Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Cyber Defense Competition Has A New Champion

ScuttleMonkey posted more than 6 years ago | from the hack-the-gibson dept.

Security 66

lisah writes "Several colleges across the country went head-to-head in San Antonio, Texas last weekend at the National Collegiate Cyber Defense Competition to see which team could best protect their networks against attacks. In a modern day version of Steal the Flag, the teams duked it out using identical network setups that included a Cisco router and five servers. In the end, Baker College took the champion's title from last year's winner, Texas A & M University."

Sorry! There are no comments related to the filter you selected.

Cyber war-gaming (4, Interesting)

BWJones (18351) | more than 6 years ago | (#23150464)

This is going to become more critical not just in terms of servers and informational or command based attacks, but also in terms of actual combat systems as we start to integrate more robots and remote networked combat platforms. For instance, my last visit [utah.edu] to Creech AFB was very informative, but also illustrated a number of potential weaknesses in the system that controls remotely operated unmanned aerial vehicles actively engaging in combat.

Exercises such as these are critically important to war-game any networked system, particularly when that system is using commercial off the shelf solutions and commodity hardware that is accessible and easy to explore outside the realm of cyber warfare. i.e. war-gaming your attacks before going live...

Re:Cyber war-gaming (2, Insightful)

Divebus (860563) | more than 6 years ago | (#23150974)

Exercises such as these are critically important to war-game any networked system...
...like defending against RIAA network invasions of Colleges?

Re:Cyber war-gaming (1)

smallfries (601545) | more than 6 years ago | (#23151410)

It's good to hear that people are still actively trying to hasten Judgment Day

Re:Cyber war-gaming (0)

Anonymous Coward | more than 6 years ago | (#23153200)

root@soldier1~# scp iwin.sh root@plane1:~/iwin.sh;ssh plane1 "~/iwin.sh"

SLASHDOT SUXORZ (-1, Troll)

Anonymous Coward | more than 6 years ago | (#23150474)

_0_
\''\
'=o='
.|!|
.| |
ass gaping competition has the same champion [goatse.ch]

Biometric Misidentification (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#23150534)

If your ass looks just like that of Bin Laden, don't leave it hanging out of a cave. And if you don't know what a hellfire missile from a Predator drone can do, just follow the link in the parent!

Baker college?!? (1)

fain0v (257098) | more than 6 years ago | (#23150568)

I always thought it was one step above a community college! Either I was wrong or they have improved a lot recently.

Re:Baker college?!? (1)

BosstonesOwn (794949) | more than 6 years ago | (#23150850)

Solid proof one geek can make a difference ! :)

an example of self-education (0)

Anonymous Coward | more than 6 years ago | (#23156802)

I attend baker college of Flint and tutored CIS systems and programming courses for several years. There is 1 good CIS instructor there who takes the initiative to encourage CIS students to take their education further outside of school. This is rare, the other instructors are flunkies. They are severely underpaid.

Baker college is not even a step 'above' a community college. It is referred to a "2nd chance" school, where anybody with a checkbook is accepted.

Let it be known, these students did not learn their skills from our school. This is Flint, MI. Surviving in this city alone is an education in itself. This is another example of how CIS can be successfully self-taught.

God damn, revert this comments system already (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#23150574)

you fucking egomaniacs had to fix what wasn't broken, and refuse to admit you made a mistake.

you just keep breaking it more. roll it back, assholes.

Re:God damn, revert this comments system already (0)

Anonymous Coward | more than 6 years ago | (#23150752)

Welcome to Slashdot. Producing broken, spaghetti code and completely ignoring their user base since 1997.

Re:God damn, revert this comments system already (1)

Sancho (17056) | more than 6 years ago | (#23152386)

I like the new comments. Among other things, it means that my subscriber page views go a lot farther.

Re:God damn, revert this comments system already (0)

Anonymous Coward | more than 6 years ago | (#23154840)

*shrug*.
I like it.

