UNIGROUP GENERAL MEETING
Incident Response: Internet TCP SYN DoS Attack;
Incident Response: Cloud Server Linux Break-in;
Microsoft Azure Database Applications; How to make it run fast, securely and deliver it quickly.
Unigroup's May 2019 meeting will present a series of informal Mini-Talks on: Networking, Security, Cloud Infrastructure and Cloud Database Development. Topics will cover: Incident Response for Internet TCP SYN DoS Attacks; Incident Response for Linux Break-in on a Cloud Server Instance; Project Development using a Modern Cloud Database on Microsoft Azure.
SPECIAL INSTRUCTIONS: --------------------- Most Unigroup meetings are open to the public! To REGISTER for this event, please RSVP by using the Unigroup Registration Page. This will allow us to automate the registration process. (Registration will also add you to our mailing list.) Please avoid emailed RSVPs. Please continue to check the Unigroup web site and THIS page, for any last minute updates concerning this meeting. If you registered for this meeting, please check your email for any last minute announcements as the meeting approaches. Also make sure any anti-spam white-lists are updated to _ALLOW_ Unigroup traffic! If you block Unigroup Emails, your address will be dropped from our mailing list. Also, if you have an interest in Unigroup, be sure to receive Unigroup information DIRECTLY from Unigroup, via direct receipt of Emails and by visiting the Unigroup Web Site. NO OTHER SOURCE provides timely, accurate and complete Unigroup information. Please RSVP as soon as possible, preferably at least 2-3 days prior to the meeting date, so we can plan the food order. RSVP deadline is usually the night before the meeting day. Note: RSVP is requested for this location to make sure the guard will let you into the building. RSVP also helps us to properly plan the meeting (food, drinks, handouts, seating, etc.) and speed up your sign-in at the meeting. If you forget to RSVP prior to the meeting day, you may still be able to show up and attend our meeting, however, we cannot guarantee what building security will do if you are "not on the list".
Location: The Cooper Union (http://www.cooper.edu) School of Engineering (*** New Building ***) 41 Cooper Square (3rd Avenue @ 7th Street, between 6th & 7th Streets) East Village, Manhattan New York City, 10003 Meeting Room: ** (See Above, Room May Change Month-to-Month) Located on the East side of Cooper Square. Look for the new building with the non-traditional appearance. Entrance is at the corner of 3rd Avenue and 7th Street. Building lobby sign-in is required at the guard's desk. Enter the building, check in with the guard at the lobby for directions to the Unigroup Meeting Room. Nearest mass transit stations are: '6' to Astor Place (stops right at The Cooper Union), then walk 1 block East and 1 block South. 'R' to 8th Street, then walk about 2 blocks East then 1 block South. '4/5/N/Q' to Union Square, then walk South and East. or transfer to the downtown '6' to Astor Place. 'B/D/F/V' to Broadway-Lafayette, then walk North and East. or transfer to the uptown '6' to Astor Place. Free street parking in the area becomes available at 6pm. There are parking lots on Broadway, at (or just South of) 8th Street, across from the West side of Cooper Square, as well as various others in the area.
Topic: Assorted Mini-Talks Covering: Networking, Security, Cloud Infrastructure, Cloud Database Development.
Computer Networking, Computer Security, Incident Response, TCP SYN Attack, Networking Denial-of-Service Attack, Cloud Computing, Cloud Infrastructure, Cloud Database, Microsoft Azure, Microsoft SQLserver, C#.
Introduction & Description of Talks:
Presenter: Robert Weiner of Programming Plus:
a) Mini-Talk: Incident Response for Internet TCP SYN DoS Attacks
This talk will discuss a recent experience involving incident response detecting and mitigating Internet TCP SYN denial-of-service attacks.
b) Mini-Talk: Incident Response for Security Break-in on a Linux Cloud Server Instance
This talk will discuss a recent experience involving incident response regarding a computer security break-in on a Linux Cloud Server instance.
References & Web Resources:
Denial-of-service attack (Wikipedia) https://en.wikipedia.org/wiki/Denial-of-service_attack SYN Flood (Wikipedia): https://en.wikipedia.org/wiki/SYN_flood SYN Cookies (Wikipedia): https://en.wikipedia.org/wiki/SYN_cookies RFC 4987 - TCP SYN Flooding Attacks and Common Mitigations: https://tools.ietf.org/html/rfc4987 Cisco Internet Protocol Journal Article on SYN Flooding Attacks: https://www.cisco.com/c/en/us/about/press/internet-protocol-journal/back-issues/table-contents-34/syn-flooding-attacks.html Red Hat Blog: Mitigate TCP SYN Flood Attacks with Red Hat Enterprise Linux 7 Beta https://www.redhat.com/en/blog/mitigate-tcp-syn-flood-attacks-red-hat-enterprise-linux-7-beta SANS Whitepaper: File Integrity Checking: https://www.sans.org/reading-room/whitepapers/detection/ids-file-integrity-checking-35327 AIDE - Advanced Intrusion Detection Environment: https://sourceforge.net/projects/aide/ AIDE (Wikipedia): https://en.wikipedia.org/wiki/Advanced_Intrusion_Detection_Environment Open Source Tripwire (Wikipedia): https://en.wikipedia.org/wiki/Open_Source_Tripwire Tripwire Open Source: https://github.com/Tripwire/tripwire-open-source Comparison of host-based intrusion detection systems (Wikipedia): https://en.wikipedia.org/wiki/Host-based_intrusion_detection_system_comparison Arch Linux Wiki List of Security Tools: https://wiki.archlinux.org/index.php/List_of_applications/Security#Threat_and_vulnerability_detection
Presenter: Matt Rothman of Blue Moon Technology:
c) Mini-Talk: Microsoft Azure Database Applications; How to make it run fast, securely and deliver it quickly.
