FIST Conference Frankfurt, Madrid, Bombay, Jaipur, Chennai, Vancouver and Delhi

From: Balwant Rathore (
Date: 02/20/04

  • Next message: Ricardo: "Firewall Netscreen 10 - URGENTLY"
    To: <>
    Date: Fri, 20 Feb 2004 20:40:38 -0000

    hey All,

    FIST Conferences are free and open events where to present and talk
    different aspects of Penetration Testing and Information Security.
    Presentation of recent conferences in Madrid, Bombay, Delhi, Bangalore, Pune
    are available here....

    A WebSite is under development, soon you will get all presentation together.
    Some FAQs about FIST are given in the end of this mail. Please confirm your
    attendance to myself or person responsble for conference registration in
    advance, it will help to organise event better. We are looking for
    contribution as speaker and/or sponsor with venue, do write me if you can
    contribute in any way. Details of upcoming conferences are as follows:

    FIST-Conference 2004, February Edition - Frankfurt, Germany
    Registration: Drop me an email.
    Sponsor: Johann Wolfgang Goethe-Universität

    * 18:00 Introduction - by Frank Sadowski <frankae at web dot de> Cordinator
    OISSG Frankfurt and Balwant Rathore from OISSG
    * 18:10 Information System Security Testing Framework (ISSTF) draft - by
    Balwant Rathore, CISSP from OISSG
    * 19:00 ISSTF Source Code Auditing Approach - by Gyan Chawdhary <gunnu45 at
    hotmail dot com> from OISSG
    Break 19:50 - 20:00
    * 20:00 ISSTF Web Application Security Testing Approach by Frank Sadowski
    * 20:50 <yet to be decided>
    * 22:00 Improvised food, drink @ Carnival ;-)

    Date and Time
    Wednesday 25.2.2004 @ 18-21:30h.

    Johann Wolfgang Goethe-Universität, Campus
    General instructions for getting there (in German):

    Specifically, go to building „3 Hörsaalgebäude“ as you can see at:
    Inside the building, find “Hörsaal B” (=auditorium B) Use any language
    translation tool:

    Point of Contact: Frank Sadowski Cell: +49 (0)160 99 55 13 66

    FIST-Conference 2004, February Edition - MADRID, Spain
    Please Register Here:

    * 09:00 AM Introducción - by Adán Muñoz; ITEM Consulting
    * CISCO Security - by Rafael Vida Delgado, Telefonica Data.
    * Network Security - by Rafael Neila, Telefonica Data.
    * HoneyNets - by Rafael San Miguel Carrasco, Soluciones Seguras.
    * Vulnerability Discovery Responsibility Regime/Spanish Law - by Gonzalo
    Salas, SIA.
    * 14:15 PM Open round on the security and news about the FIST Conferences -
    Vicente Aceituno.
    * Improvised food and drink, as usual ;-)

    Date and Time
    Saturday, 21st February From 9:00 am onwards.

    Aula Magna of the Escuela Superior de Ingenieros Superiores de
    Telecomunicaciones, C/ Ciudad Universitaria S/N, 28040 Madrid.

    Point of Contact: Vicente Aceituno: aceituno at yahoo dot com +34 696470328


    FIST-Conference 2004, March Edition - Bombay, India
    Registration: Inform Kanwal Mookhey
    Sponsor: Mahindra British Telecom Ltd.

    * 10:00 - Opening by Kanwal Mookhey CTO, Network Intelligence India Ltd.
    * 10:15 - Windows System Security Testing by Balwant Rathore, CISSP
    * 11:15 - Unix System Security Testing by Kartikeya Puri, Freelance Security
    * 12:15 - Break
    * 13:15 - Software Bug-findings by Kanwal Mookhey CTO, Network Intelligence
    India Ltd.
    * 14:15 - Product Demonstration
    * 15:00 - Open Forum on latest trends
    * 16:00 onwards Informal Meeting/Party

    Date and Time
    Yet to be decided, probably in the last week of March, 2004

    Oberoi Gardens Estate, W – 1, Off Saki Vihar Road, Next to Chandivali
    Studio, Andheri (East), Mumbai 400

    Point of Contact: Kanwal Mookhey, CTO Network Inteligence of India +91 22 22001530

    FIST-Conference 2004, March Edition - Jaipur, India
    Registration: Inform Navin Parwal < navin at vsnl dot com >
    Sponsor: Rajasthan Police

    * 10:00 - Opening by Arvind Jain < akjain at>, Inspector General
    of Police, Rajasthan, Jaipur - India
    * 10:15 - Computer Crime Investigation as per OISSG approach by Balwant
    Rathore, CISSP
    * 11:15 - Router and Routing Protocol Security Testing as per ISSTF draft by
    Navin Parwal <parwal at vsnl dot com>, CCIE, CTO, Technosys Jaipur, India.
    * 12:00 - Yet to be decided

