[ISN] Day Two: CGA Cadets Foiling Would-be Cyber Infiltrators So Far

From: InfoSec News (isn@private)
Date: Thu Apr 14 2005 - 05:54:55 PDT


http://www.theday.com/eng/web/news/re.aspx?re=9400778c-9d6b-4ffa-86a6-01edf6d4280c

By ROBERT A. HAMILTON
Day Staff Writer
Navy/Defense/Electric Boat
Published on 4/13/2005

New London - The computer screen was displaying such dire warnings as
"ICMP Destination Unreachable Fragmentation needed and DF bit was
set."

Well, it's a dire warning if you speak computer.

"You can tell we're under attack now because the network is so slow,"  
Lt. Cmdr. Joseph Staier, assistant dean of the Coast Guard Academy,
said Tuesday, his gleeful demeanor belying what seemed an evil intent.  
"They're probing us, trying to find our weaknesses."

It was Day Two of a four-day Cyber Defense Exercise, in which a "Red
Team" from the National Security Agency, with assistance from some of
the top computer experts from the Army, the Air Force and other
agencies, is trying to hack networks set up by students at the
nation's five military academies.

On the second floor of Coast Guard Academy's McAllister Hall, 21
cadets, including three international students, were rushing from
screen to screen, monitoring what will be increasingly sophisticated
hacking attempts through Thursday night.

Web cameras keep the students in touch with their counterparts at the
Air Force, Naval and Merchant Marine academies and the U.S. Military
Academy at West Point, each waiting to see who will fall first.

Each team gets the same hardware, and they can only use free software
such as Linux, an operating system that does the job of Windows. The
academy team is running intrusion detection software that includes
Snort, which records tiny packets of information coming onto the
network, and Base, which looks through those packets for the
"fingerprints" of a hacker.

"I can make a perfectly safe system," Staier said. "You turn the
computer off and lock it in a safe. That's secure. But it's not very
usable."

Conversely, you can just plug the computer into the Internet with no
safeguards, and you can access your data from anywhere in the world -
but so can everyone else.

"The idea is to teach them the balancing act between security and
usability," Staier said. And it's an important question for the Coast
Guard, as it is for all military services, he said. If you're sending
operational orders via e-mail, you don't want the bad guys reading
them.

For the last three years, the Coast Guard cadets have beaten their
counterparts at the Naval Academy, though they have one-third the
number of players and no computer science major.

"You'd like to win, of course, but as long as you beat Navy ..."
Staier observed with a grin.

The computers are stacked on desks along the wall. In the center of
the room, a large table holds bottles of iced tea, cans of Mug root
beer, a largely untouched bin of salad and empty containers of French
fries and chicken nuggets. The box of Nature Valley granola bars is
still full, but the Pringles and Goldfish are disappearing.

Most of the cadets have been working almost nonstop since Monday
morning.

"This is a real trial by fire," said Cadet 1st Class Roger Nurse of
Guyana, who had no experience in network administration before this
week. He said it's a struggle to pull himself away for classes,
because he doesn't want one of his systems to be the first one to fall
to the cyber-intruders.

Cadet 1st Class Matt Kempe of Tustin, Calif., said he has already
learned a lot from the exercise.

"I learned starting a network from scratch is a lot of work, and sleep
is a luxury network administrators can't afford," Kempe said with a
chuckle. "I have a new appreciation for IS (information services)  
staff."

But Cadet 1st Class Roland "Tim" Orr of Fayetteville, N.C., said all
the work is worth it when you feel the rush of foiling an attack.

"When it works, it's like, "Wow, everything came together,' " Orr
said.



_________________________________________
Network Security - http://www.auditmypc.com
Free vulnerability test - How secure is your computer?



This archive was generated by hypermail 2.1.3 : Thu Apr 14 2005 - 11:44:10 PDT