[Cialug] Cyber Defense Competiton - late April

Michael Davis mpdavis at iastate.edu
Thu Mar 31 00:07:37 CDT 2011


Aha!  I was on Team 1, and one of the Green Team members that was in the
group of high schoolers toward the end of the competition was having some
trouble getting the correct syntax for a fork bomb on our shell box.  We
don't know if you guys ended up seeing it, but we fixed the code so that it
executed correctly, and then ran it on our system for you.  Unfortunately we
had resource and process limits set up for just such a problem.  The Green
Team has had a history of fork bombs.

Michael Davis
ECpE - Iowa State University
CHS Desktop Operations Staff
IASG Secretary



On Wed, Mar 30, 2011 at 11:27 PM, David Runneals <david at runneals.com> wrote:

> Josh and others,
> If your into IT Security, Network Security, Server Security, or just plain
> Linux, this event is for you! I have the luck (for 2 more years) to be on a
> blue team at this, which is fun & stressful... I just did the Community
> College CDC, the ISU CDC, and the National CDC (a mix of colleges and
> universities) as green team, and I learned alot from just doing that! I know
> Josh and a few of my friends were on the red team at those events.
>
> I would like to add my comments about the green team. The people on green
> are basically "dumb users" - RDP: making lots of backups to fill the HDD,
> deleting important files, catching viruses, (red doesn't like fork/logic
> bombs).. Web: modifying the php pages, posting stuff to the apps.. (This is
> the stuff we started out with)... and if you are on green, don't forget that
> helpful security exploit book library you have! :)
>
> Also, I would like to point out to those IT businesses out there looking
> for future interns, you can get a free corporate booth down on the floor and
> donate some of your SWAG - http://it-adventures.org/php/add_company.php ...
> This is the place to connect with those future employees that will be taking
> your position some day in the future!!!
>
> See ya'll April 30th 8am-6pm at Hilton!
> (Also red team, please play nice! We are only high schoolers after all! :)
> - If ya see me, say 'Hi' and try to work on that social engineering! :) :)
>
> <http://www.4-h.org/about/revolution/>
> David Runneals
> E: david at runneals.com
>  <david at runneals.com>
> Please consider your environmental responsibility before printing this
> e-mail.
>
>
>
>> Message: 2
>> Date: Wed, 30 Mar 2011 19:53:15 +0000
>> From: Josh More <MoreJ at alliancetechnologies.net>
>>
>>
>> This event is similar to the competition that we went to in April, with
>> two major exceptions.  First, I got confirmation that we can run as a team
>> this time, so there will be more learning opportunities.  Second, it's
>> against high schoolers and not the last round of the college level, so it'll
>> be easier and hopefully a lot more fun.
>>
>> For those that haven't played, it's a lot like a game of capture the flag
>> that focuses on cyber security.  The students build and secure environments
>> the best that they can.  Then folks from the community show up for one day
>> and help identify flaws in their system.  They have reached out to us for
>> assistance on this, so if you are free on Saturday, April 29th from
>> 8:00am-6:00pm please consider stopping by.
>>
>> On the technical side, they need attackers for the "red" team..  Do not
>> worry if you've not done hacking or penetration testing before.  I'll be
>> there and can help you out.  There are lots of tools that we can use for
>> free and, if you're interested, we could work out a way for you to try out
>> the commercial tools that I use on engagements.  If you ever wanted to get
>> your hands dirty on the security side, this is the perfect opportunity to do
>> so.
>>
>> On the business side, they need people to serve on what they call "green"
>> team.  If you want to see what our customers see when they are attacked, you
>> can join this team.  You would basically hang around with other people, use
>> the systems that the students build and complain when they don't work right.
>>  There is no technical skill required to do this, and it might give you a
>> first-hand experience that you could leverage in future discussions with
>> clients.
>>
>> If you want to help kids learn and benefit the community, this is a great
>> way to do it.  There is free food and drink, so there is no cost to this
>> event other than gas (and if there are enough folks, we could probably
>> carpool).  Please let me know if you are interested and I will build the
>> volunteer list.
>>
>> More information on the event is at
>> http://www.it-adventures.org/itolympics.html
>>
>>
>> Josh More | Senior Security Consultant - CISSP, GIAC-GSLC Gold, GIAC-GCIH
>> Alliance Technologies | www.AllianceTechnologies.net<
>> http://www.AllianceTechnologies.net>
>>
>> 400 Locust St., Suite 840 | Des Moines, IA 50309
>> 515.245.7701 | 888.387.5670 x7701
>>
>> Blog: Don't just blame the bad guys, it's your fault too
>> http://www.alliancetechnologies.net/blogs/morej
>>
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cialug.org/pipermail/cialug/attachments/20110331/6bb712bf/attachment-0001.html>


More information about the Cialug mailing list