On your marks, get set... (3, Funny)

jibster (223164) | more than 6 years ago | (#23150730)

Any word on when ESPN will start broadcasting these "games" live? Throw in a few hot cheer leaders and I'd watch. Actually, anybody know where I can get tickets?

Re:On your marks, get set... (5, Funny)

Mordok-DestroyerOfWo (1000167) | more than 6 years ago | (#23150958)

Coming up on ESPN 1011:

7:00 - Co-ed full contact bash programming
8:00 - PHP fantasy team preview
9:00 - X-Treme PERL recital!
10:00 - World's Strongest Stench competition
11:00 - Geekcenter

Re:On your marks, get set... (3, Funny)

g0bshiTe (596213) | more than 6 years ago | (#23151148)

My guess would have been ESPN 1337

Re:On your marks, get set... (1)

beckerist (985855) | more than 6 years ago | (#23151526)

ESPN Mil Trescientos Treinta Siete!

Re:On your marks, get set... (1)

Paradise Pete (33184) | more than 6 years ago | (#23154250)

Any word on when ESPN will start broadcasting these "games" live? Throw in a few hot cheer leaders and I'd watch.

When I was in high school we travelled to another school for a chess match. They actually had cheerleaders. But since there were no fans, and the cheerleaders of course had to be quiet, it was rather strange.

Re:On your marks, get set... (1)

lythander (21981) | more than 6 years ago | (#23159050)

Seriously, I work with one of the major partners making this competition happen, and they're already in talks with ESPN2. They're working hard on visualization techniiques to make it TV-friendly.

CTF LOL! (0)

Anonymous Coward | more than 6 years ago | (#23150756)

I captured your net packets lol.
Next thing these kids will be employed by Comcast to capture customer 'flags'

Re:CTF LOL! (1)

Ethanol-fueled (1125189) | more than 6 years ago | (#23151280)

Or insert "flags" into suspect customers...

Re:CTF LOL! (1)

Ihmhi (1206036) | more than 6 years ago | (#23152730)

Oh, it certainly feels like Comcast is inserting something into customers...

Not sure what this proves (4, Insightful)

menace3society (768451) | more than 6 years ago | (#23150766)

Usually competitions like this are in "Which OS is most secure" kinds of settings, where the ostensible purpose is to find out which OS is the most secure. However, in this case, you had you had a bunch of different OSs all linked together, and you had to protect them from a bunch of security professionals. I imagine these "pros" probably weren't hard-core hackers, and given that, I'm not sure what the value of the exercise was. These pros won't have anything in their arsenal that everybody doesn't already know about it (at least, if they're studying computer security, they *ought* to know about it), and so we're basically left with (and this is something the article mentions) a bunch of people changing their conf files as fast as possible. If you ask me, they should six Eastern Europeans and North Koreans, and offer them $10,000 for every box they own. If the teams box doesn't get owned, they get the ten grand. Simpler, more interesting, and far more realistic.

Re:Not sure what this proves (0)

Anonymous Coward | more than 6 years ago | (#23150804)

All sounded pretty good until you used the word "owned". Save it for when you're taking on the "n00bs" on CS.

Re:Not sure what this proves (5, Funny)

Dachannien (617929) | more than 6 years ago | (#23150848)

All sounded pretty good until you used the word "owned".
Damn straight. Everybody knows the technical term is "pwned".

Re:Not sure what this proves (0)

Anonymous Coward | more than 6 years ago | (#23152538)

North Koreans don't even have the Internet, I'm not sure how much use they're going to be as hackers.

Re:Not sure what this proves (4, Interesting)

Anonymous Coward | more than 6 years ago | (#23150906)

A friend of mine, who knew the pros -- at least for the regionals that I *almost* got to compete in (not bitter, nope, not me) -- said they were Serious Business. The point is to go into a new system, figure out what's broken (because the systems the blue teams were provided were broken, sploitwise), and fix it. Changing your conf files as fast as possible means you have to know which files to change in which ways. I don't think the game is entirely realistic either, but it is important to know the methods. Between the in-depth study of a competitor's assigned system and the actual experience of an attack, you get a pretty good grasp of what it's like.

