Last week, I had the opportunity to participate at SecNet 2001 - the annual workshop on security and networking - held at IIT Bombay. The workshop lasted four days, from the 12th to the 15th and had speakers primarily from IIT, but a few from industry as well.
The workshop was slated to start on the 12th with Professor Sridhar Iyer from IIT giving an introduction to networks and the underlying protocols involved, however he couldn't make it, and the job fell on Professor Abhay Karandikar from the Electrical Department. Professor Karandikar took the floor, and had his audience captivated. Given the short time that he had for preparation, he was absolutely brilliant.
He introduced the concepts of networks and TCP/IP, concentrating on the security aspects of lower layers and how they evolved over time. This man knows exactly what he's talking about and seems to have had extensive lecturing experience. He glided through the lecture answering all questions that came up.
The introduction was excellent, and the only worry was that things couldn't get better from here on.
The next two lectures were delivered by Mr. Ravindra Jaju, an MTech student at the School of IT - IITB. Jaju touched on the various methods employed by potential attackers to detect vulnerabilities in your network and exploit them. Among the techniques covered were IP spoofing, DNS spoofing, session hi-jacking, network sniffing/scanning, buffer overflows and denial of service attacks. He showed how an attacker would use combinations of these for a successful attack.
In his second session, Jaju demonstrated some of the tools used to carry out these attacks, and others used to protect oneself from an attack. Although the tools covered were Unix-centric, they were insightful, throwing light on actual techniques used by crackers.
The only complaint about this lecture was that no tools for non-Unix users were listed.
The second day was kicked off with Anil Gracias - also an MTech student, and one of the sys-admins at IIT - showing how to detect if your host is being probed, and how to identify an attacker's procedure. He showed how an attacker might create back-doors to get permanent access to a machine, and how to detect the presence of any such Trojan. The main focus of Anil's lecture was scanning of log files for patterns and scripts to search for `setuid' programs on the system.
A setuid program is one that runs with the privileges of the owner, rather than the person who runs it (as is the normal case), so if someone were to get access to a setuid program owned by the administrator, he could in essence become the administrator.
The second lecture of the day was delivered by Flynn Remedios - cyber forensic specialist, advisor to the Cyber crime cell of the Mumbai Police, author, et. al. Flynn was slated to provide a surprise package, the contents of which not even the organisers were made privy to.
Flynn started out talking about how an old girlfriend, who didn't like him any more, got hold of his yahoo account and read email that he had saved "for obvious reasons". He went on to tell people how he would get his colleagues' email passwords by looking at Internet Explorer's history. He also got Yahoo to change his date of birth by threatening them with his "influence with the Mumbai Police".
Towards the end of his first session, he started asking a few questions. When one of the participants from Global was unable to answer, he told him that he'd talk to FC Kohli and get the guy fired.
In his second session, Flynn attempted to demonstrate some Windows tools that most script kiddies use. Unfortunately, he didn't know how to configure his machine to work on the LAN, and refused to use the machine provided by the organisers, so non of his tools worked. He ended up showing email that he exchanged with someone sometime last year.
When a Unix issue came up, Flynn said that in 1991, while he was studying under Vijay Mukhi, Mukhi told him that Unix was for Eunuchs, so he has been unable to use Unix ever since.
Flynn's sessions got rave reviews, ranging from "We don't expect this from IITB" to "Don't call Flynn Baba again".
The third day, and this workshop definitely needed a boost. Dr. Leena Chandran-Wadia, a professor at the School of IT introduced SSL. From the way the lecture went, it seemed that Dr. Leena had researched not just her subject matter, but her audience as well. She called it beautifully, and while unable to complete all that she had planned, was able to bring the audience up to a level from where they could proceed on their own.
Dr. Leena introduced symmetric and asymmetric key encryption and their use in SSL, and the use of asymmetric keys for authentication, integrity and privacy of messages sent over a public network. She touched on the classic man-in-the-middle attack, and how encryption is used to protect against it. For those interested, she also delved into the mathematics of asymmetric key encryption and ended on carrying out secure transactions for e-commerce.
The lecture was very interesting and clearly rated as the best lecture by the audience.
In keeping with the day's theme of securing the underlying network transport and communications, the next lecture by Mr. Ambrish Kumar was on IPSec. Ambrish is a sys admin at IITB, and has experience in setting up IPSec tunnels. Unlike SSL, IPSec is implemented at the Network Layer (SSL is at the Transport Layer) of the TCP/IP stack. The advantage of this is that applications do not need to be modified to work with IPSec. On the other hand, IPSec introduces a higher overhead on the underlying network, causing a drop in effective bandwidth.
IPSec provides for tunnelling (VPN) private conversions/data transfer over a public, insecure network like the Internet.
Ambrish has good knowledge of IPSec supporting hardware and software, including approximate price ranges for the same. He ended the lecture by describing a possible design for a bank to provide secure data transmission between branches.
The last day's theme was mobile connectivity and wireless technologies. Lectures were to be conducted by Mr. R. Murlidharan - General Manage of OSS Systems India. Mr. Murlidharan didn't turn up, so Mr. Ajay Kumar Singh, another MTech student at IITB took up the topic of Mobile IP and Wireless LANs (802.11) and their peculiarities.
