NDSU IT, ND Education Technology Council, EduTech, and the ND Information Technology Department are putting on their annual ND Cyber Security conference next Thursday. I’ve spoken at this iteration of the conference twice, and was looking to put something together for this year’s conference.
We had an earlier iteration, and at that one of my co-workers and I put on a workshop where participants executed a variety of attacks against vulnerable systems. This was back in something like 2005, so it was challenging to put on. My boss had suggested doing a CTF this year, but seeing that I’ve never done a CTF, that sounded a bit intimidating.
I’m a Linux guy that does Java development, but attends a lot of security conferences. Last calendar year I attended four, ours, Dakota State University’s DakotaCon, DerbyCon, and The Long Con up in Winnipeg. I see a LOT of attacks against Windows. However, I’ve never done them. So I came up with the idea of having a hacking village. Most security conferences have a lock picking village, so let’s do something like that, but with computers.
So with the help of someone in our IT security office, we’re putting on a hacking village. We’re also enlisting the help of a couple of local pen testers. So the lab will include general attacks, Windows domain based attacks (so I have an excuse to do them), wireless attacks, and we should also have a lock picking village in the same room.
I’ll be posting the instructions from the village. Also hope to post about how it goes. This might be something other conferences or user groups may want to try in the future.