Return-Path: <sentto-279987-4722-1022600412-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Tue, 28 May 2002 08:51:07 -0700 (PDT) Received: (qmail 10339 invoked by uid 510); 28 May 2002 15:47:35 -0000 Received: from n39.grp.scd.yahoo.com (66.218.66.107) by all.net with SMTP; 28 May 2002 15:47:35 -0000 X-eGroups-Return: sentto-279987-4722-1022600412-fc=all.net@returns.groups.yahoo.com Received: from [66.218.67.199] by n39.grp.scd.yahoo.com with NNFMP; 28 May 2002 15:40:12 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_3_2); 28 May 2002 15:40:12 -0000 Received: (qmail 24456 invoked from network); 28 May 2002 15:40:12 -0000 Received: from unknown (66.218.66.217) by m6.grp.scd.yahoo.com with QMQP; 28 May 2002 15:40:11 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta2.grp.scd.yahoo.com with SMTP; 28 May 2002 15:40:11 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g4SFgUJ14933 for iwar@onelist.com; Tue, 28 May 2002 08:42:30 -0700 Message-Id: <200205281542.g4SFgUJ14933@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 28 May 2002 08:42:29 -0700 (PDT) Subject: [iwar] Cadets Keep NSA Crackers At Bay (fwd) Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=0.0 required=5.0 tests=DIFFERENT_REPLY_TO version=2.20 X-Spam-Level: Cadets Keep NSA Crackers At Bay By William Jackson, Newsbytes May 20 2002 1:53PM Cadets and midshipmen from the nation's military service academies faced= off last month in real-world cybercombat. They used all their skills to= keep production networks up and running while under attack by National= Security Agency experts. In the end, the U.S. Military Academy at West= Point kept the coveted NSA Information Assurance Director's Trophy it won= last year. The exercise "was a lot harder than talking about it in class," said West= Point cadet Chris Gates of Little Rock, Ark. "Until you fail, you don't= know how hard." Wayne Schepens, an NSA visiting fellow, called the exercise "a win across= the board from the NSA's perspective." The second Cyber Defense Exercise was the first in which all the service= academies participated. There was "a phenomenal increase in the skills of the cadets," said Lt.= Col. Daniel Ragsdale, assistant professor of computer science at West= Point. "They were better prepared and better organized. All the things we= taught them about defense in depth and breadth, they implemented." The exercise bridged the gap between the classroom and the real world,= Ragsdale said. "You can only go so far in the classroom," he said. "People= get a false sense of security." West Point's focus on information assurance skills started about three= years ago when Col. Andre Sayles, head of the Computer Sciences= Department, "had an epiphany" about it as a critical need, Ragsdale said. This year, 24 seniors at the 200-year-old academy enrolled in the= 3-year-old information assurance program. "They essentially had to commit= to having no free electives to get to this course," Ragsdale said. Take The Dare West Point is the first undergraduate school to be designated by NSA as a= center for academic excellence for information assurance. And it was West= Point that in August 2000 issued the challenge to its sister academies to= participate in the cyberexercise, which was held in April of last year. The only taker last year was the Air Force Academy at Colorado Springs,= Colo. The Naval Postgraduate School in Monterey, Calif., took part but did= not compete for the trophy. This year the Naval Academy at Annapolis, Md., and the Coast Guard Academy= at New London, Conn., also competed. "We have a strong interest in information assurance, and the department= encouraged us to take part in the exercise," said Maj. Robert Peterman, a= computer science instructor at Annapolis. All the academies have integrated security into their computer science= courses. The Naval Academy began offering an information assurance course= last spring, and it is now a requirement for a computer science major,= department chairman Patrick Harrison said. The Naval Academy felt it was coming from behind in the exercise-"in= start-up mode," Harrison said, whereas West Point has "fully blossomed." The Coast Guard Academy also saw itself as an underdog. "The Coast Guard is= the forgotten armed service," said Herb Holland, an academy instructor. It= defends against smugglers and illegal immigrants, and it handles= classified information, so security expertise is critical, Holland said.= But the academy has no computer science department; computer classes are= taught as part of electrical engineering. "This exercise is a project for students taking the computer communications= and networking course," Holland said before the exercise began. "These= guys are hyped. Since we don't have a computer science major per se, they= may not have as much background. On the other hand, they are engineers and= have lots of experience in problem solving. So I think we'll hold our= own." That assessment turned out to be accurate. The Coast Guard cadets "did a hell of a job providing [network] services"= during the contest, Ragsdale said. "They got compromised quite a bit, but= they hung in there." Keeping services running while a network is under attack is key to winning= the contest, he said, because "it's only in the context of providing= services that the rest of this makes sense." All the academies set up identical networks with a variety of services= running on three subnets protected by a firewall. They all transmitted= daily reports about intrusions and responses to the White Team-referees= from the CERT Coordinating Center at Pittsburgh's Carnegie Mellon= University. NSA and the Defense Department's Public-Key Infrastructure Program= Management Office provided funding for the networks. VPN Marathon NSA's Red Team of attackers and the referees on the White Team all used= virtual private networks to connect with the academy LANs. The White Team deducted points for intrusions but awarded points for= identifying them and fixing the vulnerabilities, so a network compromise= was not always fatal. "Keeping the services running was surprisingly hard," Schepens said. "We= impress on the cadets that a system is worthless if the services aren't= running." The participants had to perform a balancing act. "Keeping it up is really a= challenge when fixing one part breaks two more parts," said West Pointer= Ian MacLeoud of Philadelphia. Last year, Ragsdale said, the West Point network was a day late going= online and was then penetrated by the Red Team within three hours. The= West Pointers' defense plans were immature and static, he said, and the= key lesson learned then was that boosting security "makes administration= even more difficult." This year's cadets built on the experience. The attackers "were never able= to take the network down at any point," cadet Gates said. Defenses improved so much, in fact, that next year the exercise might add= communications among the academy networks, to give the Red Team more= opportunities to break in. "Each school put in heavy resources," Schepens said. "They were very= well-prepared." But his claim that there were no losers did not comfort West Point's= rivals. "There's only one first place," the Naval Academy's Peterman said. Ragsdale, however, said he doesn't expect West Point to maintain its lead= for long. "I would be astounded if next year or the year after another school doesn't= come to the fore," he said. "Much as I would like to think of it, I don't= see any dynasty." Reported by Government Computer News, http://www.gcn.com =A9 2001 - 2002 The Washington Post Company -- This was sent to you from http://theMezz.com To Subscribe/Unsubscribe go to http://techPolice.com http://www.theMezz.com/cybercrime/archive ------------------------ Yahoo! Groups Sponsor ---------------------~--> Tied to your PC? Cut Loose and Stay connected with Yahoo! Mobile http://us.click.yahoo.com/QBCcSD/o1CEAA/sXBHAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:32 PDT