Wednesday, October 01, 2008
Hacking games
(backposting) This evening, I took part in ICE II, which is a "cyber exercise". Two teams of 8-15 each. One team (the defenders) gets given a network that they need to keep the other team (the attackers) out of. Before they enter their respective rooms, neither has seen the network or what's on it. The attackers get access to a bunch of tools: the defenders have to make do with what's on the (old, and generally very exploitable) systems they're looking after. And when I say old, I'm talking Windows 2000 and more. A mix of Linux and Windows, a SCADA (power) box, a couple of VOIP phones, and IP camera and a PABX box (running Asterisk).I ended up leading the defender team. We got lots of help from a Larry Pesce from PaulDotCom, but then again, the attackers had lots of help from Paul Assadorian (also from PaulDotCom). Both sides did well: we managed better than I thought we had. Lots of credit to everyone on the defenders team, and also to the folks who set it up.
I ended up with a Wi-spy. Geek-a-rama.
All very useful indeed in understanding how threats play out: the scenario basically tries to put you in the place of an incident team parachuted (metaphorically) into a NOC (Network Operations Centre) which is under (virtual) siege from malicious attackers.
blogs4god
