sessions/discussion forums about different topics in computer security suggest specific topics then we c if we have resources i tjhink we have

and SAKIA is out there waiting.......

I Was Known as POSIX

I am interested in helping with such an event. It is possible to partner with sakia in this but not necessary.

There will definitely be a lot of universities and ngos competing to sponsor and host such an event.

Is there any website describing where this event took place before and what it was like. It might help us formulate an idea about what is involved in organising such a grand event.

Awaiting your reply :)

Alright, let me list some of the stuff I've been thinking of:

Place:
Most probably, the Sakia would be a good choice if it can provide two halls (I haven't been there before, shame on me!). One hall will be used for the talks/discussions while the other will be used for the games/contests.

The sizes of these halls will be determined by the estimated number of attendees (you can have a good estimate from the events you've organized before). As for the games, for the first time, naturally the number of the audience will greatly exceed the number of the players.

Duration/Time plan:
Again, this will completely depend on the available resources. Initially, I was thinking of a 2-3 days event, but it could also be squeezed in a single day event - if neccessary.

The talks should run in 30-45 mins sessions (with intermediate 10-15 mins breaks) and there should be one or two prolonged intermissions to chill out; listening to too much technical stuff is not that healthy for everybody ;)

Games will run all day long, depending on the game type; or they will run in rounds.

Equipment:
For the talks, it would be the standard stuff; a computer, a video outlet to connect to a notebook and a projector.

Contests and games will require more equipment, like a number of PC's with networking support, switches, maybe even a wireless access point and a projector, too. But this will again depend on the nature of the event taking place.

Talks/discussions:
Any topic related to security (whether conceptual or practical) and exploiting it, is a good candidate. Some of the possible topics would be:

• How to secure your box
• Anatomy of a certain worm/virus
• WiFi (in)securities
• Topics in exploiting (BOF, shellcodes, process injection,...etc)
• Rootkits
• (Anti-)forensics
• Exploits demonstration (if someone has found something and would like to demonstrate it)
• Social engineering
• The e-government (ho ho ho!)

The list can go on... you can also invite people from the companies that business related to computer security or even from the national security to explain the legalities/penalties of digital crime acts. Of course you can also dedicate some sessions to FOSS.

Games/contests:
I do have some worked-out possible gaming schemes (plots include: web authentication, simple cryptography, forensic analysis, securing running services and remote exploitation).

Side-events:
Originally, I was thinking of this event as a chill-out for those who are interested (whether experienced or not), a place for those people to get together, exchange ideas and knowledge and have some fun. A non-technical side-event thus is more than welcome! Suggestions?

I also don't know about how this even could be funded, but -like in DEF CON- a vendor expo space is possible (but this won't be like the FOSS thing anymore). Anyhow, I have no big experience in this area, so I'd like to hear from you.


I think this it about it.
Let me know what you guys think!

this is nice agenda ,we need technical audince to enjoy them(we can mix things up),

I do not prefer El-Sakia at this time ,we should try some place else to have a kind of alternative places.

Why we do not try to organize this event as part of the installfest on Mubark library

Diaa Radwan

Why not Sakia Plz keep us informed....

I Was Known as POSIX

Great enthusiasm guys, hope you'd really organize something neat! (succeed in something that I failed)

Whether it's the Sakia or not, you know better than me. It's just that if you'd like to organize an event according to the initial idea, it would need at least those two halls.

One advantage of the Sakia is that it's already equipped to support similar events with lots of noise ;)

I just have a small concern regarding the installfest, I don't think it would be a suitable occasion for the following reasons:

1. As far as I understand, the installfest is meant to help people get on the track of FOSS, so most probably a great number of the attendees won't have sufficient background to really enjoy the event.
2. The con would require some serious preparation, and the installfest is going to be held somewhere towards the end of Jan. - if I'm not mistaken. This won't leave enough time to collect the material, contact the sponsors, do the propaganda and organize the event.
3. In several situations, it is much more efficient to focus on one event at a time so that one can really develop and present the event in a proper way.

The DEF CON team starts working on the preparation for their con about 8-10 months ahead! (DEF CON is usually held around the end of Jul. or the begining of Aug., and they start calling for papers around Oct. - Dec.)

Originally, the name I gave to this con was CodeX (an interesting combination of "cod" and "ex" ;P), which -obviously- attaches the letter of mystery "x" to "code", and also refers to the latin word for book. Feel free to suggest other names of course, but meanwhile I'll be using codex as the code name for this event/project. Codex was not meant to be a once-in-a-life-time event, but rather a big annual meeting. I have a few more extra ideas to add to the project, but let's take it one step at a time right now and see how things will develop.

