-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PAKCON I, 22-23 December, 2004 Karachi, PC --- A DEFCON look-alike hacking convention in a country whose people don't give a hoot or three about computer security was something that took everyone by surprise. PAKCON I had no precedent; it was, as the founder had said, the first of its kind in Pakistan. And it was a blaring success for those few who take computer security more than what the average Joe does. I was there; I saw it all; I played a part in it; and I survived it. PAKCON I was nothing short of a dream that morphed into and became a part of reality. When you see something you thought was impossible to see, you pinch yourself hard to be sure about it. For the few weeks before PAKCON I, I painfully pinched myself to try to distinguish what was what. PAKCON came, rocked us, and left back nostalgia. What is a hacking convention without contests? Essentially nothing! PAKCON, like DEFCON, was not without its share of hacking competitions. For hackers, the highlight of day one was the infamous ``Capture the Flag Contest'' (CTF). I took the lead in organising it and seemed to have done a good job. The underground was mostly unanimous in their decision not to partake of the competition. For them, anonymity was crucial and they could not bring about themselves to trusting our words. I guess it means that the undergound does not know much, if at all, about hacking conventions like DEFCON. However, we did find teams to play CTF -- four teams, at best. The ``Capture the Flag Contest'' was involving and stretched to more than five hours straight. Only one team succeeded in compromising any systems. Our score server was compromised in the beginning. It was all my mistake: I had not hardened the default slackware installation on it. The contest progressed smoothly and near the end of the day the winners were announced unofficially only among the competing teams - -- the official annoucement would come on day two during the closing ceremony. The competitions we had planned for day two were all war-driving contests: Running Man Contest, War-Driving Contest, Wi-Fi Contest. Sadly, as day two prowled to a halt, most of us were drawn to the realisation that Wi-Fi technology is still not common enough among people of this country. Maybe, I think, at PAKCON II we will find people interested in bringing their Wireless-enabled equipment to the convention hall and participating in the contests. Maybe! Knowledgable experts spoke throughout the two days on diverse topics that converged to computer security. I was busy with the other half of the convention and could not attend most of the briefings. From what I have heard, the papers presented were unavoidable. I regret having missed them. I spoke at PAKCON. I amplified on a paper written by Fyodor of the Nmap fame and titled ``Methods of TCP/IP Stack Fingerprinting''. My speech was brief, without a visual aid, and ill-prepared. I had semester's final papers a day before and after PAKCON and could not prepare properly for the speech. Nonetheless, I spoke. Looking back, I find PAKCON to be more than just a dream coming true. But being that, PAKCON was not perfect. It had its share of mishaps and missings. Much of what was missing from PAKCON I has been noticed and penned down. We are making efforts not to leave any loose ends dangling about at PAKCON II, which is our major goal this year. Like code matures over subsequent releases, so will PAKCON each year. I hope. - -- Ayaz Ahmed Khan ``A hacker does for love what others would not do for money.'' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iQEVAwUBQgN2HwFi6bOwa2ADAQKT0ggAmSzQponAG1VTzdyOOezBzBwgK6Rn79Rw 0HgSDE1kDuZRxcqHfo+IZ6Lv0RfvlmKaYlTAxZM57YO5W5V64zndM5uG943Onm2w cHY1zRLK9v4RQjfQO/mypi/408kfHu9rrTofeNV1Ekdr9IHEC6PWCy9PAaVdePcp J98HKpjKfrz1OqQ07zftcUvE5N0IzvSvtahTBexFCiv3yXkRwg+Bl43pSrfe9PT4 IPkmZHAkB1cCIKQ3Me2nispdyzEw9MHz/SaGedsTw0qU1yoxyQd60kNuEnGXRTJC MvIyQteaTE0+8s371R4WzW7wxFVqHzTfa3GN0+4LBWIlDx204Mj5sA== =1Ute -----END PGP SIGNATURE-----