OT: [maybe] how do I sign up? (was: Re: [...] NOVEMBER HackFest [...] on November 16, 2008 [...])

Wed Nov 5 17:02:48 MST 2008

((top posted because this thread
  seemed to already have that "custom"))

Sorry if this should have been an off-list reply
to Lisa or someone.

> November 16th is a sunday iirc

Sunday!
that's a good time for me...
if it is not a typo or something, then
Maybe I could attend.
(how do I sign up?)
  I plan to be out of town Nov. 6 --> 13,
(and I might be out of radio contact [away from e-mail/net] then);
and I have a VERY busy day Nov 14;
but it sounds interesting.
   ...will I get less out of it, if I've missed the "pre-requisites"?
On second thought, maybe I should just "observe" if I do go;
or maybe there will be a team that will allow me to join them
as a junior go-pher / trainee or something...
-- 
Mike Schwartz
Glendale  AZ
schwartz at acm.org

On Wed, Nov 5, 2008 at 3:39 PM, blake gonterman <gnunixguy at gmail.com> wrote:
>
> November 16th is a sunday iirc
>
> On Nov 4, 2008 2:30 PM, "Lisa Kachold" <lisakachold at obnosis.com> wrote:
>
> This month, the HackFest has been moved to Estrella Mountain to take advantage of a generous offer from Randol L. Larson to use their Lab facilities.
> http://www.estrellamountain.edu
>
> Joey Prestia (joey at linuxamd.com) will be supporting the PLUG FEST, as we delve into the exciting area of Linux Security.
> Saturday November 16th, 2008 - Noon Until 3:30
>
> We will bring targets for your practical exploits and scanning - and go over the original presentation materials for each lab - depending on the time available.
> Presentation Materials are available for review if you just found us at: http://www.scribd.com/doc/6680231/Hack-Fest
>
> It's suggested that people plan:
>
> 1) Develop and bring a machine with a good distribution or LiveCD's tested to work.
> 2) Social Engineer team members and choose one or two areas to concentrate on.  TEAMS usually always win most quickly -  as one person reviews the materials while the other does the lab.
>
> Again this is a practical lab - not a hacking/cracking demonstration.
>
> This format is presented for computer professionals, linux security professionals and linux users and is in no way an advocation of cracking, disrespect for private property or illegal activities.
> A disclaimer signature and email address will be required at the door.
>
> See you all there!
> [...]
> ________________________________
> From: lisakachold at obnosis.com
> To: plug-discuss at lists.plug.phoenix.az.us
> Subject: RE: HackFest Series: "Is it safe yet" or SSH Buffer Overflows and You - CHECK YOUR VERSIONS
> Date: Thu, 30 Oct 2008 15:38:46 +0000
>
> SSH Exploits are currently available in various forms:
>
> [...snip...] [...see previous msg's for deleted material...]
> >
> > > History:
> > >
> > > OpenSSH Challenge Response Buffer Overflow: http://www.securityfocus.com/bid/5093
> > >
> > > Report 2001 - updated last Nov 05 2007 02:45PM
> > > Other boundary exploits, kerberos, auth and encryption exploits and overflows exist making encroachment via SSH trivial.
> >
> > It's been almost a year since the update with no update on the update :(.
> >
> > Everybody was too busy reacting to the debian problem?
> >
> > ###
> > **UPDATE: One of these issues is trivially exploitable and is still
> > present in OpenSSH 3.5p1 and 3.4p1. Although these reports have not been
> > confirmed, administrators are advised to implement the OpenSSH
> > privilege-separation feature as a workaround.
> > ###
> >
> > I'd think the OpenBSD guys would have denied or confirmed this.
> >
> > /me switches back to telnet. ;-)
> >
> > ciao,
> >
> > der.hans
> > [...]
> ________________________________
> You live life beyond your PC. So now Windows goes beyond your PC. See how
> ________________________________
> You live life beyond your PC. So now Windows goes beyond your PC. See how
> ---------------------------------------------------
> PLUG-discuss mailing list - [...]
> ---------------------------------------------------
> PLUG-discuss mailing list - [...]