RE: Pen Test Study Group in Mumbai

From: Balwant Rathore (balwant@mahindrabt.com)
Date: 03/24/03

  • Next message: Alfred Huger: "Post break-in forensics" 
    Date: Mon, 24 Mar 2003 17:47:08 +0530
From: "Balwant Rathore" <balwant@mahindrabt.com>
To: "PenTest" <pen-test@securityfocus.com>
Date: Mon, 24 Mar 2003 17:42:59 +0530

    Hi,

    My post's response was very nice.

    The penetration test group is a group of professionals operating in INDIA.
    We have focused our activities towards learning and upgrading ourselves to a
    higher level in information security testing. Hence our primary aim is
    towards setting up a smooth knowledge-sharing forum and to create a
    community, which will be involved in testing secure architectures.

    The group has set itself some small-medium term goals and a road map to
    achieving them. Following are some of the initiatives and a brief
    description of the same.

    Study Workshops
    These are short length workshops that answer the primary objectives of the
    group knowledge sharing. These workshops will focus on particular topics,
    which will be taken up by group members specializing in the same. The
    presenter will provide detailed technical information (tools, techniques and
    documentation) and wherever possible demonstration on the subject. We will
    take Open Source Security Testing Methodology Manual (OSSTMM) as baseline
    and will try to cover all the topics in depth. Interested presenters can
    choose a topic and inform the group moderators who will coordinate the meet
    and inform the group. Presenter has to submit his presentation one week
    before.

    Break-in Challenges
    Some of the group members have setup honeynets to study newer attack
    techniques. In the interest of the group the community will jointly conduct
    attack challenges for the members. For example a defined group of members
    can attack a preset honeynet, which is managed by another defined group of
    members. Once the attacker group succeeds the honeynet group will provide an
    intrusion report. Group’s concern is more and more learning. So honeynet
    group can also coordinate with with attacker group to know all activities
    which they have performed. Now Attacker group will share his experience in
    town meeting. If attacker and Honeynet group is in remote location, they
    will submit an intrusion report. One volunteer from group will study in
    depth and share this learning.

    Once this cycle is over team members can swap positions to create expertise.
    Members can voluntarily register their honeynets for this practice, help to
    members wanting to setup a honeynet will also be provided by the community.

    Newer activities are in the process to finalize these activities and will be
    discussed in the group meeting and will be formally introduced to the group.
    Shoot your ideas. Come over and help us to create a learning community.

    Thanking You.
    Sincerely,

    Balwant Rathore, CISSP
    Security Practices Group,
    Mahindra-British Telecom Ltd.
    Oberoi Estate Gardens, Chandivali,
    Mumbai - 400 072, India.
    Tel : +91 22 56922000 Extn - 8010
    Fax : +91 22 28528959
    Mobile: +91 98208 03333

    *********************************************************
    Disclaimer

    This message (including any attachments) contains
    confidential information intended for a specific
    individual and purpose, and is protected by law.
    If you are not the intended recipient, you should
    delete this message and are hereby notified that
    any disclosure, copying, or distribution of this
    message, or the taking of any action based on it,
    is strictly prohibited.

    *********************************************************
    Visit us at http://www.mahindrabt.com

    ----------------------------------------------------------------------------
    Did you know that you have VNC running on your network?
    Your hacker does. Plug your security holes now!
    Download a free 15-day trial of VAM:
    http://www2.stillsecure.com/download/sf_vuln_list.html

  • Next message: Alfred Huger: "Post break-in forensics"

    Relevant Pages

    • Re: house law of Austria (1900 addendum)
      ... >> I would be interested in learning in what form the consultation with the ... >> members of the House actually took. ...
      (alt.talk.royalty)
    • Re: Women in Orthodoxy
      ... apathy on the part of the majority of the members), ... yeshiva rabbis would learn with me. ... mutual excitement not only for the learning but for the learning with each ...
      (soc.culture.jewish.moderated)
    • Re: Greetings Rainbow Family, Tribe and/or People
      ... Thank you for this clarification Carla and Karin. ... "Participants" instead of members. ... Slowly but surely I am learning. ... Rainbow Family and Gatherings. ...
      (alt.gathering.rainbow)
    • Re: 1st example of NNet Users Guide does not work
      ... (why T has only 3 members) ... guide. ... I wish Mathworks will correct it in next release ... because at the very first step of learning, ...
      (comp.soft-sys.matlab)