Dec 2016 – SANS Holiday Hack Challenge Party

santa1

 

 

 

 

 

 

 

The SANS Holiday Hack Challenge is going to be released on Dec 9th, we’re going to party on Dec 15th:

santa2

 

 

 

 

 

 

 

 

If you’re not familiar with the challenge it is an annual event put on by Ed Skoudis and his team. It is essentially a game that involves a series of cyber security challenges designed to get you to learn a wide variety of skills. The team does a phenomenal job. It has elements for all skill levels and hints as you go along the way. Last year’s challenge was EPIC and I think my wife was ready to kill me if I didn’t stop playing. I’ll warn you, it can get addictive.

166-addiction

The challenges are kept online each year so you can continue to play, even if you didn’t complete it by the deadline. Here is last year’s challenge if you want take a look: https://holidayhackchallenge.com/ This link will likely update to the 2016 challenge on 12/9. If so, here is a list of past challenges: https://pen-testing.sans.org/holiday-challenge/

I can honestly say, after playing last year, I have looked forward to this year’s challenge all year long. My wife, maybe not so much, since I had my head buried in my laptop for 2 weeks last time 🙂 Here are just a few of the things I either learned about, or added skills to while playing last years challenge: sed, awk, scapy, python, JSON, SQL injection techniques,  numerous web application pentesting techniques, Burp Suite, mondoDB, firmware extraction, DNS CnC and data exfil. And when I wasn’t pulling out my hair, I had an absolute blast doing it!

Join us on 12/15 to work on the Holiday Hack Challenge. It is for all skill levels and you will be surprised how much you will learn. We will have wifi access available so everyone can work on the challenge. If you are a student and want to participate but don’t have a laptop, let us know and I will make arrangements so you will have somethig to work on.

To make the best use of the time at the party, go ahead and sign up for an account once the challenge is posted on 12/9.  You can start playing anytime after you get an account. I  also recommend having some sort of virtualization software on your laptop such as VirtualBox or VMWare Player, both are free. And having a VM running Kali set up. Or if Kali is your main OS you may want to have a Windows VM setup. All of that will aid you in the challenge.

gladiator

As usual we’ll have beer/soda and snacks. Just bring your brains because you’re going to need them.

dan-akroid-santa

The meeting will be at 5:30pm on 12/15 at R&K Solutions, 2797 Frontage Rd NW, STE 1000, Roanoke, VA 24017. Google Maps.

Dec 2015 – Continuous Security Monitoring: A Big Data Challenge

I-dont-always

At our Dec. meeting our guest speaker was Randy Marchany (bio below). @randymarchany is the University Information Security Officer for Virginia Tech. He is also the director of the VA Tech IT Security Lab, a component of the university’s Information Technology Security Office.   Randy did a great presentation about Continuous Monitoring and how they are implementing it at Virginia Tech. He also talked about how security is changing with “borderless” computing. They have to blend corporate security with ISP model security. He also talked about as much as things change, some seem to stay the same. One of my favorite slides from the presentation was a quote Randy said back in 2002, that still holds very true today:

marchany-quote

 

Here is the “Continuous Security Monitoring: A Big Data Challenge” presentation:

Randy Marchany - Continuous Monitoring

Here is the “What is Old is New Again” presentation:

Randy Marchany - Whats Old is New Again

Randy’s bio:

Randy Marchany is the University Information Security Officer for Virginia Tech. He is also the director of the VA Tech IT Security Lab, a component of the university’s Information Technology Security Office.

He is the author of VA Tech’s Acceptable Use Statement and a co-author of the original FBI/SANS Institute’s “Top 10/20 Internet Security Vulnerabilities” document. He is the co-author of the SANS Institute’s “Responding to Distributed Denial of Service Attacks” document that was prepared at the request of the White House in response to the DDOS attacks of 2000. He was part of the SANS Institute’s Secure Code project that developed a set of exams to test programmers’ knowledge of secure coding techniques. He has been a member of the SANS Institute’s faculty since 1992.

He is a co-author of the EDUCAUSE “Computer and Network Security in Higher Education” booklet. He is a member of the EDUCAUSE security task force focusing on risk assessment and security metrics. He was a coauthor of the original Center for Internet Security’s series of Security Benchmark documents for Solaris, AIX and Windows2000.

He is one of the original members of the US Cyber Challenge (USCC) Project. The USCC mission is to significantly reduce the shortage in the cyber workforce by serving as the premier program to identify, attract, recruit and place the next generation of cybersecurity professionals. He designed the curriculum for the USCC summer camps.

He is one of the founders of the Virginia Alliance for Secure Computing and Networking (www.vascan.org), a consortium of security practitioners and researchers from VA Tech, U of Virginia, James Madison Univ., George Mason Univ.

He has been a frequent speaker at national and international conferences such as Educause, SANS, IIA, ISACA, ACUA, International CISO symposium, IEEE, NIST, NY State OIT Security conference, FBI-Infraguard chapters, US Forest & Wildlife Service, Computer Security Conference, Air Force Material Command. He’s been the subject of articles in the Chronicle of Higher Education on security issues at university campuses.

He was a recipient of the SANS Institute’s Security Technology Leadership Award for 2000. He was a recipient of the VA Governor’s Technology Silver Award in 2003. He was part of the team that won the EDUCAUSE Excellence in Information Technology Solutions Award in 2005. He is a co-holder of two cybersecurity patents.

He is acknowledged as one of the North American masters of the hammer dulcimer. He is the author of the original theme song of National Public Radio’s nationally syndicated radio program, “World Cafe”. His band, “No Strings Attached” was nominated for or won “Indie” awards (independent record label’s version of the Grammy) for Best Album (String Music) category in 1984, 1985, 1986, 1988, 1990.

Nov 2015 – Cyber Warfare Threat

At our Nov. 2015 meeting our guest was Col. Lapthe Flora (bio below), brigade commander of the 91st Troop Command. He shared his experience dealing with the advance persistent threat represented by outside actors. He talked about some of the steps DoD is taking for prevention, how cyber warfare is moving out of the realm of science fiction and becoming a real threat and weapon, and current need for DoD to develop talent.

Col. Flora’s Bio:
Col. Lapthe Flora is currently the brigade commander of the 91st Troop Command, headquartered at Bowling Green, Va. Col. Flora’s command includes the Petersburg-based 276th Engineer Battalion, the Sandston-based 2nd Battalion, 224th Aviation Regiment, the Fairfax-based Data Processing Unit, the Norfolk-based Joint National Guard Augmentation Unit and the Fairfax-based Information Operations Support Center.

Flora started his military career in 1988 in the Virginia National Guard after graduating from the Virginia Military Institute and has since served in every staff position within 1st Battalion, 116th Infantry Regiment, 116th Infantry Brigade Combat Team, including as commander of that battalion. Additionally, Flora served as the 116th IBCT executive officer, 29th Infantry Division’s director of operations and most recently as the Joint Force Headquarters – Virginia director of strategic plans. He has successfully completed three overseas deployments to Bosnia, Kosovo and Afghanistan.

In his civilian capacity, Flora is the Senior Applications Engineer with Harris Night Vision & Communications Solutions in Roanoke, Va., and holds six patent awards related to the AN/PVS-14 and AN/AVS-9 night goggles.