So, if you're willing to carry on with the idea, I suggest that you (EGLUG) create a web space to host the stuff related to codex, like discussion forums, news,... etc and we can start brainstorming there.

hey y0 bro. i respect ur idea for suuureeee but i tried since 3 years ago to make a security group here in egypt and make somethin like DEFCON or ¨blackhats presentation¨ but guess what i found :s

1st- no knowledge and experiance at all with computer security and hacking meaning ¨most ppl thinks that security = firewall and hacking = LAME sub7¨ :s

2nd- the leet ppl who knows well about the issue liked to keep their information prviate :s and NO ONE HELP the others

3rd- besides most of ppl will join are windows users and all they know is playing with exe files :s

4rth- about C-coding and exploiting techniques :s i´m really sorry to say that most of us here don´t have enough idea to do such thing in a perfect way

in the end guys don think that i don like the idea , i really hope to work and i´m not LEET but i´m just trying to learn everything good and usefull in this field anyway i like to join and i´d love to help for sure if this succeded :) thx for suggestion

+MSamer u said :: we are not into hacking :) :p

byeeeeeeee

Well, first of all three years shouldn't put your enthusiasm aside... keep on trying and hopefully one day you might achieve what you've been aiming for. But when you give up, then there's no chance of achieving that, right?

And to your mentiond points, let me reply

1. Don't you think that this would be a good opportunity to open new doors for them? Maybe even help correcting some of the misconceptions floating around?
2. What about the good people here in EGLUG (plus others, hopefully) who are already sharing their knowledge and putting effort volunteerly?
3. Again, don't you think this will be a good chance for them to get exposed to "other" stuff? Besides, personally I don't think that using windows is a sin! (oops, am I starting a flame war? ;P)
4. Nobody should even have a "perfect" idea about it.. it's all about sharing, learning and enjoying!

Sure, it's a great thing to learn new stuff. So, why don't you share with us how could you contribute to the idea?

Finally, this is not about hacking in the usual sense of it, it's rather about security and its different aspects

man i just said ¨ i like to join and i´d love to help for sure if this succeded" so for sure bro. i´ll help and do it happly but a NOTE :::

security and hacking are one package so there is no security without hacking techniques ;) and i said i tried to make a security group and something like ¨blackhats presentation¨ to discuss the latest hacking tech. and how to be protected from it and to be more accurate :) letś say ¨cracking¨ not hacking :) but anyway for sure brother if u do it iĺl help and say what i know :)

well it's more like a dream for me to participate in such event but... i don't think that there is a lot of ppl know a lot about security and hacking here in egypt i mean any one hear hacking the first thing comes to his mind is getting a hotmail password or even sub 7 i mean most of ppl don't read they don't even bother to know more than downloading trojans and sending them to other ppl and if you think that iam not right take me as an example for my friends iam like kevin mitnick while all what i do know is some injection techniques and lame java scripting and by the way i don't think that most of ppl know what is def con ....any way for me it will be an honor to help in such event ..this is something that i realy like to do and that's my dream ...realy guys if you need help i like to help.

I guess we'll have to wait until all the admins are back from uganda since it seems that the members are not interrested ;-)

admin is a technical job related to the website, admins are not special at all when it comes to activities.

cheers,
Alaa

http://www.manalaa.net "context is over-rated. who are you anyway?"

I know, But I thought you might be the only on interrested other than me ;-)

Anyway, I wrote this after I came from the airport :p

... on a lighter note: I'm glad to hear that some are still interested.

The time might not be the most suitable for everybody still, but what about the suggestion of creating a web space for the whole thing, that's sectioned and organized, where we can brain-storm and collect data?

And i suggest drupal for--

Modular we can begin with few modules and extend it later i think alaa could donate us sub domain under his blog for now even as TEMP. thing

and we could practice on it :)

Salam

I Was Known as POSIX

hacking an honest Egyptian business's website is considered whitehat? Sheesh whatever happened to ethics. Besides, howcome you know? were they caught ( which says something about their skillz ) or were you involved ? ( which says something about your ethics ).

Besides This is exactly the WRONG idea about hacking. Please don't spread FUD.

hacking is GOOD thing . i didnot said cracking ... being caught doesnot mean they don`t have skills they discoverd hole on authntication tech. used by the web site actually cookie thing and they informed link.net they didnot use to do any thing harm Please for you and for all people don`t assume ... you should ask about what happend don`t jump to conclusion...

that is the excatly WRONG idea about ... (you name it)

PS : my ethics is MINE as it don`t effct you

I Was Known as POSIX

Hacking in the CORRECT sense is a GOOD thing, couldn't agree more. But when you go and describe a hack on a local commercial company without giving full details, or a link to the description if possible, then you ARE spreading FUD.

You and I might know, 10 people might know that hacking is not cracking. But most people will frown at the mere mention of the word.

The exact aim of this CON if it happens ( I wish it does ), is to change that and remove the ignorance of the true meaning of the act of hacking.

When your actions convey that your ethics may be flawed, someone has to take action, so that people won't label the group by the actions of a single individual, which will then affect me.

So please be clear and upfront about your data, both in source and content.

You and I might know, Weird that you know the hacking meaning and you assumed the oppisite one..!!!!! END

I Was Known as POSIX

Yes, I know of'em and about 2 years ago I've met El Deeb (D33B) as I was trying to get'em involved into this con thing. By now, I believe he has already graduated, as he was in his final year when we met.

Unfortunately, it didn't work out with XEgypt.

