For further information about the site itself, see: ][CyberPillar][ site information.
- Operating system vendors
- Microsoft.com and similar
In addition to the main Microsoft.com website, there are subsections that have a lot of resources for technicians. Some of the most notable sections may be TechNet, MSDN, and KB Articles.
The web sites offer hyperlinks to downloads.
Additionally, Microsoft has other sites, such as MSN.com.
Users of Microsoft Exchange had been known to be able to find some useful material on a site at http://msexchangeteam.com/. The domain has shown a registrant, and administrative contact, as being Microsoft Corporation. Many pages on the started with the title, “You Had Me At EHLO... : ” Othres have had a title of, or ending with, “Exchange Team Blog”. It seems possible that some/much(/all?) of its content was written by Microsoft staff members who helped develop Exchange. Currently the site looks like it is starting to redirect to a location under “http://blogs.technet.com/b/exchange/”.
For a while, the website domain http://TheSource.OfAllEvil.com was achieving higher ranks in Google search results than the site that http://TheSource.OfAllEvil.com was redirecting traffic to, which was microsoft.com. (A similar URL was made for http://TheRoot.OfAllEvil.com which sent web traffic to Verisign.)
- [#mskburl]: KB Articles
Some older KB articles were originally available in the format of: http://support.microsoft.com/support/kb/articles/Q
(Earlier KB articles had only two digits between the letter Q and the first slash).
Newer syntaxes include http://support.microsoft.com/kb/q244617/ (or something like http://support.microsoft.com/kb/309044/EN-US for an American English version) or http://support.microsoft.com/?kbid=301309 or http://support.microsoft.com/?id=301309 or http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q84/3/88.ASP&NoWebContent=1
- [#technet]: TechNet
- TechNet has a lot of information meant for those who professionally administer/run/fix computers and networks of computers.
- [#msdnsite]: MSDN (“Microsoft Software Developer Network”)
Software developers who want to interact with a mainstream Microsoft platform (e.g. Microsoft Windows, or Xbox) may find some information on this site. Some of the information on this site can also be useful for other people, such as the target audience of TechNet.
- [#codeplex]: CodePlex
Microsoft's (English) web page about the Singularity OS describes CodePlex as “CodePlex, Microsoft's open source project hosting website”. This may be similar in concept to SF.Net: SourceForge.
Those who design websites around the requirements of using Microsoft SharePoint may find tools on CodePlex. (Quite a bit of software meant for SharePoint administrators has been released on CodePlex.)
- Technology News
- The OpenBSD Journal @ Undeadly.org
Probably updated more than the guides at Calomel.org :: Open Source Research and Reference, this site can seem to go for a month (or two?) with very little (if any?) updates. However, when a hackathon occurs, this site will often pour in multiple reports for a couple of days or maybe even a week. As this is related to OpenBSD development, the authors of the articles tend to have a solid grasp of good technology, including strong network security and quality program design. Recently posted news typically represents the latest advances in excellent software development.
It appears this site may have a focus on information about Linux, including relevant news stories and recently performed analysis/benchmarks.
Slashdot was created quite a while ago, and so became and remained famous. This website is the origin of the term “the Slashdot effect”, which refers to a site suddently getting very popular to the point that the web host is unable to sufficiently serve all the legitimate requests. (When Slashdot referred to a site, many less powerful web servers were not able to handle the load from all of the visitors to wanted to check out what Slashdot was referring to.)
Popularity has diminished over the years, resulting in opportunities for competing sites like SoylentNews and Pipedot. (And Technocrat.net, although /. has reported that Technocrat.net has shut down.)
- Network Security
Some primary sites may include:
Before deciding on a certification, check into what the certification may be good for. For example, some certifications are widely recognized as entry level certifications for the industry. Others may be one step towards achieving a different certification or title which may be recognized in the industry. Do not end up paying for a certification only to find out later that it is one that is largely unheard of. Falling victim to a scam, where an organization takes money but doesn't provide a certification which is actually worthwhile, isn't something that ends up being a proud thing to put on a resume. Determining the price of the entrance exam can be worthwhile, as well as the expiration date.
Often, preparation for an exam may involve studying some materials that were specifically designed to prepare a student for the exam. One must try to ensure that the study materials are respected, and are not using stolen material (illegitimately taken directly from exams). The specialized training can itself be educational.
For further information, see the section on providing technical services.
For details about other options, see formal credentials (used by those who are providing services).
- [#ccdc]: Collegiate Cyber Defense Competition (“CCDC”)
Collegiate Cyber Defense Competition
Colleges each provide a team of students. These teams meet for a competition. Professionals form a team called the “red team”. The goal of the red team is to perform attacks on the computer networks that are defended by the teams of college students. The primary focus is on the teams of college students. Their goal is to perform specific tasks, most notably to defend their network against the red team's attacks. There many be multiple regional competitions which occur annually, such as the Pacific Rim CCDC competition. Winners of regional competitions may meet to compete in a final competition.
