AOH :: ISNQ4356.HTM

170 people attend hacking convention on IT security




170 people attend hacking convention on IT security
170 people attend hacking convention on IT security



http://www.dailytimes.com.pk/default.asp?page 07\07\27\story_27-7-2007_pg12_3 

By Ali Akhterzada
July 27, 2007

KARACHI: PakCon III, the third conference on IT-based security, with the 
slogan, Where security matters was held Thursday at a local hotel and 
its organizers said that attendance has gone from 70 attendees in the 
first year to a turnout of around 170.

Faiz Ahmad Shuja, president of PakCon and CEO of Rewterz, said that more 
and more information is going online in the country and its important to 
make people aware of the risks that come with the likes of online 
banking and computerized IDs among others. Its especially important for 
the companies themselves to protect its own information and the 
information entrusted to it by its customers.

There were 10 presentations on the first day, including a round-table 
discussion panel on various information security topics. And training 
sessions on hacking are supposed to take place today and tomorrow. This 
is the first time this convention has introduced training workshops, and 
the response has been very good, said Shuja.

During the days events, Faiz Ahmad Shuja talked about enterprise 
security monitoring. His presentation addressed the problem of excessive 
noise within the logs that are kept on your systems and how you 
generally cannot count on the logs that are maintained by various 
applications, servers and firewalls.

Ahmad Elkhatib, a security consultant from Pointsec in the UAE, gave a 
presentation on data leaks. Increasing worker mobility and the abundance 
of unstructured data has introduced new risks to your information. 
Another speaker from the UAE, Dr Fadi Aloul, a computer security 
professor from the American University of Sharjah, gave a presentation 
on how you can secure your wireless networks. Its not like Pakistan has 
an abundance of wireless networks in the first place, but tackling this 
issue preemptively is a wise decision. Because when Pakistan does go 
wireless, it will at least have some idea on what can be done to stay 
safe.

Aloul presented the results of some research work that was carried out 
in the UAE by his students. According to the research, about 50 percent 
of the wireless networks in the UAE are wide open for attacks - and not 
only the WiFi systems in residential areas but in corporations as well. 
He addressed simple methods that you can follow to make your wireless 
networks secure.

Alouls presentation was followed by Jawad Sarwanas on prosecuting 
hackers. Sarwana is an advocate of the High Court of Sindh and has 
advised several international clients in the banking and IT sector on 
electronic commerce and cyber crime laws in Pakistan. His presentation 
was on hackers and how the law deals with them. His main focus was the 
Electronic Transaction Ordinance of 2002 that says that any entry into a 
system, for any reason what so ever, is punishable by jail time and a 
fine. This poses a problem even for the hackers that want to help.

He gave an example of someone that called him up and told him about 
vulnerabilities in a certain banks network that they broke through. They 
told him that they wanted to go to the bank and tell them where their 
issues were. But he had to advise against it because they couldve been 
put in jail for doing so. He said that the only court case that has come 
up using that ordinance was one of his.

Tan Tiek Guan, from Data Security Systems based in Singapore, talked 
about two-factor authentication with greater emphasis on financial 
institutions. Pakistan-based researchers, Muhammad Omer Khan and 
Muhammad Ahmed Siddiqui, spoke about web application worms and 32-bit 
Windows exploitation respectively. And then members from Pakistans 
Honeynet project, Syed Jahanzaib Sarfraz and Ayaz Ahmad Khan, talked 
about botnets and how attackers go undetected.


_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com 

Site design & layout copyright © 1986-2014 CodeGods