    17/2, Sarojani Street, T Nagar, Chennai - 600 017

    26th March, 2004

    Point of Contact: Navin Parwal <navin at vsnl dot com>, CCIE, CTO,
    Technosys, Jaipur, India. Cell: +91 98290 55990

    FIST-Conference 2004, March Edition - Chennai, India
    Registration: Inform D. Swaminathan < dswami at vsnl dot com >
    Sponsor: SAM Communications, Chennai, India

    * 10:00 - Opening by Police Officials.
    * 10:15 - Computer Crime Investigation as per OISSG approach by D.
    Swaminathan, CISSP, Consultant, SAM Communications, Chennai, India.
    * 11:15 - Information System Security Framework (ISSTF) draft by Laxmi Kant,
    Consultant, Odyssey Technologies
    * 12:00 - Yet to be decided
    * 13:00 - Yet to be decided

    17/2, Sarojani Street, T Nagar, Chennai - 600 017

    Yet to be decided

    Point of Contact: D. Swaminathan < dswami at vsnl dot com > Cell: +91

    FIST-Conference 2004, April Edition - Vancouver, Canada
    Registration: Inform Balwant Rathore balwant at mahindrabt dot com
    Sponsor: SIRA Technologies, Vancouver, Canada

    * 10:00 - Opening (yet to be decided)
    * 10:15 - Information System Security Testing Framework (ISSTF) by Balwant
    Rathore, CISSP
    * 11:15 - Storage Area Network Security Testing by Sanjay Pathankar,
    Consultant, Global Knowledge, Canada
    * 12:00 - Yet to be decided
    * 13:00 - Yet to be decided

    3566 Dieppe Dr, Vancouver, Canada V5M 4C7

    Yet to be decided

    Point of Contact: SANJAY PATANKAR, Global Knowledge Networks, Hong Kong.
    Phone: 1-604-584-8930

    FIST-Conference 2004, April Edition - Delhi, India
    Registration: Inform Akhil Manchanda, CISSP < Akhil.Manchanda at gecis dot
    ge dot com >
    Sponsor: yet to find one

    * 10:00 - Opening (yet to be decided)
    * 10:10 - Unix System Security Testing Approach by Vipin Kumar, CISA, CISSP
    * 11:15 - Windows System Security Testing by Akhil Manchanda, Manager -
    Information Security, CISSP, GE Capital International Services, Delhi, India
    * 12:00 - IDS Security Testing by Shashank Saha < reach_shash at yahoo dot
    com >, CISA, CISSP
    * 13:00 - Not yet decided

    Not yet decided

    Yet to be decided

    Point of Contact: Akhil Manchanda +91 (0)9811893703, Vipin Kumar, +91 (0)

    First Improvised Security Testing Conference (FIST) FAQ


    - How we came up with the name of FIST?
    In March 2003, Balwant started a study group on Penetration Testing in
    Mumbai, India. A message was posted on securityfocus PenTest list regarding
    this and thus a yahoo group we created for this group and initially meeting
    were held in Mumbai. In July 2003 the PenTest study group’s Madrid, Spain
    meeting was announced. Balwnat met group member Alejandro Barrera in Madrid
    to find out a venue. Alejandro and Balwant did some and during this a
    message was posted to Argo hacking list. After this two more security
    specialists Vicente Aceituno and Rafael Ausejo met Alejandro and Balwant
    together. And finally they come to the name FIST. The FIST Conference stands
    for “First Improvised Security Testing” Conference, as we felt little
    fast-paced self-organizing way of finding the speakers, the venue and

    As a plus, it doesn’t feel so bad when there is a small mishap in an
    improvised event! Following conferences are known as “FIST Conference
    Month/Place Edition”. The “First” stands for the first of this kind, that’s
    why there are no “Second” of “Third” Improvised Security Conferences.

    - Who is the audience?
    Anyone willing to learn about Information Security.

    - How much does it cost to attend?
    Nothing, it’s a free event.

    - Can I get a certificate for assistance?
    That depends on the committee and the sponsor.

    - Is there any prize or contest?
    We are thinking on giving an award for the best presentation of every year,
    but nothing is set-up as yet.

    - Can I take photos or film?
    As long as it doesn’t interfere with the presentation.

    - Do you Webcast the conference?
    That depends on the sponsor.

    - How can I help?
    · Promote the event.
    · Help the committee.
    · Become a speaker.
    · Become a member of your city’s committee.
    · Become a sponsor.

    Committee Members

    - I want to organize a FIST conference in my city, what do i have to do?
    Create your own committee.

    - What are a FIST Committee duties?
    Normally is a good idea to split responsibilities between committee members:
    · Find suitable venue.
    · Find volunteer speakers. Help them to tune the presentations quality and
    length to make the conference a pleasant experience for everyone. Make a
    presentation template available when possible.
    · Promote the event.
    · Be prepared to be main or backup speakers.
    · Update information on the event’s to be maintained by the group website
    Webmaster saman007uk at oddpost dot com.
    · Coordinate with the international committee.

