Ayoi’s

What a weekend. I never ever expect to get involve in this event organized by UiTM so intensively as initially the actual thing that I need to do is to conduct an interview session during that event and even that will only take half of my Saturday and not the whole 3 days (including the Friday as well). Am I complaining? No, in fact I want to convey my gratitude to those who inviting me to participate in this event either as one of the panels in one of the forums organized during the event or as one of the judges during the competition as well.

Forensic Challenge

The questions, binaries and logs are prepared by my colleagues, Mr Hazim (GCFA), pokleyzz, W.Ikram and of cause Mr.SK himself. It has 7 questions in total and IMHO, it’s quite tough even tho pokleyzz told me otherwise. Anyway from my observation, surprisingly nobody is using any available forensic tools like Helix, Autopsy etc or Flawfinder, ITS4 to help them answering the questions. In fact I’ve seen some of the participant event open the binary files with notepad!!. Impressive eh..

Defense Challenge.

For this challenge, all the questions and materials was prepared by me. There are two types of question created. The first part is more on identifying the attacks chronology and the defense mechanism that perhaps may detect or prevent such attacks. The participant need to study the network traffic and write down (yes, the answer must be written down) on what they can understand and learned from the packet capture. Additional to this they need to come out with the detection or prevention rules that may be triggered by this attack or create a new one if nothing happened when the packets tranverse through the security devices. The second part is a simple program that has 2 programming flaws that can lead to exploitation. The participant need to identify the flaws and rectify them. Easy eh. I only have 1 day to prepare those materials and questions and I do pity my laptop ;). In order to inject a lil bit of fun in this challenge, I’ve protect the compressed file that contains the questions and the materials with a passphrase. In order to have access to the questions, they need to enter the right passphrase and it can be derived from another trace file. Fun eh From 20 team participated in this challenge, only 11 managed to get their hands on the questions.

Capture the Flags

Again the questions were prepared by the same people who prepared the Forensic Challenge questions. And out of 7 flags, only 5 flags managed to be captured by 3 team. Anyway most of the team participated in this challenge manage to get the special flag number 2.

Digital Warfare Forum.

Ok, initially I have nothing to do with this event and I did not put much attention to it at all. But suddenly one of the original panellist can make it on the event itself and out of the blue I was asked to take his place. And man, what should I present on this Digital Warfare topic for 20 minutes? So I made up my mind to give some talk on the cyber attack phases for 10 minutes and the roles of end user for another 10 minutes. I hope that the audience which most of them are students can understand my message. The other panel is one of my friends, Mr Adli from CyberSecurity (he is the head of MyCERT under CyberSecurity) who really amazed me with his ability to prepare the slides within 15 minutes and Mr Gary Mallin of IMPACT who of cause his presentation explaining on the purpose of IMPACT. I do pity Mr.Gary and the students where the former is trying as hard as possible to ensure the message conveyed properly and the latter is trying their best to understand the whole presentation.

Dark Net Project - Beyond Defense in Depth

Ahh, I guess students in UiTM are very fortunate bunch to have Ryan Connelly from team cymru (pronounced as team kamri which means Wales in Welsh language or compatriot in old Welsh) to give a presentation on Dark Net Project. I managed to have small chit chat with him before his scheduled presentation and of cause the usual business card exchange as usual pleasantry and he is a nice bloke. ANyway even though the name is Wales but still the based of their operation is in United States. A good presentation and unfortunately there is only 1 question asked by the audience (I’ve asked all the things that I need to know about Dark net project during our chit chat) and it’s quite pity. I guess they thought that it is easy to get these kind of speakers to give their presentation here.

Overall? It is a good and enjoyful event and one of the avenue to meet some old friends like Mr Abu from MCMC, yomud, geek00l (he gave a good talk on day 1 and he was the one who suppose to be one of the panellist but he can’t wake up in time). I just want to say thank you to the organizer and a thousand of apology for inappropriate attire during the prize giving ceremony.

Comments RSS