SecurityBSides in San Francisco on March 2nd and 3rd held at Parisoma was an experience that those in attendance will not soon forget. This is not for the reasons of Andrew Hay’s opening slide with his pink dress, but for a community of security professionals sharing and collaborating in a fresh new way from the vendor is king conference that was across town. What makes this conference so very different is the interaction at a granular level that the attendees can have with the speakers and sponsors. Not only are the actual talks much more interactive, but the sponsors who are in attendance can actually interface with the attendees and understand their needs as well as have the opportunity to convey their message in a conversation, not an expo-floor 5 minute pitch.

Some of the talks that were covered over the 2 days of the event are listed here.

Media coverage of SecurityBSides here.

Thank you to the vendors & volunteers that made this event possible!

Upcoming SecurityBSides Events:

March 13, 2010 - BSidesAustin – “Keep Security Weird” – Coinciding with SxSW Interactive

April 24-25, 2010 - BSidesBoston – weekend after SOURCE Boston.

July 29-30, 2010 - BSidesLasVegas – coinciding with Black Hat / Defcon

Here are some highlights from SecurityBSides San Francisco acquired using the ancient art of screen capture from the Flickr streams of Jack Daniel and Vissago.

After the ceremonious un-boxing of the Sourcefire 3D-1000 IPS in my bedroom (hey, it’s saturday morning, give me a break!) I did what any good techie would do, discard the fine-print manuals for the big shinny slick ‘Quick Start Guide’. In this lovely document everything seemed pretty rudimentary all except one section.

Safety and Regulatory Compliance: The 3D sensor should be installed and maintained by a qualified personnel only. Hmmm, I’ve been doing this stuff for some time now, but how qualified am I? I guess we were about to see.

After quickly running through the setup instructions on my secondary ethernet connection, adding the license file, and setting up the management port on my DMZ range (not necessarily in that order), I was set to put in in-line  in passive and start watching some data flow. REALLY? Wait, this only took me a few minutes to get to this point, why was this so simple? Should I be concerned. Not at all, Bravo to the folks at Sourcefire for compiling and producing a hardware IPS that is so straight forward! I was able to get this fully functional in passive mode with default settings reconfigured in less then 5 minutes. Bravo!

Equipment Used:

• Cisco PIX 515E Firewall
• Cisco 2800 Router
• Private T1 Internet Circuit
• Sourcefire 3D-1000 IPS