Re:Not sure what this proves (4, Interesting)

ja1217 (1266082) | more than 6 years ago | (#23151276)

I also participated in the competition, but due to issues with our Firewall (the stupid scanner the provided with us didn't work and we ended up taking our network down several times for unecessary reasons) we didn't pass the qualifying rounds. However, I went along to one of the later rounds and was allowed to sit in with the hackers. But as Anonymous said, the goal is mainly to fix a machine that already has holes as fast as possible. In my competition, we had two linux boxes (Red Hat 7 for DNS and Fedora 8 for web), a FreeBSD box for sendmail, a Win2k back up DNS, 2003 server for LDAP, and two Windows XP desktops. While the hackers weren't allowed to use 0 day vulnerabilities, they did have tools like CORE Impact at their disposal and within the first 5 minutes of the competition had owned every windows box. The only time I remember a *nix box getting owned was my groups. We were two busy fixing the LDAP server and forgot to change the default password of the BSD box from "password" because they were on the same machine (we had a virtual machine set up for our competition. This had its annoyances, but we could quickly recover from hacks by doind a revert to snapshot with VM ware. They probably disabled the revert feature in later competitions as in a real business environment, which they were trying to simulate, reverting could cause massive data loss.) Towards the end when things were winding down, one team had gotten owned really hard and wasn't about to recover, so they started doing trick programs on them. At one point, they had a screen cast of one of the competitors computers running on their own so they could see exactly what that school was doing. So they ran a trick program that made it look like it was running the Vista install process. We quick ran over and saw them frantically trying to cancel it with no effect. And then they ran a delete all on that computer. Even though my team lost, we had lots of fun and I was able to learn a lot. We'll be back next year (Millersville University) and hope to regain our position of at least 2nd place at Nationals, which we had for the 2 previous years.

Re:Not sure what this proves (1)

yabastaaa (877550) | more than 6 years ago | (#23151382)

Usually competitions like this are in "Which OS is most secure" kinds of settings, where the ostensible purpose is to find out which OS is the most insecure.
fixed that for ya

Re:Not sure what this proves (0)

Anonymous Coward | more than 6 years ago | (#23151738)

I'm Eastern European, were do I sign up?

Seriously though, that would make a lot of sense. My country, (Estonia, and if you bring up "1 guy p0wned your country", I will show you how it wasn't 1 guy at all but another silly slashdot myth that was made though 1 bad newspaper report that was poorly translated from an Estonian newspaper) is one of the most advanced IT countries in the world and we certainly have the people with skills to do take part in something like this. We have several colleges that would do quite well in such a competition but since we aren't invited / no prize we don't join.

In real life, winning in this situation means winning a lot of money or gaining a lot of power. Since nobody is going to give a lot of power to such a winner in a mock attack, money should be involved to the best college, world wide.

This would show the real potential of the world.

I would say "but someone would end up cheating" but I think cheating is part of the game here so, winner takes all eh?

Re:Not sure what this proves (3, Informative)

thelordzero (1131271) | more than 6 years ago | (#23152182)

Usually competitions like this are in "Which OS is most secure" kinds of settings, where the ostensible purpose is to find out which OS is the most secure. However, in this case, you had you had a bunch of different OSs all linked together, and you had to protect them from a bunch of security professionals. I imagine these "pros" probably weren't hard-core hackers, and given that, I'm not sure what the value of the exercise was.
These "pros" as you said are actually professional flown in from around the country who either are partners in consulting companies or just a level below that. Everyone on the red team does it for a living at the national level and certainly is not a bunch of non hardcore hackers who said o lets have fun. But then again what do i know, I was on the red team.

Re:Not sure what this proves (0)

Anonymous Coward | more than 6 years ago | (#23153380)

Everyone on the red team does it for a living at the national level and certainly is not a bunch of non hardcore hackers who said o lets have fun. But then again what do i know, I was on the red team.
Weren't you the guy having trouble running Nessus?

