I've been participating in the security and networking workshop at IITB for the last three days, and here's a little report on what's been happening there.

There were lectures by our own Jaju. He spoke about different security attacks including IP spoofing, DoS, DNS spoofing, sniffing, session hijacking, etc. and demonstrated tools like nmap for port scanning.

On the second day, Anil Gracias demonstrated how to analyse log files for patterns of probing and possible break ins. He demonstrated tools like snort, tripwire, and netsaint.

Flynn Remedios - the advisor for the Mumbai police cyber crime cell - also spoke. He basically explained how to delete the history from Internet Explorer and how to give incorrect information when signing up for a yahoo account, and how he threatened yahoo.com with his influence with the Mumbai Police. He also told us a lot about his personal life and why he doesn't use Linux/Unix.

Apparently, in 1991, when he was studying C/C++ under Vijay Mukhi, Mukhi said that Unix is for Eunuchs, and so from that day on he has been afraid to touch unix, possibly because he thinks it will make him one.

My advice to anyone/any company who wants to hire him as a consultant. Just make sure you only consult him on how to walk around with one foot in your mouth.

The third day was taken by Dr. Leena Chandran-Wadia, on SSL and the different kinds of message encryption/signing. Leena has an excellent command over the subject, and seemed to have done her homework not just on the subject, but also on the audience. In all, this was the best lecture of all.

Mr. Ambrish Kumar took the next lecture on IPSec, touching on implementations in windows and linux. There were some doubts as to whether the linux kernel has built in IPSec compatibility or if it requires a recompile. Maybe someone on the list can shed some light on this.

IPSec seems a very interesting topic, and those who have the opportunity should try it out.

There's one more day to go for the workshop, I'll keep you'll posted.

Philip