Having recovered from his germ attack, Mark Steffen will give us a talk on OSSIM, an open source SIEM (Security Information and Event Management) system. Mark says that this system is appropriate for small organizations or paranoid home users. He will cover the following topics:
- Traffic analysis (Suricata), including OSSIM's limitations in this area.
- The OSSEC HIDS agent, which looks for bad behaviour and reports back to OSSIM for logging.
- OSSIM alerts and tickets
- Open Threat Exchange
- SIEM correlation engine
- OpenVAS vulnerability scanner (Nessus)
Jason Eckert will revisit his KW Linuxfest talk with a brief history of Linux and open source. It promises to be a fun and interesting talk about where the Linux operating system came from, why it succeeded, and how Open Source has shaped technology today and how it will continue to do so in the future.