Sunday, June 28, 2015

My Impressions of SANS NetWars Continuous

From the SANS NetWars Continuous website, :

"SANS' NetWars Continuous Online Range uses the gamification of IT Security to advance your most vital InfoSec skills. To build your skills and keep them from getting rusty, you need an environment where you can apply your knowledge to solving real-world infosec issues to stay sharp. That's what NetWars Continuous is all about. Over the course of 4 months and 5 levels, you can master real-world tactics and techniques in a safe learning environment."

Having just about completed SANS NetWars Continuous, I wanted to share my impressions on it and my experience working through it.  Obviously, I will share what I can without giving away any hints or details that might ruin it for others who will participate in the future. :)

First, let me say this: I am not a pentester.  Nor am I a blackhat.  I don't spend many hours of my days hacking into other people's networks.  What I've learned I've learned through self-training, SANS courses, with great instruction by people like Ed Skoudis, Seth Minisar, Dave Shackleford, Jeremy Druin, and others like them.  I do hack some as part of my job and definitely enjoy it, but by NO MEANS am I at the level of these guys or those who do this kind of thing everyday as their profession.

I signed up for NetWars continuous after taking SEC542 (Web Application Testing and Ethical Hacking) in New Orleans from Seth.  I thought, why not give it a go?  It has been fun and severely educational.  While live NetWars competition is available at SANS conferences, NetWars continuous provides much more time for someone like me to learn a whole lot more.

Ed Skoudis and his team have done a great job of creating a challenging CTF game that is stable and repeatable.  That isn't easy to do.  It's consistent in that things work the way they should and you don't have to worry about getting "cheated" by a technical glitch or an unseen bug.  They also make it fun in the usual Ed Skoudis way, by including a theme and characters from that theme as a backdrop for the scenario.

My 4 months is over.  Here's a brief overview of my experience.

NetWars is NOT just about offense.  That is made clear immediately in levels 1 and 2, where you are provided with a Linux image to work on.  As someone who has been actively defending for years and is an old Linux guy, levels 1 and 2 were both interesting and pretty straight forward. Correctly answering online questions is the way to earn points in levels 1 through 4, while taking as few hints as possible.  You are allowed up to 3 hints per question, but taking them all not only lowers your ranking in a tie situation, it also (for me) kinda defeats what I wanted, which was to force my own learning and education.  I tried my best to take as few hints as possible, and if I wasn't sure about something I would hit up the Interwebs first.  Often after starting work on a question I would take the first hint just to make sure I was "barking up the right tree".  I was surprised and stoked that I was able to make it to level 5 while taking only 23 hints, and only needed all 3 hints for one particularly grueling question, which took me an entire week to answer! (more below).

They also show you all 3 hints after you have successfully answered a question.  On one scenario, I realized I was able to complete it in a different manner than what the hints showed afterwards, and I was kinda proud of myself for that one. ;)

The variety of scenarios and questions stretch you, as they cover almost all aspects of offense, defense, forensics, intrusion detection, etc.  I never found any of it boring or repetitive.  The challenges kept stacking up.

Level 3 introduces you to the online challenge by placing you in a company's DMZ where you have to attack and infiltrate systems in a variety of manners.  This is where I really started to have to stretch my mind a bit.  It includes network and web application pentesting in this level.  Having just finished SEC542, I really enjoyed this level.

Level 4 ups the ante by giving you the opportunity to break into the internal corporate network.  It includes social engineering, which I think is fantastic.  This level took me awhile.  One particular question involving encryption took me about a week to research, learn and try before I finally got it.  It was a bruiser. ;)

When I started NetWars continuous I never even dreamed of making it to level 5.  I was surprised and stoked that I did (and kinda scared too! ;)  I wanted to complete all the questions in the previous levels so that I had as many points as possible, as I wasn't sure how well I would do from there.  After finishing off, I joined a level 5 game.

Level 5 is interesting in that it is live offense and defense.  You compete against others in the game, defending the "castle" you are given while performing offense against theirs, with the goal of uptime for your castle's services while placing your "flag" in the services of as many other castles as you can.

The other thing that is interesting about level 5 is that it is played in games that last one week.  Each Monday a new game starts, and you join it and move on.  You can play as many games as you like as long as you have time left in NetWars continuous. I found this to be a great thing, because it honed my approach.  Having about 5 weeks left, I decided to start the first game I participated in by just "watching" what happened.  Locking down my castle as much as I knew how (a couple of the applications I had to defend were new to me), I setup a packet capture and leaned back.  My castle was compromised pretty quickly, but I had the evidence of exactly what was done.  I used those packet captures to lock my castle down further, as well as learn from some of the better attackers their techniques and put them in my bag of offense for use in the next game against others.  After 2 weeks of this, my castle finally appeared to be pretty solid.

