Saturday, June 29, 2013

Personal Blog Entry: My trip to Roanoke, VA for the US Cyber Challenge

So I just spent a week in Roanoke, VA to work as a teaching assistant for the US Cyber Challenge. For those not familiar with the US Cyber Challenge program, the program is intended to identify people with advanced hacking skills, in particular with the ability to attack rather than defend. In my work, I am mostly using defensive skills, but I am getting slowly into the habit of also training myself to attack. Of course not actual targets, but using virtual targets in a controlled environment to hone my still very limited attack hacking skills. I am certainly not on par with the people that attended the camp, but getting better every month.
For some more detailed information about the preliminary contests and the annual camps, here is the official website for the US Cyber Challenge.

We stayed at Hotel Roanoke, which was a treat. The hotel was absolutely gorgeous, both the interior and exterior. The building itself is more than 100 years old, but everything inside is totally renovated and very, very comfortable. The camp was allowing me my first visit to Roanoke, which is a nice little town and being the summer, no students from the local college were present. The town provided a nice downtown area with plenty of restaurants and was close enough to the hotel, connected to the downtown area by a covered pedestrian bridge, that going to a restaurant in the evening for dinner only took a few minutes.
Here a few pictures from hotel, inside and outside.
copyright Durhamonthecheap - Hotel Roanoke - inside view

copyright Durhamonthecheap - Hotel Roanoke - inside view

copyright Durhamonthecheap - Hotel Roanoke - outisde view

copyright Durhamonthecheap - Hotel Roanoke - inside view
The food was excellent during our stay. The breakfast included one hot item, either croissants filled with ham and cheese or sausage biscuits or a savory quiche. In addition, we had plenty of fresh cut fruit, sweet breads, bagels and a selection of fruit whole fruit, plus a variety of beverages, including fresh orange juice. Lunch was served at the hotel as well and included a selection of salads, meat dishes, a vegetable side and either rice or potatoes or pasta for starch. This was followed by a variety of desserts, including some form of mousse (the raspberry/mango mousse was phenomenal), a pie or some fruit-based tart. All was very good. For the afternoon, we again got a hot snack, usually a quiche, and then smores, candy and dried fruit and one other dish. One two occasions they served candied bacon, which was hotly contested by everyone in attendance because it was so good.
copyright Durhamonthecheap - the candied bacon bits - a treat for all bacon lovers!
The camp was not all fun though, although the work part for me was the highlight and actually fun as well (and certainly more important than how the hotel and food and rooms were). For four days we got to attend excellent lectures on cybersecurity ranging from pen testing android devices to how to use back track to develop a tactical attack strategy for offensive hacking. We also covered packet shaping and memory forensics. All lecturers were outstanding; a couple of them were official SANS instructors. I do not want to go intro more detail since the topics are really technical. But suffice to say that the highlight for me of these camps are the lectures since the TAs do get to keep the material for the lectures as well and I spent some time last night looking over the back track toolkit, which I have been wanting to play with for quite some time. Since the CD from the course includes a vulnerable target, the attacks from back track can now be launched in  a quasi lab environment and no ISP will be wondering what the weird traffic is doing on their network. If you are interested in cybersecurity, I can only recommend to look at the US Cyber Challenge website for any of the upcoming contests and participate in them, so you can have a chance to attend one of these camps. The lessons you will learn are condensed and intensive, but so worthwhile. I want to thank the organizers again for granting me the opportunity to attend this camp as a TA since it constitutes the best training I have received and wil lreceived this year! My employer is still putting training on hold and has for the last few years.

The camp's final day is a capture the flag challenge that lasts several hours and involves teams of campers, who compete for scholarships. We even had press coverage this year and the attention paid to cybersecurity is really good since offensive hacking skills are still in demand and press coverage will provide more attention to the camps and this ongoing effort to solicit interest in offensive hacking. Now back in Durham, NC. I am resting because the camp was intensive, even for TAs! - But so worthwhile!!!!

No comments: