the talk was over, the topic came around to OpenOffice and its long
startup time. Sudev pointed out the OpenOffice.org Forums (http://www.oooforum.org/) which is an excellent resource for solving your OO.org problems.
The next talk was "Encryption" by Eshwar. He started by telling us the difference between obfuscation and encryption. In India, we had encryption during the 12th century itself. The key to decrypt the message was a sanskrit sloka. He also covered the topic of Symmetric/asymmetric encryption, block and stream cipher. However, the main focus of his talk was the RC4 encryption. He walked the audience through the RC4 encryption algorithm (It should be noted here that the mathematical capability of the ILUGD members present made the process doubly hard on him). One of the major drawbacks of the RC4 algorithm is the weak keys. In 37% of the cases, the keys will be in the first few bits. In 13% of the cases, the keys will be he value of the S2. Eshwar also posted a few links as a follow up to his talk
http://www.muppetlabs.com/~breadbox/txt/rsa.html
http://www.theatlantic.com/issues/2002/09/mann_g.htm
http://www.busan.edu/~nic/networking/puis/ch08_06.htm
http://www.freesoft.org/CIE/Topics/135.htm
Next in line was a talk about GPG by Raj mathur. He started by explaining the about substitution, Public key encryption and hashing. There was also a discussion about the history of PGP and its author Phil Zimmerman. He was the target of a three-year criminal investigation, because the US government held that US export restrictions for cryptographic software were violated when PGP spread all around the world following its 1991 publication as freeware. (Zimmerman's home page is http://www.mit.edu/~prz/index.shtml). After this lively discussion, he walked us through the the steps of using GPG for signing and verifying messages.
The last talk was on "Practical Linux Security" by Tarun Dua. He mostly focused of things that are mostly second nature to seasoned sys admin but seem like deep mysteries to a new one. (It must also be pointed out that he somehow developed the magical ability to write using invisible ink and read it too, since the white board pens had almost given out at the end of the day). I will summarize the points that he made
- Physical security -> Place the PC in a well guarded room.
- During install ->
* make a separate partition for /home , /tmp, /var and root partition
* Turn off all unused services* Anyone running telnet service should be shot dead as a service to the humanity.
- User Security ->
* Use PAM to provide a fine grained control over users
* Use quotas to restrict the file space available to the users.Tarun's talk was usually interrupted by people chiming in with their own security tip or horror story. It was also the consensus that in any company the sys admin rules. Overall, quite a lot of useful tips flowed during that talk.
After this we had a vote of thanks for the EFY team and especially Mayank who had the goodwill to host some 50 geeks planning world domination. However the meet did not end at this point. The record of whatever happened next have been kept by LL. You can read it at http://thread.gmane.org/gmane.user-groups.linux.delhi/3786 .
Note: I do not have the list of attendees. Whoever does please post it in a follow up thread. If I missed something, please let me know. I will post a correction.
-- / \__ ( @\___ Raj Shekhar / O My home : http://geocities.com/lunatech3007/ / (_____/ My blog : http://lunatech.journalspace.com/ /_____/ U
_______________________________________________ ilugd mailinglist -- [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/[EMAIL PROTECTED]/