That having been said, offense came slowly, because, well, I'm not as good, and I ended up not having a lot of time during those weeks to watch for newcomers. And there remained some very good offensive players (one in particular who had taken 0 hints throughout) that had more time, jumped all over the newcomers almost immediately, and made it difficult for others to compromise the boxes they had already pwned.  But I did manage some fun pwnage. :)

It has been a fun and very satisfying experience for me.  It looks like I'll still finish with a spot in the top 10% of finishers, which for me is quite surprising yet makes me happy... ;))

So, if you are thinking about participating in NetWars Continuous, do it!!  It's not cheap, but it's worth every penny, and you can get a discount if you sign up for it when you register for a SANS course.  I paid for it out-of-pocket as a gift to my own education, and I can say sincerely that it was definitely worthwhile.  Since much of my job is making this very same stuff educational and entertaining for end-users, I have a lot more material to talk about.  Thank you Ed Skoudis and SANS!

P.S.: Others to thank that I know are part of NetWars, and forgive me if I've left someone out: Daniel Pendolino, Tom Hessman, Josh Wright, Jeff McJunkin, Tim Medin...THANKS!!!

Saturday, June 27, 2015

My tribute to 2002

From their website, :

“2002 specializes in music with classically tinged melodies, dreamy flutes, crystalline piano, tender strings, celestial choirs, harp and acoustic guitar. This award-winning, progressive new age band has placed 11 albums on the Billboard Charts and made the list of top new age artists in a Billboard Magazine “Year in Review” issue alongside Yanni, Mannheim Steamroller, Jim Brickman, George Winston and Enya. Their ever-evolving sound encompasses a wide range of genres – from wistful ambient soundscapes all the way to light progressive rock.”

This is something I've wanted to write for many years.

I was first exposed to the music of 2002 back in the late 1990s.  I was in a spa where they were playing the CD “Land of Forever”.  Something special happened within me as I listened to their dreamy music that sounded like what an angel’s choir might sound like.  As the song “Heavenly Cities” was playing, I spoke out loud, “I have got to buy this CD!”  My life’s musical experience has never been the same since that day.

Randy and Pamela have been making music for some time, most of it in their own personal studio.  They seem to have the uncanny ability to capture spiritual depth in their music like nothing else I’ve heard before.  Not only is it truly peaceful music, it also plays on the strings of the soul.  It paints a wonderful picture of the majesty of this universe and this life and what an incredible gift they are.  I can say without question that the music of 2002 is among the most spiritual music I have ever heard.

Here’s an example of why 2002’s music is so special to me.  I spend as much time as I can in the high Sierra Nevada Mountains in California.  I find the Sierra to be one of the most majestic places I’ve ever been, most especially Yosemite and the Eastern slopes of the mountain range.  Whether it’s the snow, the granite monuments, the rivers and streams, the afternoon thunderstorms over 13,000 foot peaks, or the wildlife that calls it home, for me it is truly a special place.  I liken it to “God’s living room”.  I am a fly fisherman, and I experience tremendous enjoyment fishing the streams of the high and eastern Sierras.  As a catch-and-release fisherman, I also find myself enjoying a surprising connection to the creatures that I get to "meet" in the water.   It is one of my favorite places of spiritual retreat.

Others do visit these places as well, and I am often surprised by the music they bring with them.  It is sometimes music that seems so out-of-place with the majesty of the environment they are in, music that (it seems to me) doesn’t allow them to connect with the beauty they are experiencing.  For me, the music of 2002 brings these magnificent places to life!  That is why I encourage others to listen.  It definitely enhances my spiritual connection to the beauty and majesty all around me (and even at home).  

I often hope that Randy, Pamela and Sarah have had or will have the opportunity to visit this wonderful place.

While I own all of their albums, my favorite is “Wings II - Return to Freedom”.  You know when they say "If you could only take one CD with you?"  Well, that's the oneIt’s almost always playing in my ear buds when I’m on the river.  Other favorites include “The Emerald Way”, “Deep Still Blue”, “This Moment Now” and “Believe”.  But I honestly enjoy them all.  The addition of their daughter Sarah to their work has produced one of their best CDs ever, “Trail of Dreams”.  She is really fantastic and the perfect addition to their work. I so look forward to what they will come up with next.

So, I want to say thank you, Randy, Pamela and Sarah for your amazing talents and your continued gifts to me.  I am truly grateful and will continue to enjoy your music wherever I am.