FIST Conference Frankfurt, Madrid, Bombay, Jaipur, Chennai, Vancouver and Delhi

["Balwant Rathore" <balwant () mahindrabt com>]

hey All,

FIST Conferences are free and open events where to present and talk
different aspects of Penetration Testing and Information Security.
Presentation of recent conferences in Madrid, Bombay, Delhi, Bangalore, Pune
are available here....
http://groups.yahoo.com/group/PenTest/files/Presentation-Archives/
http://personal.telefonica.terra.es/web/smm/fist.htm

A WebSite is under development, soon you will get all presentation together.
Some FAQs about FIST are given in the end of this mail. Please confirm your
attendance to myself or person responsble for conference registration in
advance, it will help to organise event better. We are looking for
contribution as speaker and/or sponsor with venue, do write me if you can
contribute in any way. Details of upcoming conferences are as follows:


FIST-Conference 2004, February Edition - Frankfurt, Germany
Registration: Drop me an email.
Sponsor: Johann Wolfgang Goethe-Universität

Agenda:
* 18:00 Introduction - by Frank Sadowski <frankae at web dot de> Cordinator
OISSG Frankfurt and Balwant Rathore from OISSG
* 18:10 Information System Security Testing Framework (ISSTF) draft - by
Balwant Rathore, CISSP from OISSG
* 19:00 ISSTF Source Code Auditing Approach - by Gyan Chawdhary <gunnu45 at
hotmail dot com> from OISSG
Break 19:50 - 20:00
* 20:00 ISSTF Web Application Security Testing Approach by Frank Sadowski
* 20:50 <yet to be decided>
* 22:00 Improvised food, drink @ Carnival ;-)

Date and Time
Wednesday 25.2.2004 @ 18-21:30h.

Location
Johann Wolfgang Goethe-Universität http://www.uni-frankfurt.de/, Campus
Bockenheim
General instructions for getting there (in German):
http://www.uni-frankfurt.de/presse/infos/lageplan.html

Specifically, go to building „3 Hörsaalgebäude“ as you can see at:
http://www.uni-frankfurt.de/zsb/uni-plan.htm
Inside the building, find “Hörsaal B” (=auditorium B) Use any language
translation tool: http://www.google.com/language_tools?hl=en

Point of Contact: Frank Sadowski Cell: +49 (0)160 99 55 13 66
-----------------------------------------------------------------------



FIST-Conference 2004, February Edition - MADRID, Spain
Please Register Here: http://www.item.etsit.upm.es/fist/inscripcion.php

Agenda
* 09:00 AM Introducción - by Adán Muñoz; ITEM Consulting
* CISCO Security - by Rafael Vida Delgado, Telefonica Data.
* Network Security - by Rafael Neila, Telefonica Data.
Break
* HoneyNets - by Rafael San Miguel Carrasco, Soluciones Seguras.
* Vulnerability Discovery Responsibility Regime/Spanish Law - by Gonzalo
Salas, SIA.
* 14:15 PM Open round on the security and news about the FIST Conferences -
Vicente Aceituno.
* Improvised food and drink, as usual ;-)

Date and Time
Saturday, 21st February From 9:00 am onwards.

Location
Aula Magna of the Escuela Superior de Ingenieros Superiores de
Telecomunicaciones, C/ Ciudad Universitaria S/N, 28040 Madrid.

Point of Contact:  Vicente Aceituno: aceituno at yahoo dot com  +34 696470328

-----------------------------------------------------------------------



FIST-Conference 2004, March Edition - Bombay, India
Registration: Inform Kanwal Mookhey cto () nii co in
Sponsor: Mahindra British Telecom Ltd. www.mahindrabt.com

Agenda
* 10:00 - Opening by Kanwal Mookhey CTO, Network Intelligence India Ltd.
* 10:15 - Windows System Security Testing by Balwant Rathore, CISSP
* 11:15 - Unix System Security Testing by Kartikeya Puri, Freelance Security
Consultant
* 12:15 - Break
* 13:15 - Software Bug-findings by Kanwal Mookhey CTO, Network Intelligence
India Ltd.
* 14:15 - Product Demonstration
* 15:00 - Open Forum on latest trends
* 16:00 onwards Informal Meeting/Party

Date and Time
Yet to be decided, probably in the last week of March, 2004

Location
Oberoi Gardens Estate, W – 1, Off Saki Vihar Road, Next to Chandivali
Studio, Andheri (East), Mumbai 400

Point of Contact:  Kanwal Mookhey, CTO Network Inteligence of India
http://nii.co.in +91 22 22001530
-----------------------------------------------------------------------