    - What is supposed to be a Backup Speaker?
    Being a backup speaker means that you should be prepared to substitute a
    main speaker for any reason. In case someone drops or you don't get enough
    speakers, you should present your own speech.

    - How can I find speakers ?
    Contact experts that you know or you meet in this or other events.
    Frequently the speakers for the next edition contact the committee during
    the very FIST conference.

    - I have to choose a date for my FIST... is there any restriction?
    The date for the conference depends on the sponsor/speaker availability and
    audience convenience. But we are trying to held it every two months, the
    last Friday or Saturday of the month.

    - Is it necessary to have a sponsor?
    No if you can get all the resources (room, beamer, water, sound system) by
    yourself. Anyway, sponsors can help in many ways like providing a suitable
    place for the conference, material resources and promotion of the event.

    - Is there any Conference Banner Template?
    Write a mail to balwant at mahindrabt dot com and get it, soon it would be
    available at group WebSite

    - I don't know how to promote the event, what can I do?
    You can try posting the conference banner to newspapers, magazines related
    to technology, blogs, Security Portals, Universities and mailing lists. You
    can prepare a poster too.

    - What are the important conference details to give?
    · Place.
    · How to get there.
    · Registration requirements.
    · Date and time.
    · Program.
    · Duration.
    · Web link for more info.

    - How does the event develop?
    Normally the sponsor presents the FIST committee, The FIST representative
    presents the speakers, then the speakers speak (there might be a short
    break), and finally the sponsor and the FIST committee close the event. Don’
    t forget to thank the sponsor and the speakers.

    - Is registration needed?
    This is a sponsor’s decision. It’s often enough to show up, but a simple
    registration is used sometimes.

    - I want to be a speaker, what should I do?
    Contact a FIST committee. To be a speaker means to have something
    interesting to say in the field of penetration testing or information
    security in
    general. Some guidelines:
    · The speaker should be the author of the presentations, but to speak on
    someone else work is ok, as long as you ask permission and give credit where
    credit is due.
    · Presentations should be licensed GPL-FDL or Open Content License. The
    presentations will be made available through group
    WebSite after the conference is held.
    · Be at the conference room early. Bring your presentation with you in at
    least two different removable media (floppy and CD for example). Don’t bring
    your own laptop as using differents computers with a beamer is proven to the
    · Slides take two to two minutes and a half. Take this into account when
    preparing the presentation and fitting it into your time frame.
    · Be as technical as you like. This a free and open event, but that doesn’t
    mean that presentations need to be understood for people without knowledge
    of the subject matter.

    - I'm going to prepare a speech. Which language should I use?, Is there any
    language restriction for my presentation?
    You can give the speech in the language of your choice, but your slides must
    be in English for the widest possible dissemination after the event.

    - Where can I get the Presentation Template?
    You can download the presentation template from OISSG page.


    - I want to be a sponsor, what can I do?
    To be a sponsor means to provide some or all of:
    · A conference room.
    · Beamer.
    · Laptop.
    · Internet connection.
    · Webcast of the conference.
    · Conference promotion.
    · Attendance registry.
    · Some water for the speakers.

    Thanking you.

    Balwant Rathore, CISSP
    Moderator, PenTest Group
    60437, Frankfurt, Germany
    Phone: +49 (0) 160 99 55 13 66

    Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

    Protect your network with the comprehensive security solution that
    integrates six applications for ease of use and lower TCO.

    Firewall - Virus protection - Spam protection - URL blocking - VPN
    - Wireless security.

    Download 30-day evaluation at:

  • Next message: Ricardo: "Firewall Netscreen 10 - URGENTLY"

    Relevant Pages

    • 44Con 2012 CFP - London 5th - 7th September
      ... We're looking for speakers, workshops and training courses to make the event even bigger and better than last year. ... 44Con is the UK's largest combined Security Conference and Training event, with the conference taking place from the 5th till the 7th of September, 2012 at the Millenium Conference Centre in South Kensington, London. ...
    • [Full-disclosure] 44Con London 2012 CFP - September 5th - 7th
      ... We're looking for speakers, workshops and training courses to make the ... 44Con is the UK's largest combined Security Conference and Training ... This is the Call for Papers, Talks and Workshops for 44Con 2012. ...
    • [Full-disclosure] uCon 2008 call for participation - Recife, Brazil
      ... CALL FOR PARTICIPATION uCon 2008, ... The conference ... hackers and information security ... Speakers are asked to, but not obligated, hand in slides used in their ...
    • uCon 2008 call for participation - Recife, Brazil
      ... CALL FOR PARTICIPATION uCon 2008, ... The conference ... hackers and information security ... Speakers are asked to, but not obligated, hand in slides used in their ...
    • Call for papers and trainers - SeacureIT 2009
      ... Besides the main conference, ... A number of key speakers already confirmed their presence, ... Italy on security releated topics, ... advanced trainings, and a set of unique social events, ...