Software Security
Author:		Michael Howard, David LeBlanc and John Viega
ISBN:		0072260858
Year Published:	2005

####################
One Quick Question & Answer: "What is AHS?"
####################

This month's question is "What is AHS?"

AHS the Advanced Hash Standard is NIST's new program to replace
the current SHA-1 hashing algorithm with a new collision resistant
algorithm.  With Rainbow tables and the discovery of potential
collisions in current hashing algorithms this is an important field
of research.

It is laid out in a similar fashion to the AES contest
from several years ago.  Whatever algorithm wins will become the
new standard for the Digital Signature Standard and will probably
become the replacement for a variety of other hashing standards
such as MD-5/SHA-1/SHA-512/Whirlpool/Tiger and so on.  It will
be several years before the winner is announced.

AHS is still open for public comment the first round of algorithms
has been announced and are available for public inspection.

For more information hit the NIST website

http://csrc.nist.gov/groups/ST/hash/index.html

####################
End Of Line
####################

This is it for the fifth newsletter.  If you have any 
feedback/questions please let me know at 
aaron.grothe < at > nebraskacert.org or ajgrothe@gmail.com.

If anyone has any corrections to the newsletter please let 
me know and I'll include them in the next newsletter.

Regards,

Aaron
0-0-0
NEbraskaCERT
www.nebraskacert.org