ClubHack 2009: Day 1

Recently, I attended this Hacking and Security conference ClubHack. It was an awesome 3 day experience listening to seminars, workshops and round table conferences by various eminent speakers and hackers from all over the world. The speakers flocked in from various domains: Telecom, US DoD (Department of Defence), Royal Bank of Scotland, McAfee and even from Pune Police, NASSCOM, CID and other eminent law enforcement agencies! I reached the venue at 8:30 AM, leaving from my institute at 715 AM. The venue was 30 kilometres from my institute!!

What: ClubHack 2009, a meeting place for hackers, security professionals, law enforcement agencies, students and all other security enthusiasts.
Where: The Corinthians Club, Pune (The venue was awesome!)
When: Saturday 5th and Sunday 6th December, 2009

ClubHack 2009: Day 1
5th December, 2009 was Day 1 for ClubHack. The registrations started at around 10 AM (an hour late due to setting up of the venue). There were 3 halls, 2 for the simultaneous talks and the 3rd one for networking, meals and snacks. The day started with the introduction of ClubHack, by Rohit Srivastwa, the founder of ClubHack. This was followed by a small talk by the Chief Guest of the day, Mr. Alok Vijayant, Director Information Group, MHA, Govt. of India. After the keynote speech, the Indian version of BackTrack, Matriux, was launched. A copy of the same distribution was also distributed to all the audience.

Chief Guest at ClubHack 2009

Matriux Launch

After a small round of snacks and networking, the attendees split up in two halls, according to their interest in the talk. The schedule for the same was:

from	to	Room1	Room 2
1000	1100	Registration
1100	1200	Keynote & Matriux Launch by Mr. Alok Vijayant. Director Information Dominance Group, MHA, Govt of India
1200	1300	Rohas Nagpal – Indian IT Act 2000 vs 2009	Manindra Kishore – Incident Handling and Log Analysis for Web Based Incidents
1300	1400	Anant Kochar – Revealing the Secrets: Source Code Disclosure, Techniques and Impacts	Abhijit Tannu – Facilitate Collaboration with Information Rights Management
1400	1530	Lunch
1530	1630	Nikhil Wagholikar in abstentia of K K Mookhey – Risk Based Penetration Testing	Suhas Desai – Open source for securing data with advanced Crypto-Steganography technology
1630	1730	Vinoo Thomas & Rahul Mohandas – India Cyber Crime Scene – Caught in the Crossfire	Lavakumar Kuppan - Lust 2.0 – Desire for free WiFi and the threat of the Imposter
1730	1830	Kush Wadhwa – Advance Computer Forensic concepts (windows)	Gursev Singh Kalra – Mobile Application Security Testing

Another superb thing was the “Internet Bakra”. Running sslstrip and dsniff on the free internet which was provided for the day, all the passwords were sniffed and later at the end of the talks, were shown to people (just the 1st two characters of the password) to explain them that entering personal information in free connections can be harmful. While this did

After all the talks, ClubHack threw a party (on invitation) for the speakers, the volunteers and a few attendees. The party was in Dolally, the only microbrewery in Pune. Dolally is an awesome place (for people who drink beer). It has a wide variety of beers which they brew in house. They also showed us how beer was brewed from around 10 different wheat types. It takes around 20 days to brew beer!! It also has a DJ which plays on-demand music for free!! It was fun discussing informal things with the people whom you saw in formals the whole day! At one particular incident, I couldn’t recognize Mr. Nikhil Wagholikar (from NII Consulting) in the party. He was totally in formals in the day time, and in the evening, total informals!! Dinner was in the same hotel, having a buffet with all the speakers, the volunteers and other guests.

ClubHack Day 1 Party at Doolally

The day ended at around 11 PM (for me, since had to reach my institute before the gates closed for us!!).

The Volunteering Team

• Pankit Thakkar
• Abhijeet Patil
• Murtuja Bharmal
• Aseem Jakhar (founder www.null.co.in)
• Tushar Dalvi
• Pradnya
• Antariksh Shah
• Prashant Mahajan
• Anish
• Ajit Hatti
• and a few more … Kudos to them for a successful Day 1 (and simultaneously, Day 2 and 3!!)

Finally, saying goodbye to everyone, we left for our college at around 11:30 PM (the gate closing ceremony of Symbiosis Infotech Campus, Hinjewadi takes place at 11:30 PM!! we were late!!). Thanks a lot to Mr. Dinesh O’Bareja for giving us a lift till Wakad. We finally reached the campus at around 12:30 AM, went to sleep, just to wake up in another 4 hours for the fully informative, knowledge filled next day of ClubHack: the workshops.

ClubHack 2009!

ClubHack 2009

ClubHack is back! India’s own International Hacker’s Convention is back with its 3rd version with the aim to enable the dissemination, discussion and sharing of deep knowledge in the field of information security and cyber crime investigation.

What: ClubHack 2009, a meeting place for hackers, security professionals, law enforcement agencies, students and all other security enthusiats.
When: Saturday 5th and Sunday 6th December, 2009
Where: ICC or Estique
Registration: Opens in October, 2009. http://clubhack.com/2009/Registration

Rohit Srivastwa

Founder: Rohit Srivastwa
Rohit Srivastwa is a well known security evangelist. He has an expertise in cyber crime investigation and IT infrastructure management. Rohit is actively involved advising several military agencies, law enforcement personnel, media, corporate and Government bodies in these fields. Along with assisting these organizations solving there cases, Rohit is also involved in teaching the related subjects to them. Rohit has trained the police departments of Pune, Mauritius and Malaysia. Rohit Srivastwa is also the founder of ClubHack, a member driven community to spread the security awareness. As his last assignment Rohit was Director Technology at Commonwealth Games Pune (2008) where he delivered the complete technology of games and managed everything which comes under the umbrella of technology.
Currently he is Director Technology and Network Operations for Commonwealth Games to be held in Delhi in year 2010.

