Schedule for FIRST 97 Workshop
This is the Schedule for the
9th Annual FIRST Workshop, Conference, and General Meeting 1997.
If your browser does support tables, then you might want to read
the same program with tables.
Sunday, June 22, 1997
- 18:00 --- 20:00 On-Site Registration
-
- 18:00 --- 20:00 Icebreaker and Early Arrival Get-Together
-
Monday, June 23, 1997
- 08:00 --- On-Site Registration
-
- 09:00 --- 17:30 Establishing an Incident Response Team
(full day tutorial)
-
Instructors:
- Sandy Sparks (CIAC)
- Kathy Fithen (CERT-CC)
- Marianne Swanson (NIST)
- Pat Zechman (SAIC)
- 10:30 --- 11:00 Refreshment Break
-
- 12:30 --- 14:00 Lunch Break
-
- 14:00 --- 17:00 International Internet Law Developments circa
June 1997: If You Can See It, You Can Sue It
-
Instructor: William J. Cook (Brinks Hofer Gilson & Lione,
Intellectual Property Attorneys)
- 15:30 --- 16:00 Refreshment Break
-
- 18:00 --- 19:00 Civic Reception (provisional)
-
Tuesday, June 24, 1997
- 08:00 --- On-Site Registration
-
- 09:00 --- 09:30 Welcoming Remarks
-
- 09:30 --- 10:30 Keynote Address: John Austen
-
Managing Director, Computer Crime Ltd. and lecturer in Information
Security, Royal Holloway College, University of London. Previously
Head of Computer Crime, New Scotland Yard (1984-1996) and Chairman
Interpol Computer Crime Committee (1990 - 1996)
- 10:30 --- 11:00 Refreshment Break
-
- 11:00 --- 12:30 FIRST Team Update Presentations
-
Coordinator: Klaus-Peter Kossakowski (DFN-NSCC)
- 12:30 --- 14:00 Lunch Break
-
- 14:00 --- 15:30 Incident Characterization
-
Session Chair: Brian Dunphy (ASSIST)
- The Evolution and Mutation of Hacks/Incidents
- Author:
John Pescatore (Trusted Information Systems)
- Characterizing Intruder(s) Methods of Operation
- Author:
Steve Romig (Ohio State University)
- Why Are Some Incidents Never Solved?
- Author:
Wolfgang Ley (DFN-CERT)
- 15:30 --- 16:00 Refreshment Break
-
- 16:00 --- 17:30 Report of the Task Force on the Future of FIRST,
Presentation and Discussion
-
Moderator: Moira West-Brown (CERT-CC)
- 19:00 --- 21:00 BoF (Birds of a Feather) Sessions
-
Coordinator: Wolfgang Ley (DFN-CERT)
Wednesday, June 25, 1997
- 08:00 --- On-Site Registration
-
- 09:00 --- 10:30 Tools (1) - Incident Response
-
Session Chair: Roger Safian (Northwestern University)
- The Design and Creation of a UNIX Based Automated Incident
Response System
- Authors:
- Dr. Eric A. Fisch (Trident Data Systems)
- Udo Pooch (Texas A&M University)
- Greg White (USAF Academy)
- Intruder Containment - An Automated Method of Response to
Potential Security Incidents
- Authors:
- Paul C Brutch (Texas A&M University)
- Willis Marti (Texas A&M University)
- Udo Pooch (Texas A&M University)
- Dhiraj Pradhan (Texas A&M University)
- Greg White (USAF Academy)
- Incident and Request Handling System (IRHS)
- Author:
John Fisher (CIAC)
- 10:30 --- 11:00 Refreshment Break
-
- 11:00 --- 12:30 Response Team Operations
-
Session Chair: Paul Mauvais (CIAC)
- Third Party Network Audit Experiences
- Authors:
- Michel Miqueu (CNES)
- Serge Tapia (Alcatel TITN Answare)
- Public Key Infrastructures
- Author:
Wolfgang Ley (DFN-CERT)
- Coordinating Multi-Vendor Vulnerabilities - Why is it so
difficult?
- Author: Eric Halil (AUSCERT)
- 12:30 --- 14:00 Lunch Break
-
- 14:00 --- 15:30 Opening The Vendor Black Box
-
Coordinator: Miguel J. Sanchez (SGI)
- 15:30 --- 16:00 Refreshment Break
-
- 16:00 --- 17:30 FIRST PGP Key-Signing Session
-
Coordinator: Wolfgang Ley (DFN-CERT)
- 19:30 --- 22:00 Conference Banquet
-
Thursday, June 26, 1997
- 08:00 --- On-Site Registration
-
- 09:00 --- 10:30 Information Sharing Amongst Incident Response Teams
-
Coordinator: Dr. Eric A. Fisch (Trident Data Systems)
- 10:30 --- 11:00 Refreshment Break
-
- 11:00 --- 12:30 Public Communications in the World of Incident
Response
-
Presentors:
- Terry McGillen (CERT-CC)
- Katherine Fithen (CERT-CC)
- 12:30 --- 14:00 Lunch Break
-
- 14:00 --- 17:30 FIRST General Meeting
-
The general meeting agenda will be e-mailed to the FIRST Teams
prior to the conference.
Attendance and participation at the FIRST Steering
Committee and General Meetings is limited to FIRST team members
and their invited guests.
- 15:30 --- 16:00 Refreshment Break
-
Friday, June 27, 1997
- 09:00 --- 10:30 Tools (2) - Incident Monitoring and Management
-
Session Chair: Eric Halil (AUSCERT)
- Hey, Who Took My Keyboard?
- Author:
Steven Branigan (Lucent Technologies)
- Review - A Tool for Reviewing Tcpdump Packet Logs
- Author:
Steve Romig (Ohio State University)
- 10:30 --- 11:00 Refreshment Break
-
- 11:00 --- 12:30 Response Team Management
-
Session Chair: Thomas Lenggenhaser (SWITCH-CERT)
- Incident Control via Incident Prevention
- Author:
Dr. Eric A. Fisch (Trident Data Systems)
- From Incident Response to Incident Management
- Author:
Klaus-Peter Kossakowski (DFN-NSCC)
- An Institutional Approach to Incident Response Team Staff
Education & Certification
- Author:
Asst. Prof. Ahmet Koltuksuz (Izmir Institute of Technology)
- 12:30 --- 14:00 Lunch Break
-
- 14:00 --- 15:30 Closing Session
-