“The attacks on supercomputers at [sites deleted] and other locations were closer to a skillful assault, but they were not actually successful. The attackers, instead of treading lightly, just kept abusing more accounts and taking over more systems, making it only a matter of time before their intrusions were discovered. The attackers were certainly persistent, returning even after being discovered. I am hopeful that one or more of the defenders will discuss their experiences with these intrusions in the Security edition of ;login:.”

-Rik Farlow, USENIX ;login:, August 2004

Welcome !

Who Am I ?Tom BettgeAssociate Director Scientific Computing DivisionNational Center for Atmospheric ResearchBoulder, ColoradoBackground: Applications Software Engineer – Climate Modeling

my mother’s maiden name is Hacker

“………………………….The attackers were certainly persistent, returning even after being discovered. I am hopeful that one or more of the defenders will discuss their experiences with these intrusions in the Security edition of ;login:.”

-Rik Farlow, USENIX ;login:, August 2004

Program Committee• Tom Bettge National Center for Atmospheric Research• RuthAnne Bevier California Institute of Technology• Ginger Caldwell National Center for Atmospheric Research• Walter Dykas Oak Ridge National Laboratory• Victor Hazlewood San Diego Supercomputer Center• Chris Hempel Texas Advanced Computer Center• Jim Marsteller Pittsburgh Supercomputer Center• Marla Meehl National Center for Atmospheric Research• George Strawn National Science Foundation• Howard Walter National Energy Research Scientific Computing Center• John Towns National Center for Supercomputing

Applications

Who Are You ?• Registered Participants: 128

• By Organizational/Agency:– University/NSF 79– DOE 25– Military 8– NASA 8– NOAA 3– Other 5

• By Duty/Position:– system/security administration 50– management 40– end user 10

Breakout Sessions

1. User Policies/Education

2. System Administration Policies/Education

3. Network Based Intrusion Detection

4. Host Based Intrusion Detection

5. Grid Computing Challenges

Tom

NCAR/Scientific Computing Division

Bettge

Cybersecurity Summit 2004

1

Breakout Session Assignment

Monday Evening: Meeting Rooms

• Dewey I / II• Charleston I / II• Farragut• wireless will be available

Contact Staff

Thanks to NCAR Staff

• Susan Cross• Lynda Lester• Janie Young

Cybersecurity Summit ?• Concept of Summit – Spring 2004

Share information, discuss impact upon users, systems, etc.Best PracticesProcedures for future incidents (communication, etc.)

• To include peer agencies• Endorsed/Sponsored by National Science

Foundation• Expanded to broad community• Expanded to include peer agencies• Invitation Only !