[lugm.org] Next meetup topic

Thu Sep 10 05:48:10 UTC 2015

Hi Security Professionals,
After due consideration, we decided to have a Jury composed of 3 people: myself, Selven and Shaan Nobee who will judge the submission and decide the different awards. Unlike the webcup competition, we are going to ask questions to make sure that you understand the code that you are submitting to us.- We recommend that participants have Apache + OpenSSL (which suffers from Heartbleed) installed on their laptop.
- Understand the SSL/TLS protocol including One extension which is critical for heartbleed to happen.
- Be familiar with the exploit that they are writing. (for e.g Python) 

     On Thursday, 10 September 2015, 0:00, Loganaden Velvindron <gnukid1 at yahoo.co.uk> wrote:

 Hi guys, we're getting close to Saturday. To make it more interesting, I was thinking about having a contest where there would be an attacking team, and also a defending team similar to LAN games. The Attackers win if they can dump the memory contents from a RPI-powered server with Apache + OpenSSL , and the defenders need to find a way stop the heartbleed exploit, working under the assumption that no patches are yet available. Would that be too challenging :p ?
What do you guys think ?

     On Monday, 31 August 2015, 6:29, Loganaden Velvindron <gnukid1 at yahoo.co.uk> wrote:

 4 Remote participants:
Selven (Danemark)Harish Hurchurn (UK)Jeyveen (MRU)Daniel Shaw (MRU)
Please let me know if you would like to be a remote participant.

     On Sunday, 30 August 2015, 23:12, Loganaden Velvindron <gnukid1 at yahoo.co.uk> wrote:

 Remote participation will be done using Google Hangout. Selven and I tested, and it's acceptable. Please note that the time will be 12:00 Mauritian TIme (UTC + 4), and will be a public event.
However, Only Audio + slides will be available.
We will need a volunteer scribe for the online session please :)

     On Sunday, 30 August 2015, 22:39, Loganaden Velvindron <gnukid1 at yahoo.co.uk> wrote:

 I am also currently looking into setting up Google Hangout so that audio and slides are available to remote participants.
We will need a "scribe" who will take the questions of the remote participants.

     On Sunday, 30 August 2015, 18:32, Loganaden Velvindron <gnukid1 at yahoo.co.uk> wrote:

Agenda: Detecting security breaches as soon as possible has been the holy grail of Sysadmins & Engineers. I propose an interesting idea that allows a fairly skilled sysadmin to reach that goal. However, we have to make a few tradeoffs in terms of performance, for security's sake.

This will trigger an interesting discussion on how we can be more responsive when there are security attacks against critical production systems.

Demo: Detecting Heartbleed, the famous security flaw, using the classic way, as well, as the proposed method.

Wifi: Available. SSID is "Open Wifi". However, port 22 is blocked. You are advised to configure your SSH server to listen to port 443 in addition to port 22 to get SSH access for now.

Food: Decently priced for both veg & non-veg.

Target audience: Sysadmins, Netadmins, Security engineers, IT managers & Students interested in Network Security.

Pre-requisite: Basics of LUA programming language:
http://luatut.com/crash_course.html

Linux network stack architecture:

http://www.thegeekstuff.com/2011/11/tcp-ip-fundamentals/

__________________________________________________________
Linux User Group of Mauritius (LUGM) Discuss mailing list
Website: http://lugm.org
Mailing list archive: http://discuss.lugm.org/pipermail/discuss_discuss.lugm.org/
Forum: http://lugm.org/forum/
IRC: #linux.mu on Freenode

__________________________________________________________
Linux User Group of Mauritius (LUGM) Discuss mailing list
Website: http://lugm.org
Mailing list archive: http://discuss.lugm.org/pipermail/discuss_discuss.lugm.org/
Forum: http://lugm.org/forum/
IRC: #linux.mu on Freenode

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://discuss.lugm.org/pipermail/discuss_discuss.lugm.org/attachments/20150910/6e523728/attachment-0001.html>