Hi,this is a double-edged sword as ian points it out in our meeting. several of my guys will be securing several boxes too and it's just something to make the con more exciting. ca is there becasue they are positioning their products and i doubt if they want their products on the line. mysecuresign is there too because they want to spread the word out. isssp is only after raising awareness and not even profits. isssp is giving away several passes for plug because of their particiapation and we gave 40something percent discount to all pluggers which is actually the cost of the food and snacks for 2 days.
Will this ManilaCon be anything like the hacker's convention that is held
in UK? CA & MySecureSign may not really have a very nice disposition
regarding hackers (regardless of type, white hat, black hat ,etc). What
about ISSSP & ITFP, what are their dispositions?
those who are securing the servers and the organizers themselves are not allowed to enter the competition. admins, hacker groups and others will test their skills. there is always a risk but if they fail, you prove something. if they succeed, we will learn something. there will be no bad publicity - it's just a game. after so many years in this type of business, i learned something - we can be successful if we cooperate - and that's the sole reason why hackers are always steps ahead - they cooperate a lot.I'm kind of lost here, How does one harden a server to be able to stand-up to attacks initiated by the one's who created the server software in the first place? Wouldn't it be a piece of cake to bypass what ever setup that will be chosen ?
Guys ( & Gals), Let's not be blinded by the potential prize gained by beingisssp is as transparent as you can see it today. no agenda. like plug, we are doing this to raise the level of awareness. i'm not a partner of ca but i'm thankful to them they did a double platinum - without them, we don't have a manilacon like this. we may not give plug 40% discount.
able to complete this challenge.... Let us think, who sponsored this event?
What would happen if PLUG failed? What will happen then to the budding
FS/OSS support in the Philippines? This may very well be a trap! Coz the way
I see it either way (PLUG succeed of fail ) they(CA, etc.) win.......
Their having us fight against each other.....
This is only my opinion regarding this matter, I'm not saying that you should or should not, I'm just hoping that you gave this enough serious thought & consideration........
----------------------------------------- It's supposed to be fun, not an obsession
------ Ian Wrote ------- PLUG People/Penguins!
This is a call for volunteers. PLUG has been requested to field volunteers to defend the Linux boxes they will deploy in the ManilaCon Hackers convention in May. (details on http://www.isssp.org.ph)
We will be given 3 days to bring online a hardened server with a specifically chosen set of services to offer. Come convention time hackers of all types of 'hats' will do what they can to compromise the Linux server. Note that PLUG will be responsible for the Linux box, and Microsoft will be responsible for NT/2K, and there will also be entries for a Sun/Solaris box, and a MAC.
Our job is to make sure that the box is impregnable, impenetrable, and also _useful_. It doesn't count if we disconnect it from the net, power it down, dismantle it and bury it under several layers of bedrock, concrete and solid steel.
So what is this actually?
It's a chance to practice what we preach. All the stuff we publicly advocate will be put to use against very potent adversaries.
It's a chance to publicly defend Linux against a hacker community which some dread, or maybe even fear. This is as much in the public eye as it will ever be. This is where the FUD against open source being insecure due to its very 'openness' will finally be proven or disproven.
It's a chance to put our own knowledge in securing linux up against the best and latest hacking tools used by them 'kiddies'.
Best of all it's a very good learning experience for all those who will volunteer.
So if you think you have enough skills to make the team PenguiGnus. drop me a line publicly or privately. We're forming the PLUG Dream Team.
Ian
_ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph
To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
-- C Francis Pineda I-Sentry Solutions Inc. www.isentry.ph
D (+632)-7511206 T (+632)-7503652 to 55 F (+632)-7503654 M (+63918)-3457654 I 93118193
E [EMAIL PROTECTED] U www.isentry.ph P www.isentry.ph/~francis/cfrancis.pgp
------------------------------------------------------ The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized.
If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may
be unlawful. When addressed to our clients any
opinions or advice contained in this email are subject
to the terms and conditions expressed in the governing
ISSI client engagement letter.
-------------------------------------------------------
_ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph
To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