ClubHack, India’s Own Hacker’s Convention enters its 3rd version on the 5th and 6th of December, 2009. Previously, it was held successfully in December 2007 and 2008.

ClubHack 2009: Call for Papers
SUBMISSION: ClubHack2009 is expecting a good deep knowledge technical presentations/demonstrations on topics from the world of Information Security. These presentations are expected to be of 40 minutes each. The schedule time for each presenter would be 50 minutes out of which 40 minutes are for the presentation & 10 for the question-answer sessions. We’d request you to submit the papers keeping the time constraint in mind.

TOPICS: The following list is made keeping in mind the most interesting topics in hacking & security. This is more of an indicative list, the papers submission can be on other topics also but have to be close to this & the theme of the event.

• Protocol / Application based vulnerability in networks and computers
• Firewall Evasion techniques
• Intrusion detection/prevention
• SPAM fighting
• Data Recovery and Incident Response
• Mobile Security (cellular technologies)
• Virus and Worms
• WLAN and Bluetooth Security
• Analysis of malicious code
• Cryptography and Cryptanalysis
• Computer forensics
• File system security
• Secure coding & code analysis
• Hardware modification
• Patch writing for vulnerabilities
• Open source hacking toolkit
• Cyber Crime & law

Dates:
Opening: 15th August 2009
Closing: 15th October 2009

For more information, check out http://www.clubhack.com/2009

Me in ClubHack Workshop

ClubHack session in progress

Cop-Tech Forum

Recently, a few months ago, on the 30th of June, 2009, Cop-Tech Forum was launched. It is a joint initiative of Pune Police, NASSCOM (The National Association of Software and Services Companies) and the DSCI (Digital Security Council of India).

Purpose:
The main objective behind this forum was to increase sharing of ideas and knowledge on cyber security between the Police and the IT Industry. As Commissioner of Police, Dr. Satya Pal Singh, phrased it: “Cop-Tech is solemnization of the marriage between the Police and the IT Industry“. It is an initiative which calls for contribution of the IT professionals to help develop the Police force to serve the people better.

Pratap Reddy, an IPS officer who was an advisor (cyber security) to NASSCOM, listed down the things which Cop-Tech has to take care of:

• Develop the Control Room of Pune Police to make it state-of-art which can cater to all those who dial 100 in a proper, structured way. This would also involve Fleet Management to keep track of police vehicles on the field
• Cyber crime, computer security awareness among the students, non-IT professionals and the citizens in general
• Usage of CCTVs from different locations. This would also involve Video and Image Analysis. For this, IT professionals who work in this area were called for help.
• Training the Police staff in Cyber Security, Cyber Crime Investigation, Forensic Investigation, Computer Security in general, trainings on using of different tools (like GPS). This is to ensure that the state-of-art devices which would be used in the Control Rooms would be used efficiently and effectively by the policemen
• Forensic Investigation. There are many cases which are shutdown since Police do not have proper evidence or direction to work on. Here, the IT professionals can help (voluntarily) in Forensic Investigation

After this, the discussion was thrown out to the audience who are ready to contribute to this CopTech Forum. It was good to see a number of professionals from Infosys, Delloit, IBM, Null Security Community, Press, etc, who were ready to help in their own way. An Infosys guy was ready to design, develop, code and implement a database system for Cyber Crime cell and Control Room. As is going on for many months now, Null Security Community is already into spreading security awareness among the citizens of Pune, which has now extended to Banglore. They were also interested in helping for Cyber Crime Investigations and Forensics.

Pic:
Pratap Reddy (2nd from Right)
Dr. Satya Pal Singh (Lighting the lamp)

There was a good suggestion from one of the attendees. What he suggested was to look at the whole Cyber Crime as a business. A business which would involve 3 steps, including the actual crime and the monetization of that crime (like selling the data/information, selling the method to perform the crime in form of exploits, etc). If in some way, one of the 3 steps could be interfered and cause hamper, the whole cyber crime process would fall. But, since this Cop-Tech forum has a narrow scope (as of now) to those listed above, this suggestion was left for future scope. There were many other inputs from the audience volunteering for Image and Video Analysis, Forensics, etc.

In short, it was good to see a bunch of around 60-70 individuals as well as a few groups like Null to have participated in this and who are ready to contribute. But, looking at the facts of Pune being the “IT hub of India” or the Silicon Valley of the East, 60 – 70 was a very small number. Till date, people have always questioned the government for not doing a good job, but when it comes to helping/contribution/volunteering, only a bunch of people are there at the disposal of the government, even when the government has taken the first step. This is a humble request to all IT Professionals to help the Police and the Cyber Cell to make it better so that they are able to serve us in a better way.

To get in touch with CopTech and Cyber Cell Pune, you can pay a visit to Cyber Cell branch at Sadhu Vasvani Road, Camp, Pune-1.

Dr. Satya Pal Singh’s Blog: http://drsatyapalsingh.blogspot.com/