FIST-Conference 2004, March Edition - Jaipur, India
Registration: Inform Navin Parwal < navin at vsnl dot com >
Sponsor: Rajasthan Police http://rajpolice.nic.in/

Agenda
* 10:00 - Opening by Arvind Jain < akjain at raj.nic.in>, Inspector General
of Police, Rajasthan, Jaipur - India
* 10:15 - Computer Crime Investigation as per OISSG approach by Balwant
Rathore, CISSP
* 11:15 - Router and Routing Protocol Security Testing as per ISSTF draft by
Navin Parwal <parwal at vsnl dot com>, CCIE, CTO, Technosys Jaipur, India.
* 12:00 - Yet to be decided

Location
17/2, Sarojani Street, T Nagar, Chennai - 600 017

Date
26th March, 2004

Point of Contact:  Navin Parwal <navin at vsnl dot com>, CCIE, CTO,
Technosys, Jaipur, India. Cell: +91 98290 55990
-----------------------------------------------------------------------



FIST-Conference 2004, March Edition - Chennai, India
Registration: Inform D. Swaminathan < dswami at vsnl dot com >
Sponsor: SAM Communications, Chennai, India

Agenda
* 10:00 - Opening by Police Officials.
* 10:15 - Computer Crime Investigation as per OISSG approach by D.
Swaminathan, CISSP, Consultant, SAM Communications, Chennai, India.
* 11:15 - Information System Security Framework (ISSTF) draft by Laxmi Kant,
Consultant, Odyssey Technologies
* 12:00 - Yet to be decided
* 13:00 - Yet to be decided

Location
17/2, Sarojani Street, T Nagar, Chennai - 600 017

Date
Yet to be decided

Point of Contact:  D. Swaminathan < dswami at vsnl dot com > Cell: +91
9444018461
-----------------------------------------------------------------------



FIST-Conference 2004, April Edition - Vancouver, Canada
Registration: Inform Balwant Rathore balwant at mahindrabt dot com
Sponsor: SIRA Technologies, Vancouver, Canada

Agenda
* 10:00 - Opening (yet to be decided)
* 10:15 - Information System Security Testing Framework (ISSTF) by Balwant
Rathore, CISSP
* 11:15 - Storage Area Network Security Testing by Sanjay Pathankar,
Consultant, Global Knowledge, Canada
* 12:00 - Yet to be decided
* 13:00 - Yet to be decided

Location
3566 Dieppe Dr, Vancouver, Canada V5M 4C7

Date
Yet to be decided

Point of Contact:  SANJAY PATANKAR, Global Knowledge Networks, Hong Kong.
Phone: 1-604-584-8930
-----------------------------------------------------------------------


FIST-Conference 2004, April Edition - Delhi, India
Registration: Inform Akhil Manchanda, CISSP < Akhil.Manchanda at gecis dot
ge dot com >
Sponsor: yet to find one

Agenda
* 10:00 - Opening (yet to be decided)
* 10:10 - Unix System Security Testing Approach by Vipin Kumar, CISA, CISSP
* 11:15 - Windows System Security Testing by Akhil Manchanda, Manager -
Information Security, CISSP, GE Capital International Services, Delhi, India
* 12:00 - IDS Security Testing by Shashank Saha < reach_shash at yahoo dot
com >, CISA, CISSP
* 13:00 - Not yet decided

Location
Not yet decided

Date
Yet to be decided

Point of Contact:  Akhil Manchanda +91 (0)9811893703, Vipin Kumar, +91 (0)
9818928154
-----------------------------------------------------------------------

First Improvised Security Testing Conference (FIST) FAQ

General

- How we came up with the name of FIST?
In March 2003, Balwant started a study group on Penetration Testing in
Mumbai, India. A message was posted on securityfocus PenTest list regarding
this and thus a yahoo group we created for this group and initially meeting
were held in Mumbai. In July 2003 the PenTest study group’s Madrid, Spain
meeting was announced. Balwnat met group member Alejandro Barrera in Madrid
to find out a venue. Alejandro and Balwant did some and during this a
message was posted to Argo hacking list. After this two more security
specialists Vicente Aceituno and Rafael Ausejo met Alejandro and Balwant
together. And finally they come to the name FIST. The FIST Conference stands
for “First Improvised Security Testing” Conference, as we felt little
fast-paced self-organizing way of finding the speakers, the venue and
audience.

As a plus, it doesn’t feel so bad when there is a small mishap in an
improvised event! Following conferences are known as “FIST Conference
Month/Place Edition”. The “First” stands for the first of this kind, that’s
why there are no “Second” of “Third” Improvised Security Conferences.