- [#prccdctv]: First annual PacRim
This video lasts a bit under 19 minutes. This was published at UWTV, although most copies have become victims of linkrot. Some of the more recent postings have been made available on YouTube: 2008 Pacific Rim Collegiate Cyber Defense - Part 1 on YouTube, 2008 Pacific Rim Collegiate Cyber Defense - Part 2 on YouTube. (Additional historical homes are mentioned in HTML comments.)
This offers a viewable show made during the first PacRim regional CCDC event. This production was overall a high quality video, especially considering that university students may have been behind the production. (However, the spoken text at 7min41sec-7m42sec may be deemed inappropriate for some audiences.)
There have been multiple electronic releases of the actual video. The times listed in this review are approximate, and with at least some release(s) the times listed may not be perfectly match to the precise second cited. The times mentioned on this site mainly refer to the .ASF file from UWTV, so are offset by some number of seconds from other releases. (This competition was chiefly sponsored by the University of Washington (“UW”) Information School's Center for Information Assurance and Cybersecurity (“CIAC”) and was hosted at Microsoft's premesis in Redmond.)
The video had previously been made available at http://www.uwtv.org/programs/displayevent.aspx?rID=27982 (which has been hyperlinked to by DeVry Seattle Campus Community: Collegiate Cyber Defense Competition Club), which had offered downloadable versions of the video, although that seems to have now gone down. Also, at least one posting to YouTube has been known to disappear.
The first four and a half minutes focus on the topic of computer (network) security, and provide some background about the activities of the sponsors (UW CIAC and Microsoft) and the motivations behind endorsing the program. After that point, the video focuses more on other CCDC participants and on the event itself. The video may appear slightly dated: It refers to 2008 as a future year, and does (within the first 90 seconds) show CRT monitors in at least three pictures meant to convey the idea of technology. As time goes on, such devices are doomed to become, more and more, viewed as outdated relics. Of course, the book referencing “Windows Server 2003” will similarly seem more and more ancient as the years go on.
The name of the event may have not been very clearly finalized: At several points of the video (2m32s, 6m46s, 14m25s) the phrase “Pacific Rim Regional College Cyber Defense Competition” is shown. The phrase “Regional Pacific Rim College Cyber Defense Competition” (with the word “Regional” moved to the front of the title) has also been used, as shown at 3m48s into the video.
- Some entertaining quotations:
- The following quote may be appreciated more require an understanding that Nessus is a vulnerability scanner. A team ran this scanner on their own network as an attempt to locate some vulnerabilities so they could be effectively taken care of quickly. Unfortunately, the report of vulnerabilities that was generated ended up being found by the team of attackers. “I used the Nessus scanner they had installed on a machine to scan their local network so we have them completely owned. Every vulnerability is now:” (“I'll drop that into mine as well.”) The victims ended up doing the red team's work (of finding vulnerabilities that the red team may use) for the red team.
- 11m15sec (and earlier): “Here's all the POP3 passwords. Oh! And another one just came in.” (This is likely quite damaging as POP3 passwords are often identical to passwords used for other systems. Chances are that students did not replace POP3.) Hmm, if “all” the passwords had been obtained, as the attacker claimed, then where did this “another” password come from (if not from the group of “all” passwords)? The video, of course, shows several new lines of text (presumably several passwords). (Don't trust the video editors, though: it is possible that video was not recorded at the same time as the audio that was shown at the same time.)
- At 8m38sec-8m44sec into the video, Bob Bunge, from DeVry University, teaches how the competition's scoring works: “If those services are up and running, they pass their test.” Even more useful, his follow-up statement offers these super-useful details for additional clarification about the consequences that may be expected from the automated scoring system: “If those services are not up and running, they fail their test.”
- Brian Hay (Assistant Professor at the University of Alaska Fairbanks (perhaps its College of Natural Science and Mathematics)) (from about 5m to about 5m14sec) “I don't know if it's finished yet or not.” However, he does offer this statement which helps clarify things: “If it says done at the bottom, then, uh, it's finished”.
8m7sec-about 8m15sec: Advice about getting critical services operational
“Just the input I'll give you at this point is, uh, you need to get your DHCP and DNS operational as soon as possible: (because) those sites are currently down right now and it looks like your website is down at the moment.”
(Why is this humorous when analyzed? Well, those who understand the role of automatic addressing and name resolution services realize that those are extremely critical services. (Only protection services, including firewalling, and other routing, are services that may rival in importance. They are a technological computer networking equivilent of of something like blood circulation or breathing: without these services functioning, communications between massive portions of a network may “die”, very completely and quite possibly very quickly.) So, saying that they need to be “operational as soon as possible” is beyond obvious.)