About one year ago, their web site was cracked down twice by an anti-security group and since then it was never back online. Their crack down was -in my opinion- demeaning, as it showed their laziness in implementing proper security measures for their own web site.

Finally, I think they had some active members (like Ayman (SLACKo) for example) who contributed with some nice pieces of code. The rest were pretty much idle.

By mention them , i wanted to say we have some resource which, allow us to begin such activity.....

I Was Known as POSIX

Hey all, I guess i'm one of the latest members, and i'm not that much experienced with organizing events nor a *nix pro. But all i can think of is why do not we really give it a push and try organizing such event? i really like to say "You can not find out unless you try", So we would not know how much people will love it, how much people will join as audients or active participants unless we announce it. So what about announcing it like 2 months before the estimated day, and make the opening day some undefinded day of month x, so basically you got more 30 days slack to do whatever :)

We have been talking for years about IT, open/closed source and how much we love development and that each of us is highly motivated and bla bla, and yet each of us sees the other as a lazy duck. The problem is, we are just shy of trying our best shoot, we are worried about losing, we are simply afraid of failure! If everyone's deed is always a success, i can just say he is not doing something new or defying his powers. He is simply doing the usual job....

My estimates or ideas about how we can work it out, First i am a regular reader for 2600 the hackery magazine http://www.2600.com at the last page, you can always find schedule for 2600's readers meetings all over the world, during the fall issue, i found Egypt listed! Yes there is some hackery meeting assumed in Isma'elia or portsa'eed, i am not pretty sure, thus we can try contacting them for some participation. Also Like 5 years ago or so, i came around with the xEgypt guys, basically Realist_ and LinuxLover, both are great guys, i think seeking their participation will please them. Also there are 2 Open-Source specialized companies in Egypt i heared of by now, IT Synergy (Which Yussuf Assad) works for, and Open-Craft which is listed as Open-Source support company, There is also ITWORX which i think does have an OSS department or so. Yussuf Assad's upcoming event should give a good estimate of how much the people are interested in OSS. XCODE can have some extention seminars for Yussuf Assad's from the prespective of security impact on business, and the OSS security challenges, M$ against OSS, and whatsoever of such prespectives. During the first XCODE Con. you should give little varaity of topics so as to estimate the people's understanding of GNU and *nix and how can be like a slavation for developing countries by reducing business development cost.

Also you may contact DEFCON or so to find some roadmap to how to execute such an event in a primitive way at least for the first day, then give space to the leet.

Hmmmm seems i wrote i too much! that's why i do not post much either :)

Just one last advice....When you say that you are afraid that you may not get many attendees, please not that much is relative to the quantity you refer to, which is undefined so far (At least till Yussuf Assad's seminar)

Mohamed Samy.

Follow the penguin...

hi all , we notice that you are talking about something like DEFCON here in Egypt! My bro. A-WaRZ replied y0u about what happened when he tried to do that in the past but ... we are ready to attend and help to make this great idea Gr0w Up ! and by the way we are the (anti-security group) as y0 called us ! when we hacked ! "xegypt.net" but we are not anti-security (please don't judge us if u don't know us) we work now as security specialists for many companies and we have faced problems here with eglug cause they hate people like us (hackers and crackers) but anyway now or at the future they will know that we are good society and helps more than lame developers working in compaines , we knows about security tricks and how to secure and break through it also

to contact us :: UIP.Crew@gmail.com

W3 4r3 :: rOCK-MaStEr , ACiD-WaRZ and Me ( SpiderZ ) ;)

This is just a small note, as I don't want to get side-tracked here.

First, I would like to acknowldge your enthusiasm and good will to support. I really wish this event would see the light one day.

Second, for the sake of clarity, you were not the ones I refered to to have cracked down XEgypt's site. I was refering to dikline, who are indeed an anti-security group. For some reason, their website has been modified and the original page is not to be found, but you can still check the google cached page here. The attack took place around the last quarter of 2004.

Your defacment to their website took place on the 29^th of April, 2005 (as reported on Zone-H), a few days after the site's security problem was made public even on the site itself and they didn't even bother to fix it.

my brother Spiderz posted this reply and he was thinking that you are talking about us , and now you have to know that me "ACiD-WaRZ" are a member of dikline (dikline.com) and i think i don't have to explain that or say somthin about it but i had to and now u know 1 member of dikline Notice to you :: "try to be nice a little" when u reply people wishing that ur idea grow up and see the light here in egypt and also we offers our help and share without any somethin in return and by the way "i have a private mails from xegypt server not included in this txt u posted containing cool stuff" and we don't hate xegypt i respect them and we talked after what happened but it was about somethin i don't have to mention it here in the end we offered our help and u have to accept or refuse it in a nice way

CYA

UIP.Crew@gmail.com

My mail :: ACiD.WaRZ@Gmail.com

My gpg key :: gpg --recv-key --keyserver wwwkeys.eu.pgp.net F7E787BD06084AE8

Mr acid.warz its to early from you to expect we will refuse your help .

i can`t see any thing prevent you from contrbute with us ,

every one is welcome

printf@drupal.org you are idea creator so get us a Wiki pleasee

I Was Known as POSIX