In our increasingly mobile world, these protocols will play a big part in future communication. Wireless networks can work with or without an underlying network infrastructure, and can even be used in situations wire earthquakes or other natural calamities have rendered regular distance communication impossible.
The technology of Mobile IP being somewhat different from what most persons working with wired networks are used to, it took some time, and several explanations for the audience to fully understand it. Ajay handled the topic excellently, and was cleared all doubts about the technology. Like most speakers, Ajay has a very good understanding of the topic and its various implementations.
The final lecture of the day was delivered by Professor Karandikar. After his first lecture, everyone was eager to hear from him again. His last lecture was on GSM and GPRS(mobile cellular phone technologies). This is one fundu guy. He knows the topic inside-out, and can answer any doubt at all.
While not directly related to computer networks or security, this was possibly the most enlightening lecture, and every member of the audience appreciated it.
Professor Karandikar's feedback indicated that the audience wanted more lectures from him.
The last session was a demonstration of BlueTooth technology by Premal Shah and Abhishek Jain - students at IITB. Bluetooth is a wireless technology used to communicate over short distances of the order of 10 metres. The bandwidth is low, and it is best suited for unconscious communication between personal devices (PDAs, laptops, digital watches, etc.). Bluetooth can be used for example to transfer all your messages from your laptop to your desktop computer as soon as you come within range.
Premal and Abhishek have also developed an ECG monitor on a micro-controller. The micro-controller is a Bluetooth enabled chip that communicates ECG data from a portable ECG unit to a main server. They also demonstrated how ECG can be used in a PAN (Personal Area Network) for communication over short distances.
In all, this workshop was well managed, although it could have been handled better. Most of the speakers had excellent command over the subject and the audience. It was disappointing to see that the only publicly known speaker was inept, rude and egotistic. One shudders to think of the state of the Mumbai Police after one of his daily two hour sessions.
The lab sessions were exciting, with actual hands on experience with some of the available tools, and the volunteers were very helpful and cheerful. Expect a good show next year.
/bb|[^b]{2}/
Never stop Grokking
Saturday, December 22, 2001
Labels
2fa
4.01-strict
404
accessibility
acer
airport wifi
algorithm
android
apache
API
att
audio
australia
authentication
ayttm
badges
bandwidth
bbc
bcp
berlin
bigsur
blog
blogger
blogger template
bof
book
boomerang
broken
bug
byte order
c
caching
chrome
closure
cmc
cms
codepo8
colours
comic strip
comments
communication
compile
conference
confoo
congestion-control
cookies
correlation
couchdb
cracker
crash
creative
credit card
crockford
cron
crux
csrf
css
curl
cwv
data tags
database
date
db
delicious
design
developer
dhtml
dns
docker
dom
dopplr
dragdrop
DST
dynamic script node
education
email
emotion
endianness
entities
ephemeral ports
epicondylitis
error checking
esmtp
everybuddy
extensions
facebook
favicon
fc9
fedora
fidelity
filesystem
firefox
firesheep
flickr
flot
form
forms
fosdem
foss
foss.in
freebsd
freedom
freestyle
ftp
function currying
gdb
geek
geo
george
gmail
gnome
google
gradient
groupon
hack
hacker
hardy
hash
howtos
htc
html
html5
http
i18n
icici
ie
iit
im
innerHTML
instant messaging
interfaces
internet
internet explorer
ios
ip
ip address
ipc
iphone
ipv6
iso8601
ISP
jabber
javascript
jslint
json
julia
keynote
latency
latex
LC_TIME
lcp
linux
load
localisation
login
lsm
luhn
MAC
macosx
mail
mathematics
mathjax
measurement
media queries
meetup
memory
messaging
microformats
missing kids
mobile
montreal
movable type
mp3
mvc
mysql
name generator
navtiming
network
nexus
nodejs
notes
opensource
opera
partition
passwords
pdf
perception
performance
perl
phone
php
planet
png
ports
prerender
printing
privacy
programming
programming style
progressive enhancement
psychology
puzzle
recovery
redhat
regex
regular expressions
resource timing
review
rfc2822
rfc3339
rhel
roundtrip
rss
rum
rwd
safari
sampling
scalability
scripting
search
secnet
security
sed
segfault
self extracting tarball
sendmail
seo
server
shell
shell script
sigdashes
site
slideshare
smtp
soap
sockets
spoofing
SQL
ssl
starttls
startup
statistics
stoyan
strftime
stubbornella
sydney
sysadmin
tablespace
talks
tcp
tcp-slow-start
testing
theme
thisisbroken
thisisfixed
thoughts
throughput
tim berners-lee
timezone
tips
toc
toy
transactions
twitter
two factor auth
typing
ubuntu
ui
unicode
unix
url
usability
ux
velocity
vint cerf
w3c
wav
web
web services
webcam
webdev
webdu
webkit
webperf
webtiming
whois
widgets
wifi
windows
workaround
write performance
X
xss
yahoo
ydn
YQL
yslow
yui
Translate this page
- PHOTO FEED
- Blog feed bluesmoon@Mastodon
- © PHILIP TELLIS
The other side of the moon by Philip Tellis is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.