Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Security Education

Cyber Defense Competition Has A New Champion 66

Posted by ScuttleMonkey from the hack-the-gibson dept.
lisah writes "Several colleges across the country went head-to-head in San Antonio, Texas last weekend at the National Collegiate Cyber Defense Competition to see which team could best protect their networks against attacks. In a modern day version of Steal the Flag, the teams duked it out using identical network setups that included a Cisco router and five servers. In the end, Baker College took the champion's title from last year's winner, Texas A & M University."
This discussion has been archived. No new comments can be posted.

Cyber Defense Competition Has A New Champion More

Cyber Defense Competition Has A New Champion

Comments Filter:

  • from a Red Team member perspective.... (Score:5, Informative)

    by thelordzero ( 1131271 ) on Monday April 21, 2008 @05:20PM (#23150988)
    Well this competition was actually a great one. I was one of the red team members for the nationals (and also the only person to have gone from a regional team captain to the national red team). The competition was very close to the very end with only a few subtle mistakes being made as of the second day. The run down is usually like this for the red team: Day 1: Boxes are extremly vulnerable and red team had a hayday with easily found exploits. We set some backdoors and have some fun with the servers. Looking for customer data that is stored on them. Day 2: Teams have patched most boxes and taken care of most of the vulns out there. Red team goes after websites finding exploits for the most part since boxes are locked down other than holes we inserted ourselves. Default passwords on ecommerce sites are usually one of the last things to change. Day 3: Boxes and teams are finally pretty locked down. Some last holes are left over from the red team. Nessus and Core Impact and other tools are worthless at this point at the latest (if not midday saturday). This day red team is pretty much just having fun, especially the team lead, Dave with his laughing that echos down the halls making the other teams nervous. In all every team did a great job. Everyone learned alot (heck I learned alot red teaming with some of these guys). Stupid mistakes were made by every team and we (the red team) loved the teams for it. Can't wait to come back next year and seeing what the teams will do then.

  • Re:Not sure what this proves (Score:3, Informative)

    by thelordzero ( 1131271 ) on Monday April 21, 2008 @06:53PM (#23152182)

    Usually competitions like this are in "Which OS is most secure" kinds of settings, where the ostensible purpose is to find out which OS is the most secure. However, in this case, you had you had a bunch of different OSs all linked together, and you had to protect them from a bunch of security professionals. I imagine these "pros" probably weren't hard-core hackers, and given that, I'm not sure what the value of the exercise was.
    These "pros" as you said are actually professional flown in from around the country who either are partners in consulting companies or just a level below that. Everyone on the red team does it for a living at the national level and certainly is not a bunch of non hardcore hackers who said o lets have fun. But then again what do i know, I was on the red team.

Slashdot Top Deals

Today is a good day for information-gathering. Read someone else's mail file.

Close