Re:Not sure what this proves (1)

menace3society (768451) | more than 6 years ago | (#23154320)

Oh, so you make your living breaking into systems and either selling the information you find, or exploiting it directly to get rich?

My point wasn't that they didn't hire security professionals, or that they didn't hire people who knew how to break into systems. They hired people who don't break into systems professionally, and that's what you'll be up against in the real world. It's like putting Home Guardsmen on the front line.

Re:Not sure what this proves (1)

thelordzero (1131271) | more than 6 years ago | (#23154386)

actually pretty much everyone makes a living off of the profession. That being said I was completly humbled by the team that was assembled and learned alot being there with them. Team Hilarious was great.

Re:Not sure what this proves (1)

menace3society (768451) | more than 6 years ago | (#23154454)

I'm sure they do, and I'm sure they're very talented. But, my point is, they don't make their money through technical exploits. They do audits and maybe even some white-hack attempts at penetration, but they aren't real cyber-criminals like in the Real World (tm).

If I'm mistaken, please correct me. Also, see what kind of havoc you can cause next year by flooding the pipes with useless data. If the box is too busy serving bogus requests and it drops some legit ones, that counts as service outage, right?

Re:Not sure what this proves (1)

thelordzero (1131271) | more than 6 years ago | (#23154510)

not my place to comment on white hat or not and i certainly wouldnt name anyone on the team. not my place at all. the guys on the team are the ones who can write the sploits on the fly when needed. The team lead is a guy who knows his stuff in and out as does the rest of the guys who flew in. Also flooding a connection is forbidden for the most part. I know since I had a perfect sploit lined up for one of the servers that would of DOS'ed it easily but the red teams hands were tied on that point. But yes if the server couldnt respond its a service outage. Some teams did that enough just by themselves (dam those ASA cables ehh? ;) )

Re:Not sure what this proves (0)

Anonymous Coward | more than 6 years ago | (#23160424)

Flood/DoS is not allowed. We are allowed to destroy machines once we are legitimately in (err), such as overwriting partition tables, deleting configurations, etc. We can DoS that way, but flooding a connection is prohibited. We also couldn't destroy their routers, since they have no control of this.

Re:Not sure what this proves (0)

Anonymous Coward | more than 6 years ago | (#23158346)

actually pretty much everyone makes a living off of the profession. That being said I was completly humbled by the team that was assembled and learned alot being there with them. Team Hilarious was great.
I do believe it's spelled "Team Hillarious." There are two Ls.

Re:Not sure what this proves (1)

not_hylas( ) (703994) | more than 6 years ago | (#23154398)

Didn't We Trash This Last Year?
Elite Network Counter Strike Force pwn Teens:

http://it.slashdot.org/comments.pl?sid=227039&cid=18391373 [slashdot.org] ... fun aside, it does sound as if they've/you all attempted to adjust the rules somewhat.

Re:Not sure what this proves (1)

luaplevap (970861) | more than 6 years ago | (#23152212)

Usually competitions like this are in "Which OS is most secure" kinds of settings, where the ostensible purpose is to find out which OS is the most secure. However, in this case, you had you had a bunch of different OSs all linked together, and you had to protect them from a bunch of security professionals. I imagine these "pros" probably weren't hard-core hackers, and given that, I'm not sure what the value of the exercise was. These pros won't have anything in their arsenal that everybody doesn't already know about it (at least, if they're studying computer security, they *ought* to know about it), and so we're basically left with (and this is something the article mentions) a bunch of people changing their conf files as fast as possible. If you ask me, they should six Eastern Europeans and North Koreans, and offer them $10,000 for every box they own. If the teams box doesn't get owned, they get the ten grand. Simpler, more interesting, and far more realistic.
being both from eastern europe and also a decent hacker, I like that idea

0-days are included (0)

Anonymous Coward | more than 6 years ago | (#23153572)

Actually...I know for a fact that 0-days were part of the regionals for some of the teams. So, you might want to check your facts.

Regardless, the red team members should be applauded because they get nothing out of this event. It is volunteer based....

