We are planning a PLUG Linux Security Lab - which has been loosely deemed a
HackFest after the very successful InstallFests.
The focus will be Linux Security in a lab or practicum format. This will
therefore NOT be a demonstration; our space is limited, so we just want people
interested in applying the theorectical concepts of basic Linux systems
security.
Our scope will include desktop as well as server exploits and protection. We
will be covering OSI type "bottom up" security and some limited IDS. Web
security or OSI "top down" will not be our focus for labs but will be discussed
in passing where appropriate. We suggest that all indepth web security go to
Owasp.org's great group.
This is a loose lab, which means we follow our bliss - siimilar to the
InstallFest, we will play as deeply as we can, in non-linear and duplex,
simultaneous group conversations while also fielding general questions from
four or five teams. Each person get`s to assist others, build tests, provide
suggestions, and meet others from which to learn. While competitive, the PLUG
Fests endeavor to maintain the fun! If you build systems and tend to silently
learn rather than actively verbally compete to troubleshoot, there will still
be fun roles for your play at a PLUG HackFest.
We will be using Live CD's for the most part during the labs, so you can be
assured that when you bring your equipment, you will not be inhabited in a
persistent way, should you want to participate deeply, in any real team
encroachments, etc.
We will require that all participants sign a disclaimer at the door, that
states that you understand and agree to abide by:
1) Liability - Hold no harm - participate at your own risk.
2) Agree that only equipment clearly marked for exploit will be targeted,
professional respect will be maintained at all times.
3) You agree that you will not use anything learned for illegal purposes and
understand that these are demonstrations meant for professionals, and high
level users for educational purposes only.
Internet ethics and sociology will be noted, as well as information security
legal issues, where appropriate, during the lab(s).
UAT will be sponsoring this HackFest in conjunction with their security
training, since they send a team to Defcon every year for "capture the flag";
PLUG members are meeting with UAT for lunch next week to hash out more details.
The first HackFest is tentatively scheduled for September. Should we run into
difficulties with these plans, we will find alternate facilities, since the
PLUG membership is dedicated to this fun endeavor.
Thanks for Hans for his ongoing assistance with coordinating resources with UAT!
Lisa Kachold
(503)754-4452 || Obnosis.com
_________________________________________________________________
With Windows Live for mobile, your contacts travel with you.
http://www.windowslive.com/mobile/overview.html?ocid=TXT_TAGLM_WL_mobile_072008
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
