I attended the last joint TF-CSIRT / FIRST meeting in Riga. One of the most interesting talks was by Wayne Routly from Dante. He talked on Quantitative Cross Comparative Analysis of Tools for Anomaly Detection. He gave some very good information on StealthWatch and Netreflex. If you’re moving Gbs of data then the set of tools you can use to analyze traffic are limited. According to the presentation both tools did quite well though.
FOSDEM, the free and open source developers’european meeting is taking place in Brussels on 23/24 February.
Their schedule is online and shows that there are going to be some interesting talks :
Op Dimva 2007 een heel interessante lezing gevolgd van Bojan Zdrnja. Hij vertelde op’n heel simpele manier hoe hij aan de hand van de queries op DNS-servers het gedrag van botnets (en malware in het algemeen onderzocht).
… later meer …
Powered by ScribeFire.
From Wednesday 11 July until Friday 14 July I’ll attend Dimva 2007, the Fourth GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment in Luzern.
If someone wants to hang out during this conference then feel free to drop me a note. Outside the conference hours I’ll probably be paying for beers at an Irish pub.
Ik ga van 11 juli tot 14 juli naar DIMVA 2007, oftewel het “Fourth GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment“.
Nog iemand die in die periode naar Luzern gaat?
Ik was in Praag voor de gezamelijke conferentie van TF-CSIRT en Trusted Introducer (een initiatief van Terena). Een mens laat zo’n kans niet voorbij gaan om ook nog eens wat van de stad te zien.
De foto’s staan in mijn flickr account.
I’m attending two Terena conferences.
The first one, TF-CSIRT, is in Prague and is focused on CERT’s in Europe. The TNC2007 is more like an obligatory attendence, Copenhagen is nice though 
If you happen to be in Prague or Copenhagen and feel like having a beer, feel free to give me a yell.