FIST Conference - Delhi "Hack and Investigate"

From: Balwant Rathore (balwant_at_oissg.org)
Date: 05/07/04

  • Next message: Steven Trewick: "RE: Buffer Overflow problem"
    To: "Security-Basics" <security-basics@securityfocus.com>
    Date: Fri, 7 May 2004 15:01:02 +0530
    
    

    Hiya,

    FIST Conference May – 2004 Delhi Edition “Hack and Investigate” is
    scheduled from 10th to 16th May 2004. As you know FIST is a free event,
    FIST FAQs are available at www.oissg.org (under development) --> FIST
    FAQ for more detail.

    For the first time it’s going to be full hands on. We are looking for
    sponsors, especially for printing cost, guest speakers are also welcome.
    Some members are coming from other cities/countries; it would be nice to
    meet you in-person. This time seats are limited, register yourself ASAP.
    OISSG (yahoo pen test group) members would be given priority.

    We will be doing series of such events on several topics in many places.
    I need help with promotions of this event and further up-coming events.
    Contact me if you may be of any help. Feel free to forward this mail to
    other mailing lists and to your colleagues/friends. Details of
    conference are as follows:

    Registration:
    Email: balwant [at] oissg [dot] org

    Sponsor:
    Looking for sponsors who can bear the cost of printing and/or Internet
    and/or food cost for participants.

    Date and Time:
    10th to 16th May 2004
    Every day @ 09:00 to 18:00

    We expect guest speakers every day in evening so please be flexible with
    timings. You may have to stay little later.

    Cost:
    • FIST is a free event.
    • You have to take care of your boarding and lodging expenses. If
    required we can suggest you.
    • We may need to pay for course material and certification
    printing/internet uses and for CD if we don’t get any sponsor for this.
    It’s not going to be > ˆ 20 (Rupees 1000).

    Location:
    D–89, South Ganesh Nagar, Opp Mother Dairy, Patparganj, New Delhi - 92

    Point of Contact:
    Balwant Rathore, Phone: 91-11-2253-1445

    Lab
    The lab includes Routers, Switches, Firewalls, Intrusion Detection
    Systems, Windows and Unix Hosts. It will cover around 40 extensive
    exercises, which will provide detailed practical knowledge of attacking
    and securing systems. Various commercial and open source tools will be
    used on multiple operating systems and network devices.

    Every day data will be collected in templates and reports will be
    generated.

    We recommend you to come with your laptops, Ethernet card and cable
    (Straight and Cross Over); it’s not mandatory (we have enough PCs) but
    will help you to get most out of course. Install two operating systems
    (Windows 2k server / professional or XP professional and Linux) in it.
    Configure it in following way:
    • Dual-boot system with Windows partition and Linux on top of it.
                                            or
    • Install Windows and Linux on top of it using any Virtual machine (e.g.
    VMware workstation). Virtual machine allows multiple operating systems
    simultaneously on single laptop. You should do this only if you have
    minimum 256 MB RAM in your laptop, so you can assign 128 MB RAM to each
    operating system. You can download a free thirty-day trial version from
    http://www.vmware.com/. To establish a base line of commonality we
    recommend you to use RedHat 9.0, 8.0.

    Your laptops may be attacked in lab intentionally or un-intentionally by
    someone. OISSG will not be liable for this. We recommend you to not to
    store sensitive data in it.

    A CD full with attack code/tools/products and reading material will be
    given to you to use it in lab and later. You will also get updates of
    these CDs in future.

    Teamwork is a must in order to cover several topics in this short span
    of time.

    Target Audience: Ethical Hacking
    • Penetration Tester, Security Auditor and Security testers
    • Security testing / penetration testing project managers
    • Security engineers and consultants
    • System/network administrators
    • Web application administrator
    • Technical and Functional managers
    • IT Staff responsible for information security

    Target Audience: Forensics
    • Members of Computer Security Incident Response Team (CSIRT)
    • Security professionals
    • Forensic application developer

    Agenda:
    Ethical Hacking
    * Day One:
    - Module 1: Getting Acquainted
    - Module 2: Introduction and Overview
    - Module 3: Project Management, Responsibilities, Guidelines and Ethics
    - Module 4: Methodology
    * Day Two:
    - Module 6: Windows Hacking
    - Module 7: UNIX Hacking
    * Day Three:
    - Module 8: Web Application Hacking
    - Module 9: Router, Routing Protocol and Firewall Attacks
    - Module 10: Bypassing Intrusion Detection System
    * Day Four:
    - Module 11: Wireless Hacking
    - Module 12: Report Writing
    Forensics:
    * Day Five:
    - Module 13: Nuts and Bolts of Computer Forensics and Incident Response
    - Module 14: Recovering and Preserving Evidence
    - Module 15: Back Tracing
    - Module 16: Miscellaneous Cyber Crime Detection Techniques
    * Day Six:
    - Exam
    * Day Seven:
    - Contest: Capture the Flag

    Download brochure for more detail:
    http://groups.yahoo.com/group/PenTest/files/ --> FIST-Conference
    Delhi.pdf

    Cheers,

    -- Balwant

    Founder Open Information System Security Group www.oissg.org
    http://groups.yahoo.com/group/pentest

    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------


  • Next message: Steven Trewick: "RE: Buffer Overflow problem"