Re:Not sure what this proves (0)

Anonymous Coward | more than 6 years ago | (#23154956)

You don't understand at all. This is a college level competition - not pro - and it's really to foster awareness of the importance of security than prove who has the best team.

Anyways, in addition to racing to change the config files, it involves tracking down backdoors that were already there, patching the servers, adding the features (like install sharepoint in ~5 hours and make available to external employees with user friendly instructions, or make all windows desktops print through the file server in less than an hour, regardless of which of the 100+ existing active directory users they "audit", from the time you walk in the door), reporting when you are hit with an attack to regain the points lost for being compromised, and providing good documentation on what choices you made and why you made them. All of the new deliverables (they call them injects) are scored by criteria.. which includes consideration for documentation. All the while again, you are being attacked and your uptime is being scored.

Throughout the competition, teams will need to work together well, be aware of what each other are doing (i.e. keeping track of who set what password on what), managing time to get the paperwork in rather than having it get forgotten. They will need to decide when and where to migrate services so that insecure windows 2000 box can be reformatted and have a patchable OS on it. The challenge is that all of this is happening simultaneously and time management and communication is just as important as technical prowess.

All in all, it is pretty much as accurate as you can be within a 3 day competition.. things are compressed a lot but all the things that happen are pretty realistic. There is a lot more to it than just not getting hacked.. it's a business simulation and a technical success is not always a business success.

Re:Not sure what this proves (1)

TXISDude (1171607) | more than 6 years ago | (#23157412)

I have been to these events, and have experience in "the real world". And what does this event prove? It is an exercise designed to test student groups ability to work together as an IT department from a security perspective, and operational perspective in a simulated real world business environment. I agree theoretically that when you take over a network that has deficiencies that it would be "nice" to be able to disconnect, fix it and then reconnect to the internet - but in the real world, try telling your boss that email will be down, that e-commerce will be down, etc. . . you will quickly learn that the real world doesn't share the techie view of taking things off-line to fix them. So, you have to fix them on the fly. This is one of the most realistic aspects of this challenge - find and fix the security issues, while still keeping the systems up and running and answering management demands (the sysadmin part). Sounds simple until you try - the added dimension of finding and repairing problems while maintaining up-time makes this much harder than they typical CTF game. As for the Red Team chops, can't vouch for any of the regionals, but the finals uses a team that would impress the Defcon crowd, the bosses from China or Korea, and any realistic measure of professional hacker. Why do this: to train students to become better IT professionals when they graduate. And to work as a team - which is necessary in today's business environment. Kudos to all who tried, for in the end, they all are winners.

RIT (1)

Digi-John (692918) | more than 6 years ago | (#23150796)

I'm just happy to see that my school (RIT) made it to the finals. Didn't even know we had a team.

In a previous life .. (1)

clint999 (1277046) | more than 6 years ago | (#23150920)

In a previous life this is something I did with government networks on a daily basis .. as I'm sure most slashdotter's have done.

Re:In a previous life .. (1)

clint999 (1277046) | more than 6 years ago | (#23152596)

nothing to see here, move along

from a Red Team member perspective.... (5, Informative)

thelordzero (1131271) | more than 6 years ago | (#23150988)

Well this competition was actually a great one. I was one of the red team members for the nationals (and also the only person to have gone from a regional team captain to the national red team). The competition was very close to the very end with only a few subtle mistakes being made as of the second day. The run down is usually like this for the red team: Day 1: Boxes are extremly vulnerable and red team had a hayday with easily found exploits. We set some backdoors and have some fun with the servers. Looking for customer data that is stored on them. Day 2: Teams have patched most boxes and taken care of most of the vulns out there. Red team goes after websites finding exploits for the most part since boxes are locked down other than holes we inserted ourselves. Default passwords on ecommerce sites are usually one of the last things to change. Day 3: Boxes and teams are finally pretty locked down. Some last holes are left over from the red team. Nessus and Core Impact and other tools are worthless at this point at the latest (if not midday saturday). This day red team is pretty much just having fun, especially the team lead, Dave with his laughing that echos down the halls making the other teams nervous. In all every team did a great job. Everyone learned alot (heck I learned alot red teaming with some of these guys). Stupid mistakes were made by every team and we (the red team) loved the teams for it. Can't wait to come back next year and seeing what the teams will do then.

