|
 |
MONTHLY MEETING TOPIC AND SPEAKERS
(Meeting Date: August 21, 2008)
|
New Venue, New Start Time, More CPE’s, and 2 GREAT Speakers!
Kaminsky’s DNS Security Flaw: Two DNS heavyweights discuss what this means for you
|
New Start Time!
Registration and Networking: 5:00 p.m.
Event Start Time: 5:30 p.m.
Dinner and possible Q&A session: 7:35 p.m.
|
New Venue!
The Biltmore Hotel & Suites, Santa Clara
2151 Laurelwood Road, Santa Clara, CA 95054.
Tel: (408) 988-411
|
Same Low Price! As always, $25 buys you cutting-edge knowledge, a full dinner, CPE’s, and a chance to network. (Those of you looking to hire talent, or looking for a new position, will be given a moment to stand up and describe what you are looking for at the meeting.)
|
More CPE’s! Two CPE’s. If there are interested attendees, we may continue with a Q&A / Demo session at dinner – which will result in a third CPE.
|
Registration http://www.isaca-sv.org/MonthlyMeeting_registration.html
|
Meeting Details http://www.isaca-sv.org/meetings.html
|
|
All of us have been affected one way or another from the recent discovery of a fundamental flaw in DNS that could be traced back to the original 1983 specification. A behind-the-scenes, industry-wide scrambling to address the bug has been occurring over the last few months. The details of the discovery were only fully publicly announced at this year's Black Hat Conference in early August. Depending upon the completion and success of the patching of the DNS servers upon which you rely, there is a real worry that your typing a known URL like www.isaca-sv.org into your browser could instead be commandeered by an attacker to send you to a completely different IP address hosting a hostile website. Many of you received an e-mail from ISACA Distance Learning, titled, “Special ISACA webinar-Important DNS Security Updates”, which discussed this flaw. Our August monthly meeting is a great opportunity to understand the residual risks and further enrich your knowledge on this topic.
Leading Internet Security expert Paul Vixie was the first person Dan Kaminsky called when he discovered the flaw, and was actively involved in the vendor response. When ISACA Distance Learning organizers needed a DNS authority and co-speaker for the special webinar they pulled together last week to discuss the flaw, they invited Cricket Liu. ISACA-Silicon Valley members will have the privilege of learning from both these heavy-weights at our upcoming monthly meeting on Thursday, August 21, 2008.
|
Speaker Profiles:
|
 Mr. Paul Vixie has been contributing to Internet protocols and UNIX systems as a protocol designer and software architect since 1980. Paul is considered the primary modern author and technical architect of BINDv8, the Berkeley Internet Name Daemon Version 8, the open source reference implementation of the Domain Name System (DNS). Paul founded ISC in 1994, and remains its President. In 1995, Paul co-founded PAIX (Palo Alto Internet Exchange), which was sold to AboveNet in 1999, who in turn named Paul its Chief Technology Officer in 2000, and then President of the PAIX subsidiary in 2001. Paul also co-founded MAPS (Mail Abuse Prevention System), a California nonprofit company established in 1998 with the goal of stopping the Internet's email system from being abused by spammers. Paul co-wrote "Sendmail: Theory and Practice" (Digital Press, 1995), and has authored or co-authored more than a dozen RFCs, mostly on DNS and related topics. He is a member of ICANN RSSAC and ICANN DNSSAC, ARIN and a frequent participant in IETF and NANOG. Paul holds the record for "most CERT advisories due to a single author" which came primarily from his years hacking on BIND4 and BIND8.
|
 Mr. Cricket Liu is the Vice President of Architecture at Infoblox, and is an authority on the Domain Name System and the co-author of all of O'Reilly & Associates' Nutshell Handbooks on DNS, including the classic DNS and BIND. Cricket helps guide the development of Infoblox's product strategy and service offerings, and serves as a liaison between Infoblox and the technical community. He worked for Hewlett-Packard for nearly ten years, where he ran hp.com, one of the largest corporate domains in the world, and helped found HP's Internet consulting business. Cricket later co-founded his own Internet consulting and training company, Acme Byte & Wire. After Network Solutions acquired Acme Byte & Wire, Cricket became Director of DNS Product Management.
|
For additional information go to: www.isaca-sv.org
|
|
|
