September 2012 Meeting Details

The meeting of the “Indian Libre User Group” was successfully held on September 23rd 2012

Date: 23-09-2012

Time: 2:00pm – 5.30pm
Venue: Internet Club, IInd Floor,
AMI Trust Building,Broadway Enclave,
Broadway, Ernakulam

2.30pm – 2.45pm

Customary Self Introduction.
People shared their experience with Free Software

2.45pm – 4.30pm – Session by JayJacob

In computer security, Nessus is a proprietary comprehensive vulnerability scanning program. It is free of charge for personal use in a non-enterprise environment. Its goal is to detect potential vulnerabilities on the tested systems.
According to surveys done by sectools.org, Nessus is the world’s most popular vulnerability scanner, taking first place in the 2000, 2003, and 2006 security tools survey.Tenable estimates that it is used by over 75,000 organizations worldwide.

Nessus allows scans for the following types of vulnerabilities:

1. Vulnerabilities that allow a remote cracker to control or access sensitive data on a system.
2. Misconfiguration (e.g. open mail relay, missing patches, etc.).
3. Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack.
4. Denials of service against the TCP/IP stack by using mangled packets.
5. Preparation for PCI DSS audits

Tenable Network Security produces several dozen new vulnerability checks (called plugins) each week, usually on a daily basis. These checks are available for free to the general public; commercial customers are not allowed to use this Home Feed any more. The Professional Feed (which is not free) also give access to support and additional scripts (audit and compliance tests).

Nessus provides additional functionality beyond testing for known network vulnerabilities. For instance, it can use Windows credentials to examine patch levels on computers running the Windows operating system, and can perform password auditing using dictionary and brute force methods. Nessus 3 and later can also audit systems to make sure they have been configured per a specific policy, such as the NSA’s guide for hardening Windows servers.

4.30pm – 4.45pm

Tea break

Concluding Session

People were requested to handle small technical discussions for the next meeting.

Thanks to all the attendees for coming and they are requested to put their feedback on the mailing list so that we can improve future meetings

The next user meet is on 28th October 2012

ILUG-Cochin Meeting on 23rd September 2012

Warm Greetings To The Free Software Community

Indian Libre User Group is spreading Free Software awareness in society through its regular monthly meetings ( 4th Sunday of every month ),conducted since 1997. ILUG Cochin (www.ilug-cochin.org) is holding its regular meeting for this month on Sunday, 23rd September 2012.

The Details are as follows

Date : 23/09/2012, 23rd September, Sunday

Time : 2pm – 5:30pm

Venue : Internet Club
IInd Floor, AMI Trust Bldg,
Broadway Enclave,Broadway,
Kochi-682031
Location: Behind Allappat Super Shoppe,On top of SBT Treasury win
g

Meeting Schedule
================
1. Introduction to Free Software and GNU Movement
2. Agenda : Inside Nessus
3. Technical Discussions
4. Q&A Session

A Map showing the venue is available at :
http://www.ilug-cochin.org/content/view/31/

Directions to reach venue.

Directions to Meeting Venue

Get answers to your questions about the meeting at:

FAQ

For further information contact :
Tel:+91 9447111771
Tel:+91 9995717112
Tel:+91 9747173432
Tel:+91 9496449969
Tel:+91 484 2374862 ( Venue )
Tel:+91 484 4025077 ( Venue )
contact at ilug-cochin.org

Details

1. Introduction to Free Software

We start of with our regular discussion on the concepts and philosophy of the Free Software Movement and related topics.

2. Agenda : Inside Nessus

Going deeper into vulnerability tools to understand the working of attacks and how this tool helps, the benefits of using this tool will be discussed.Rogue attacks for network environments can be drastically reduced by network analysis.

3. Technical Discussions

Attendees will discuss and/or present topics of interest. They will share their knowledge by handling small sessions to make up the Technical Session part of the Meeting.

4. Q&A Session

This would be used to answer doubts that users have concerning Free Software.

We look forward to your participation for this exciting meeting. Hope to meet you all on Sunday.

Thank You

Regards
Co-ordinator
Indian Libre User Group, Cochin

August 2012 Meeting Details

The meeting of the “Indian Libre User Group” was successfully held on August 26th 2012

Date: 26-08-2012

Time: 2:00pm – 5.30pm
Venue: Internet Club, IInd Floor,
AMI Trust Building,Broadway Enclave,
Broadway, Ernakulam

2.30pm – 2.45pm

Customary Self Introduction.
People shared their experience with Free Software

2.45pm – 4.30pm – Session by JayJacob

Nagios is a popular open source computer system monitor, network monitoring and infrastructure monitoring software application. Nagios offers monitoring and alerting for servers, switches, applications, and services. It watches hosts and services. It alerts users when things go wrong and alerts them again when those wrong things get better/resolved.
Nagios, originally created under the name NetSaint, was written and is currently maintained by Ethan Galstad, along with a group of developers actively maintaining both official and unofficial plugins. N.A.G.I.O.S. is a recursive acronym: “Nagios Ain’t Gonna Insist On Sainthood”,”Sainthood” being a reference to the original name NetSaint, which was changed in response to a legal challenge by owners of a similar trademark.”Agios” is also a transliteration of the Greek word άγιος which means “saint”.
Nagios was originally designed to run under Linux, but also runs well on other Unix variants. It is free software, licensed under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.
In a 2006 survey among the nmap-hackers mailing list, 3243 people responded when asked for their favorite network security tools. Nagios came in 67th overall and 5th among traffic monitoring tools. Nmap itself was excluded from the list.

Overview

Nagios is Open Source Software licensed under the GNU GPL V2.
– Monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH)
– Monitoring of host resources (processor load, disk usage, system logs) on a majority of network operating systems, including Microsoft Windows with the NSClient++ plugin or Check MK.
– Monitoring of anything else like probes which have the ability to send collected data via a network to specifically written plugins
– Monitoring via remotely-run scripts via Nagios Remote Plugin Executor
– Remote monitoring supported through SSH or SSL encrypted tunnels.
– Simple plugin design that allows users to easily develop their own service checks depending on needs
– Plugins available for graphing of data
– Parallelized service checks available
– Ability to define network host hierarchy using “parent” hosts, allowing detection of and distinction between hosts that are down and those that are unreachable
– Contact notifications when service or host problems occur and get resolved
– Ability to define event handlers to be run during service/host events for proactive problem resolution
– Automatic log file rotation
– Support for implementing redundant monitoring hosts
– Optional web-interface for viewing current network status,notifications, problem history,log files,etc.
– Data storage is done in text files rather than database

4.30pm – 4.45pm

Tea break

Concluding Session

People were requested to handle small technical discussions for the next meeting.

Thanks to all the attendees for coming and they are requested to put their feedback on the mailing list so that we can improve future meetings

The next user meet is on 23rd September 2012