From: Balwant Rathore (balwant@mahindrabt.com)
Date: Mon Mar 24 2003 - 07:12:59 EST
Hi,
My post's response was very nice.
The penetration test group is a group of professionals operating in INDIA.
We have focused our activities towards learning and upgrading ourselves to a
higher level in information security testing. Hence our primary aim is
towards setting up a smooth knowledge-sharing forum and to create a
community, which will be involved in testing secure architectures.
The group has set itself some small-medium term goals and a road map to
achieving them. Following are some of the initiatives and a brief
description of the same.
Study Workshops
These are short length workshops that answer the primary objectives of the
group knowledge sharing. These workshops will focus on particular topics,
which will be taken up by group members specializing in the same. The
presenter will provide detailed technical information (tools, techniques and
documentation) and wherever possible demonstration on the subject. We will
take Open Source Security Testing Methodology Manual (OSSTMM) as baseline
and will try to cover all the topics in depth. Interested presenters can
choose a topic and inform the group moderators who will coordinate the meet
and inform the group. Presenter has to submit his presentation one week
before.
Break-in Challenges
Some of the group members have setup honeynets to study newer attack
techniques. In the interest of the group the community will jointly conduct
attack challenges for the members. For example a defined group of members
can attack a preset honeynet, which is managed by another defined group of
members. Once the attacker group succeeds the honeynet group will provide an
intrusion report. Group’s concern is more and more learning. So honeynet
group can also coordinate with with attacker group to know all activities
which they have performed. Now Attacker group will share his experience in
town meeting. If attacker and Honeynet group is in remote location, they
will submit an intrusion report. One volunteer from group will study in
depth and share this learning.
Once this cycle is over team members can swap positions to create expertise.
Members can voluntarily register their honeynets for this practice, help to
members wanting to setup a honeynet will also be provided by the community.
Newer activities are in the process to finalize these activities and will be
discussed in the group meeting and will be formally introduced to the group.
Shoot your ideas. Come over and help us to create a learning community.
Thanking You.
Sincerely,
Balwant Rathore, CISSP
Security Practices Group,
Mahindra-British Telecom Ltd.
Oberoi Estate Gardens, Chandivali,
Mumbai - 400 072, India.
Tel : +91 22 56922000 Extn - 8010
Fax : +91 22 28528959
Mobile: +91 98208 03333
*********************************************************
Disclaimer
This message (including any attachments) contains
confidential information intended for a specific
individual and purpose, and is protected by law.
If you are not the intended recipient, you should
delete this message and are hereby notified that
any disclosure, copying, or distribution of this
message, or the taking of any action based on it,
is strictly prohibited.
*********************************************************
Visit us at http://www.mahindrabt.com
----------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does. Plug your security holes now!
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:31 EDT