Great , Totally into for the workshop. I hope Nitesh, Abhishek and Other can manage for organizing event. http://www.lug-iitd.org/Articles/How_To_Organise_a_LUG_workshop_at_IIT_Delhi Lets revive l...@iitd with this workshop. Please start a wiki page of workshop http://www.lug-iitd.org OR make a facebook event. Please put 20-100 Rs Entry fees for every workshop and use money for Expenditure of LUG activities.. best of luck On Tue, May 4, 2010 at 10:35 PM, Mohit Singh <[email protected]> wrote:
> First of all, Kindly convey my regards to Prof. Banerjee. He has given > a great idea for organizing a workshop on security and privacy. IEEE > also has a magazine in this name. > > I talked about a provision for opening your mail ONLY at the places > YOU want. The original idea was given by Vivek Khurana, Open Source > Warrior from Delhi.Lets share ideas on how to make it possible. > > IIT Delhi LUG can host this event very well along with IIT Delhi > IEEE/ACM chapter. Lets invite OpenBSD people also. > > > Mohit Singh > ------------------ > > Today's Imagination is Tomorrow's Innovation > Today's Innovation is Tomorrow's Common Sense > Today's Common Sense is Tomorrow's Nonsense > > > > <top-posting .. but just for a bit of consistency.. hope you dont mind> > > > On Tue, May 4, 2010 at 9:59 PM, nitesh mor <[email protected]> > wrote: > > How about a workshop on "security and privacy" ? I guess it will > > clarify the concepts of getting passwords by launching DOS attacks, as > > well as "kerberos like setup" for email services can be discussed in > > great detail. > > > > Cheers > > Nitesh Mor > > > > > > ---------- Forwarded message ---------- > > From: Subhashis Banerjee <[email protected]> > > Date: Tue, May 4, 2010 at 7:33 AM > > Subject: Re: [...@iitd:7429] mail crack-in: time for kerberos like setup > > To: NITESH MOR <[email protected]> > > > > > > Nitesh, > > Why don't you tell them to hold a workshop on ``security and privacy'' > > - perhaps to celebrate the end of the current semester or the > > beginning of the new semester in July. The CSC will be happy to help > > and discuss/explain SSL, TLS, Kerberos, Radius, TKIP/AES, NTLM, > > MD5,....(we are, after all, using the whole lot) and perhaps also mac > > and arp. You can ask some CSE/EE students and faculty to also > > contribute. > > > > May be the IITD community needs such a workshop, others are also > > welcome (the more the merrier). > > > > cheers, > > > > > > Subhashis Banerjee > > Professor > > Dept. Computer Science and Engineering > > Indian Institute of Technology, New Delhi 110016, INDIA > > > > Office: +91 11 26591288 > > Fax: +91 11 26581060, +91 11 26582283 > > Email: [email protected] > > URL: http://www.cse.iitd.ernet.in/~suban > > > > > > On 04/05/10 1:28 AM, nitesh mor wrote: > >> > >> On Tue, May 4, 2010 at 12:57 AM, Sharad Birmiwal > >> <[email protected]> wrote: > >> > >>>>> > >>>>> Radius is generally used for 802.1x authentications, which does not > >>>>> seem to be relevant in any way to authentication for a web service. > >>>>> > >>>> > >>>> You see chance, I see cause .... > >>>> a Lightweight Kerberos... a small tilt in the tale .. will bring the > light. > >>>> Jan 1, 2011 lets hope the day will bring your mail in your 'box' only. > >>>> > >>> > >>> http://en.wikipedia.org/wiki/RADIUS#Security_2 > >>> > >>> The way I understand things is that RADIUS does not offer encryption > >>> (for payload or bulk of data). That's where this conversation started > >>> from (http/https). It is used for authorization (in our context). That > >>> means validating whether the given username/password are correct or > >>> not. > >>> > >>> RADIUS can be (is?) used for authenticating and accounting say for > >>> users who connect to a wireless service. Again, it does not manage > >>> encryption of the traffic afterwards. > >>> > >>> As Nitesh suggested earlier, TLS might be better supported for what > >>> you want -- I don't know anything about TLS but I am guessing what > >>> Nitesh meant was that in TLS, both server and client negotiate which > >>> encryption standard they want to use (much like ssh). > >>> > >> > >> Exactly. During the negotiation phase, the client sends a list of > >> cipher specs that are supported by the client, with the client's first > >> preference first. > >> For the list of cipher suits that are defined by the standard, visit > >> http://tools.ietf.org/html/rfc2246#appendix-A.5 > >> The server replies with an acceptable cipher suite, from the ones that > >> the client has sent, otherwise sends a failure message. > >> > >> For details: http://tools.ietf.org/html/rfc2246 > >> > >> And BTW, the MAC address (which is used by radius for authentication, > >> the so called hardware), is a link layer thingie, which has no > >> significance beyond your router. > >> > >> Cheers > >> Nitesh Mor > >> > >> > >>> > >>> SB > >>> > >>> -- > >>> l...@iitd - http://tinyurl.com/ycueutm > >>> > >>> > >> > >> > > > > -- > > l...@iitd - http://tinyurl.com/ycueutm > > > -- ┌─────────────────────────┐ │ Narendra Sisodiya ( नरेन्द्र सिसोदिया ) │ Society for Knowledge Commons │ Web : http://narendra.techfandu.org └─────────────────────────┘ -- l...@iitd - http://tinyurl.com/ycueutm
