As part of the Association of Computing Machinery (ACM), Cyber Defense is a group of students who gather weekly to discuss what it take to audit, maintain, secure, and defend a small business class network from those with malicious intent (the Red Team).
In the months leading up to the Spring competition, myself and the other members of our team practice setting up, maintaining, and securing business services like SMTP, LDAP, DNS, MySQL, and Web. In addition, we discuss the various exploits in Windows and Linux and how to patch up the holes to prevent intrusion. Generally we rely on each other to figure all this out. We each have our strengths that we individually learn about, then share it with each other.
We also utilize a lab in the basement of JB Speed to practice in. We have several computers and servers setup to mock the Cyber Defense competition, in which our team splits up to defend/attack the network. The red team style attacking is a great learning experience to figure out where holes in a network are, how they are exploited, and how to close them. If your interested in learning more about these attacks, there is an excellent tool available called Armitage which serves as a front-end to the Metasploit framework for exploitation. There are plenty of videos online that show you how to use these tools to exploit a network/system. It really is a great and (in a controlled environment) fun program.
We have just started to meet, so I don’t have much for you at the moment, but as the semester goes on, I should have some interesting tid-bits (I can’t tell too much though – our competition might see.).
And on that, let me leave you with this classic clip from NCIS:
In case it wasn’t clear, that is NOT how attacking or defending works, but it’s quite humorous. Though, pulling the plug sometimes is a perfectly valid solution.