- Who is the audience?
Anyone willing to learn about Information Security.

- How much does it cost to attend?
Nothing, it’s a free event.

- Can I get a certificate for assistance?
That depends on the committee and the sponsor.

- Is there any prize or contest?
We are thinking on giving an award for the best presentation of every year,
but nothing is set-up as yet.

- Can I take photos or film?
As long as it doesn’t interfere with the presentation.

- Do you Webcast the conference?
That depends on the sponsor.

-       How can I help?
· Promote the event.
· Help the committee.
· Become a speaker.
· Become a member of your city’s committee.
· Become a sponsor.



Committee Members

- I want to organize a FIST conference in my city, what do i have to do?
Create your own committee.

- What are a FIST Committee duties?
Normally is a good idea to split responsibilities between committee members:
· Find suitable venue.
· Find volunteer speakers. Help them to tune the presentations quality and
length to make the conference a pleasant experience for everyone. Make a
presentation template available when possible.
· Promote the event.
· Be prepared to be main or backup speakers.
· Update information on the event’s to be maintained by the group website
Webmaster saman007uk at oddpost dot com.
· Coordinate with the international committee.

- What is supposed to be a Backup Speaker?
Being  a backup speaker means that you should be prepared to substitute a
main speaker for any reason. In case someone drops or you don't get enough
speakers, you should present your own speech.

- How  can I find speakers ?
Contact experts that you know or you meet in this or other events.
Frequently the speakers for the next edition contact the committee during
the very FIST conference.

- I have to choose a date for my FIST... is there any  restriction?
The date for the conference depends on the sponsor/speaker availability and
audience convenience. But we are trying to held it every two months, the
last Friday or Saturday of the month.

- Is it necessary to have a sponsor?
No if you can get all the resources (room, beamer, water, sound system) by
yourself. Anyway, sponsors can help in many ways like providing a suitable
place for the conference, material resources and promotion of the event.

- Is there any Conference Banner Template?
Write a mail to balwant at mahindrabt dot com and get it, soon it would be
available at group WebSite

- I don't know how to promote the event, what can I do?
You can try posting the conference banner to newspapers, magazines related
to technology, blogs, Security Portals, Universities and mailing lists. You
can prepare a poster too.

- What are the important conference details to give?
· Place.
· How to get there.
· Registration requirements.
· Date and time.
· Program.
· Duration.
· Web link for more info.

- How does the event develop?
Normally the sponsor presents the FIST committee, The FIST representative
presents the speakers, then the speakers speak (there might be a short
break), and finally the sponsor and the FIST committee close the event. Don’
t forget to thank the sponsor and the speakers.

- Is registration needed?
This is a sponsor’s decision. It’s often enough to show up, but a simple
registration is used sometimes.
Speakers

- I want to be a speaker, what should I do?
Contact a FIST committee. To be a speaker means to have something
interesting to say in the field of penetration testing or information
security in
general. Some guidelines:
· The speaker should be the author of the presentations, but to speak on
someone else work is ok, as long as you ask permission and give credit where
credit is due.
· Presentations should be licensed GPL-FDL or Open Content License. The
presentations will be made available through group
WebSite after the conference is held.
· Be at the conference room early. Bring your presentation with you in at
least two different removable media (floppy and CD for example). Don’t bring
your own laptop as using differents computers with a beamer is proven to the
troublesome.
· Slides take two to two minutes and a half. Take this into account when
preparing the presentation and fitting it into your time frame.
· Be as technical as you like. This a free and open event, but that doesn’t
mean that presentations need to be understood for people without knowledge
of the subject matter.

- I'm going to prepare a speech. Which language should I use?, Is there any
language restriction for my presentation?
You can give the speech in the language of your choice, but your slides must
be in English for the widest possible dissemination after the event.

- Where can I get the Presentation Template?
You can download the presentation template from OISSG page.
http://www.oissg.org/templates/

Sponsors

- I want to be a sponsor, what can I do?
To be a sponsor means to provide some or all of:
· A conference room.
· Beamer.
· Laptop.
· Internet connection.
· Webcast of the conference.
· Conference promotion.
· Attendance registry.
· Some water for the speakers.


Thanking you.
Sincerely,

Balwant Rathore, CISSP
Moderator, PenTest Group
http://groups.yahoo.com/group/PenTest/
ALT, NIEDERESCHBACH 37,
60437, Frankfurt, Germany
Phone: +49 (0) 160 99 55 13 66


---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_pen-test_040219
----------------------------------------------------------------------------