Re:from a Red Team member perspective... APK.. (0)

Anonymous Coward | more than 6 years ago | (#23156976)

Try this next year gentlemen (those of you in this contest this year)...

That is, if you did not this year (or, applied points & tools like this URL suggests), for your Windows rigs (& even *NIX variants as well):

HOW TO SECURE Windows 2000/XP/Server 2003 & even VISTA, + make it "fun" to do, via CIS Tool guidance:
http://www.xtremepccentral.com/forums/showthread.php?s=c5687d1b44107836fa4d1dd9ba76f348&t=28430 [xtremepccentral.com]

CIS Tool? Hey - It works!

(& especially if you apply CIS Tool's points & those I layered ontop of them)...

Though the points in that URL are MOSTLY geard to "stand-alone" single home machines online (home users, no LAN etc. et al), it does note how its points CAN be applied to LAN/WAN environs as well to secure them, & with examples from companies (not just my own, either) using CIS Tool guidance & my points ontop of them to secure themselves.

APK

P.S.=> 2-3 hrs. of your time, in downloading, installing, + running CIS Tool... then, applying its suggestions/points (based on industry-wide best practices for security, such as those listed @ NIST for example & more), & then lastly applying points I make ontop of them, will gain you YEARS to DECADES into the distance of secure, safe, & faster internet performance & uptime... apk

Someone hasn't played UT... (1)

bigstrat2003 (1058574) | more than 6 years ago | (#23150990)

Clearly, the submitter is an FPS noob who doesn't know that it's "capture", not "steal", the flag! ;)

steal the flag? wth (1)

Tpl2000 (1174767) | more than 6 years ago | (#23151002)

urgh....It's called CAPTURE THE FLAG!! oh come on....

Re:steal the flag? wth (1)

lisah (987921) | more than 6 years ago | (#23156456)

Heh....you're right! Hey, it's been a while since I played. :-)

mod this down (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#23151082)

have to read this on another computer, cant be bothered to write it down or email it to myself, and slashdot is already a cesspool, so... ^_^

Reminder for PowerPC users

On 16 April, Colin Watson wrote that, in accordance with the technical board decision documented in https://lists.ubuntu.com/archives/ubuntu-devel-announce/2008-March/000400.html, individuals using the PowerPC (also known as PPC) build of Xubuntu should take care to update their /etc/apt/sources.list file. Old sources.list entries looked like this: /etc/apt/sources.list. Old sources.list entries looked like this:

deb http://archive.ubuntu.com/ubuntu/ gutsy main restricted ... while new entries should look like this:

deb http://ports.ubuntu.com/ubuntu-ports/ hardy main restricted

If you are still using archive.ubuntu.com on a PowerPC system, beware that the old sources list is likely to stop working soon and you should migrate to ports.ubuntu.com as above.

You can open your sources.list by pressing Alt+F2, entering gksudo "mousepad /etc/apt/sources.list" and pressing Run. You can then replace the mentioned lines with their new values.

Lots of Feds around (0)

Anonymous Coward | more than 6 years ago | (#23151118)

So I guess all the federal agencies gathered up everyones names and put them into some national "hacker" database.

More of a System Administration Challenge (SAC!) (1)

infiniteedge (634048) | more than 6 years ago | (#23151416)

I led a team that competed in one of the qualifiers and found the competition extremely wanting. It's more of an arcane system administration challenge rather than anything about security. Some responses to the competition are collected at my lab's blog here: http://isisblogs.poly.edu/2008/02/29/pre-neccdc/ [poly.edu] (see the comments)

Re:More of a System Administration Challenge (SAC! (1)

thelordzero (1131271) | more than 6 years ago | (#23152088)

This competition is about best defending a network in as short a time as possible. Each region creates its own scenario independent from the national level and it creates different levels of fun and realism for the teams. In essence this competition is realistic from a sys admin point of view and thats mainly the people who will be admining these system. Once again I say this as a red team point of view and that of someone who was team captain of the UTSA team this year (the hosts of the national competition every year).

