Yesterday I participated in the Red/Blue team exercise of a simulated Industrial Chemicals Plant. My team was tasked with defending the plant from attack, and maintaining production. After a long, fun, and frustrating day the attackers were able to compromise our production for over an hour which led to our eventual defeat in the exercise.
A lot of the material presented so far has been review, although it's surprisingly fun to exploit systems in a simulated industrial plant.
We've discussed a variety of topics over the last few days:
- Network Discovery
- Windows/Linux Admin
- Device exploitation (metasploit, etc.)
- Basic IDS (snort)
- Vulnerability Scanning
- Social Engineering
just to name a few. The training is provided by US-CERT and INL, and I would highly recommend the experience to anyone interested in the topics above. I am definitely ready to come home though.
0 comments:
Post a Comment