Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA Takes On West Point In Security Exercise

Posted by Soulskill on from the with-friends-like-these dept.

Wired is running a story about a recent security exercise in which the NSA attacked networks set up by various US military academies. The Army's network scored the highest, put together using Linux and FreeBSD by cadets at West Point. Quoting: "Even with a solid network design and passable software choices, there was an element of intuitiveness required to defend against the NSA, especially once it became clear the agency was using minor, and perhaps somewhat obvious, attacks to screen for sneakier, more serious ones. 'One of the challenges was when they see a scan, deciding if this is it, or if it's a cover,' says [instructor Eric] Dean. Spotting 'cover' attacks meant thinking like the NSA -- something Dean says the cadets did quite well. 'I was surprised at their creativity.' Legal limitations were a surprising obstacle to a realistic exercise. Ideally, the teams would be allowed to attack other schools' networks while also defending their own. But only the NSA, with its arsenal of waivers, loopholes, special authorizations (and heaven knows what else) is allowed to take down a U.S. network."

8 of 140 comments (clear)

  1. Re:Fantastic by Keebler71 · · Score: 5, Insightful

    Are you implying that previous generations do not have intelligence and creativity? Who do you think is teaching these cadets and running the exercise?

    --
    "It takes considerable knowledge just to realize the extent of your own ignorance." - Thomas Sowell
  2. Re:Fantastic by Anonymous Coward · · Score: 1, Insightful

    "kids that go there are the top 2% of the nation. Also, did I also mention that many of the the US best leaders came from West Point"

    Oh please, they all say that - the USNA, USAFA, even the USCGA. Not to mention that MIT, Stanford, Carnegie Melon, et al contend that they get the best of the best. I have worked with managers and engineers that graduated from various military academies; other than an inflated sense of patriotism and an intolerance for dissent, these people are no different from any other college.

    As a former Marine, I have had to contend with more than one arrogant "ring knocker".

    The military officer is the last of the elitist blue-bloods left in American society. The military NCO is the last of the true patriots that somehow just find a way to get it done.

  3. There is no cleaning a rootkit by symbolset · · Score: 3, Insightful

    When you detect malware installed on your system, wipe and reinstall. Always! There is no "cleaning".

    Probably wasn't possible given the parameters of the test, but they tried to clean a rootkit and got the predictable result.

    --
    Help stamp out iliturcy.
  4. Re:More details, anybody? by milsoRgen · · Score: 3, Insightful

    but this article has some serious vagueness that really leaves unanswered questions. Just like every other Wired article ever written.
    --
    I'm sick of following my dreams. I'm just going to ask where they're goin' and hook up with 'em later.
  5. Re:Fantastic by earthforce_1 · · Score: 3, Insightful

    The USMA academy is some of the best of the best. Meaning, these guys have to be appointed by two state senators to even apply... Meaning they have to be politically well connected.
    --
    My rights don't need management.
  6. Which trainees? by Pinb4ll · · Score: 3, Insightful

    Exactly which trainees do you plan on registering, the students or the red team? I think you are missing the overall point of the exercise. There was no offensive side to the students networks, only setting up the services and try to protect them. The red team - those that the NSA already employs - were the only ones attempting to break in. The academies' jobs were to simply keep them out. I can see your point about keeping track of those who have been part of the NSA, but I would be willing to bet that is already taken care of.

  7. Re:You have to understand by Stickney · · Score: 3, Insightful

    The cost of free software is, of course, nothing... but the notional costs, built into the exercise through a restrictive budgeting system, of deploying those tools, along with training people to use them, put them outside our notional budget for the exercise.

    --
    ...the right of the people to keep and bear arms, shall not be infringed.
  8. Re:Register the Trainees by johnny+cashed · · Score: 2, Insightful

    FUD.

    The military has been graduating experts in the "black arts"* since the inception of organized militaries. Guys who know basic hand to hand combat, firearms skills. Advanced soldiers learn even more technical and lethal combat skills. I'm not saying that every soldier is a killing machine, but that is what they train for. Black hat network uber hacker on the "outside" a real threat? As veterans, aren't they already sort of registered? They've got their DNA on file. What more do you want from those who have served? Constant loyalty tests?

    Good network security shouldn't be through obscurity, so even the "black hats" should know as much as the "white hats".

    *I using the term "black arts" hear to refer to all those things which are generally forbidden except when in a war zone, killing, breaking things, etc. I won't bore you with a list. Granted, the killing is supposed to be reserved for combatants.