(Cloud and Cloud Database Infrastructure discussion which can apply towards both Linux and Windows instances.)
Perhaps YOU have something interesting to share? If you have some experience using AWS/GoogleCompute/OracleCloud/etc, we'd like to hear your experiences, to compare/contrast to the above.
References & Web Resources:
Datamation: Article Comparing All 3 Amazon/Microsoft/Google Clouds: https://www.datamation.com/cloud-computing/aws-vs-azure-vs-google-cloud-comparison.html Microsoft: Comparisons Azure to AWS: https://azure.microsoft.com/en-us/overview/azure-vs-aws/ https://docs.microsoft.com/en-us/azure/architecture/aws-professional/services Gartner Magic Quadrant: Cloud Infrastructure as a Service: https://www.gartner.com/doc/reprints?id=1-2G2O5FC&ct=150519&st=sb Mono Project C# Development: https://www.mono-project.com/
Matt Rothman - CTO - Blue Moon Technology
Matt's an active Azure data applications developer with cloud based databases and cloud authentication. Over 30 year's experience in programming and IT, from Wall Street to Medical research. Blue Moon's current focus is on high end custom Azure programming. Matt is also a Unigroup Board Member. For further information, please visit the Blue Moon Technology Web Site: http://www.bluemoontechllc.com.
Robert Weiner - President - Programming Plus
Robert Weiner is the founder and President of Programming Plus, a business which provides Computer-Related Hardware and Software Consulting & Engineering Services (for Unix, Linux, BSD, OpenVMS, Windows and DOS). Robert is an Electrical Engineer (with BE and ME degrees from The Cooper Union in NYC), a NYS Licensed Professional Engineer, Software Developer, Systems Administrator, Systems Integrator, and System Builder, who has been working with Unix for 35+ years, Linux for 25+ years, and WinDOS systems going back to DOS and CP/M. Robert has been a Unigroup member since 1985, a Unigroup Board Member since 1991, and Unigroup's Executive Director since 1992. For further information, please visit the Programming Plus Web Site: http://www.progplus.com.
Addison-Wesley Professional/Prentice Hall PTR/Pearson, and O'Reilly have been kind enough to provide us with review copies of some of their books, which we will continue to raffle off as giveaways at our meetings. The publishers always ask that the persons receiving the books provide a review and/or feedback about their books.
Unigroup would like to thank both publishing companies for the support provided by their User Group programs.
As always, all of the books will be available for review at the start of the meeting.
Note: Our book supply is currently running low, and we need to restock.
Unigroup is a Professional Technical Organization and User Group, and its members pay a yearly membership fee. For Unigroup members, there is usually no additional charges (ie. no meeting fees) during their membership year. Non-members who wish to attend Unigroup meetings are usually required to pay a "Single Meeting Fee".
Yearly Membership (includes all meetings): $ 50.00 Student Yearly Membership (with current! ID): $ 25.00 Non-Member Single Meeting: $ 20.00 Non-Member Student Single Meeting (with! ID): $ 5.00 * Payment Methods: Cash, Check, American Express. MasterCard, VISA, Discover (since 2013). ! Students: We are looking for proof that you are currently enrolled in classes (rather than working full-time), and as such, your Student ID should show a CURRENT date. We have been presented Student IDs containing NO dates whatsoever, and in the current environment, perpetual/non-expiring access to university facilities just does not feel right. If your ID contains no date, please bring additional proof of current enrollment. Thanks.
NOTE: Simply receiving Unigroup Email Announcements does NOT indicate membership in Unigroup.
Members: Remember to bring your membership card with you to the meeting, to confirm your yearly renewal date!
FOOD AND REFRESHMENTS
Complimentary Food and Refreshments will be served. This includes "wraps" such as turkey, roast beef, chicken, tuna and grilled vegetables as well as assorted salads (potato, tossed, pasta, etc), cookies, brownies, bottled water and assorted beverages.
** However, due to a continuing situation at our caterer, we are planning to have: pizza (cheese+veggy), soda, water, cookies, and brownies at this meeting.
Please join us for this meeting, you won't want to miss it!