Re:More of a System Administration Challenge (SAC! (1)

infiniteedge (634048) | more than 6 years ago | (#23154132)

Of course you had fun! You were on the Red team and you got to abuse groups of college students for a weekend! At least for the region we were in, the competition is NOT about how to best defend a network in as short a time as possible. It was about blindly following arbitrary rules and being a system administrator.

Re:More of a System Administration Challenge (SAC! (1)

thelordzero (1131271) | more than 6 years ago | (#23154200)

To be fair, I was red team at nationals (albeit I was humlbed greatly by the rest of the red team), I was the team captain for UTSA at regionals this year. I've seen it from the blue team, white team and red team viewpoint. Blue is the most frustrating I do say but in the end I've always walked away having learned something.

Re:More of a System Administration Challenge (SAC! (1)

fatigue909 (1277176) | more than 6 years ago | (#23153334)

I led a team that competed in one of the qualifiers and found the competition extremely wanting. It's more of an arcane system administration challenge rather than anything about security. Some responses to the competition are collected at my lab's blog here: http://isisblogs.poly.edu/2008/02/29/pre-neccdc/ [poly.edu] (see the comments)
I agree with you completely. I was a captain for a team that made it to the finals the first year they held nationals. The majority of business injects are related to system administration. Most of the strategies to win involve patching quickly and changing stupid defaults (among other things). However, I don't complain too much because it is a fun experience. Also, I haven't come up with better "rules" for the game. One of the biggest challenges was to devise a security competition that didn't promote hacking. That makes bad press and also makes it very difficult to obtain corporate sponsorship.

I can beat all of them to secure my network... (0)

Anonymous Coward | more than 6 years ago | (#23151500)

...in less than three seconds.

All it takes is Mr. Diagonal Cutters meet Mr. CAT5 cable. Network is then instantly secured against outside hackerz.

Re:I can beat all of them to secure my network... (1)

Cedric Tsui (890887) | more than 6 years ago | (#23152142)

You can also build a plane that will never crash by filling the gastanks with cement so it will never fly. But, you have to ask if it's still a plane.

That should be the immediate first step (1)

peccary (161168) | more than 6 years ago | (#23154280)

No systems should be networked until they are properly configured. If somebody hands you a crap infrastructure full of holes, the first thing to do is shut down as much internetworking as you possibly can get away with.

Re:That should be the immediate first step (1)

TheLink (130905) | more than 6 years ago | (#23154922)

Which is why these competitions have about as much relation to "security for real world systems" as F1 racing has to real life goods delivery.

Re:That should be the immediate first step (0)

Anonymous Coward | more than 6 years ago | (#23160216)

And the teams do. The problem is you don't know what holes there are, but you have a good idea of what services need to stay up. You start losing points as soon as you drop a service. I've seen (in the real world) machines that were not fully configured before being deployed, as well as machines that haven't been updated in years, plenty of holes for the taking. It's easy on large networks to lose track of things. It's also easy to get caught up and deploy something without finishing it.

Is there a link where we can see final setup? (1)

zukinux (1094199) | more than 6 years ago | (#23152948)

I'd like to see the final setup... It's very interesting.

Red Vs Blue ? (1)

UberHoser (868520) | more than 6 years ago | (#23156694)

Ok I call shotgun !

Who was caboose ?

Yeah...national competition (0)

Anonymous Coward | more than 6 years ago | (#23156982)

I'm not sure why this was tagged as the National competition - there's a yearly competition just like this that's been happening for quite some time between the services academies.

The United States Military Academy, the Naval Academy, the Air Force Academy, Naval Post Graduate all put together blue teams, and NSA generally serves as the red team; grabbing a group of folks from their grey-hat population.

Granted, this is only between the service academies, but the issue I take with this is when a few colleges do something, and call it a national competition. I mean...none of the big hitters are even involved.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?