Then during the next three seconds, a response is provided by a leader wearing a shirt with this humorous statement:
“I am a bomb technician”
“If you see me running try to keep up”
- About 7min41-42sec, the competing student is caught on camera using language that some environments may find inappropriate. However, it's also interesting how this team participant refers to a couple of other leaders as a team of their own, as if his researching contribution doesn't help fulfill the primary goal of the team which he was on. (That goal was to obtain points, and his research should have helped with that. However, in all fairness, as mean as this critique may be, maybe he really wasn't contributing very well to the team's goals. After all, it seems he took advantage of an interviewing activity rather than helping to complete the research task that he was assigned to do and which he was explaining to the camera.)
- about 10m34s-10m36s: “I don't know but they're sending weird packets to us.” (I'm not sure which RFC defines what a “weird” packet is. Chances are what he is referring to are packets which seem unfamiliar to him, and so it sounds like he is being actively served by the red team.) (The next words in the background, before the SSH1 comment, might have been someone else saying, “I don't want you to see.”) (Note that it does look like he was part of the winning team, as shown about 16min20sec.)
- At 8min50sec, a request is made to show Active Directory. The video then proceeds to show a console session, which was probably not on a Microsoft Windows system.
- Shortly before 10min20sec is a sighting of a white team member who wrote “Dredd” on a pin. Surely that was meant for humor value, referencing a fictional character from a 1995 movie. (Wikipedia's page on Judge Dredd: section called “Dredd (2012)” does, at the time of this writing, discuss a movie (presumably with a release date of September 21, 2012) called “Dredd”. However, this UWTV video pre-dates the 2012 movie called “Dredd”.)
To answer the question of why Washington State is singled out (1m58sec-2m04), it surely has to do with the television event being made by the Univerisity of Washington's UWTV. (The contest itself was also hosted in Washington state.)
At 7min6sec is much of the example text of one of the injects. That inject appears to be discussed later (7m28s-7m37s) in the video. (Maybe also discussed shortly before 12m25sec?)
TOOGAM, the founder of ][Cyber Pillar][, is seen gathering information speaking at 15 minutes and 26 seconds into the show, and can be seen at some other points in the video (7min (earlier?)-7m3s, 7m12s (unknown if hands that follow), 12m25s (was cited, but may not be there), 12m55s-12m59s (partially visible), 14m39s (probably standing in front of the napera sign), 15m19sec, 15m24s-15m33s (visible part fo the time), 17m8sec-17m9sec (back view, on far left), 17m11s-17m13s, and possibly at other points: 2m8s, 7m44s, 9m48s, 15m26s. Many of those times may also show a view of multiple other team members, and there may be some times showing some other team members: Other team members were seen at other times: 6m56s (the team ambassador and the Linux technician), 8m58sec and 9m20s (both back views), 9m24s (small, background) 8m48sec: possible citing (small, back)
2m4s: perhaps, probably not. Not 11:58 (and shortly after): That person's left index finger pressed both e and c which is not standard typing practice for TOOGAM.
- Follow-up information
10m48s: Mike Acker, the Vice President of (the?) Puget Sound Information Systems Security Association (“ISSA”) encouraged participants to check out the ISSA.
Several of us appreciated Mike Acker's team. (He was identified as Vice President of Pugent Sound Information Systems Security Association (ISSA).
Mention of some techniques such as magnets (hmm, harming physical equipment might not be allowed in competition rules, although if such a thing happened then it certainly could have an impact that needs to be resolved). For example, flipping a screen upside down is an attack that the red team can document (costing the opponent points) and be an effective waster of time for the IT staff. Leaving a message on the screen could also be impactful, although obscene messages may be inadvisable.
One item of note: The video discusses a collaboration with West Point and later mentions Fort Lewis. TOOGAM recalls having achieved a certificate backed by the (often infamous) “National Security Agency (NSA) of the United States of America” due to involvement in a college program. This didn't mean that students got to have access to ultra-secret training methods, and none of the students in TOOGAM's class particularly cared for the “game” mentioned in the video (nor, it seems, the instructor of TOOGAM's class). (Perhaps one reasons we didn't find it useful may be that we hadn't gone through more than two or three of the stages/levels. From what we noticed: it wasn't fun, had technical issues causing it to not run well, was focused on having the player deal with some of the most unpleasant aspects of an IT job, and essentially was more about learning the game's interface than learning much about performing real, basic IT services). However, the main point is that the way to get access to this cirriculum was simply enrolling in college courses pursuing an official educational degree in the field. (Although the instructors may have engaged in some corrspondence with training hosted by the governmental instution known as the military, that doesn't mean that the students had any expossure to that at all.)
- Other videos related to CCDC competitions
- site with various links, YouTube: Fourth Mid-Atltantic Regional CCDC (video part 1). http://www.youtube.com/watch?v=zalymtedyuA&feature=related : YouTube: “Baker Cyber Defense Team Wins Again!” has been removed by “the user” (presumably whoever had uploaded the video).
- Inform IT article
- InformIT: A Student-Hacker Showdown at the Collegiate Cyber Defense Competition (Single “Printer-friendly” web page version of InformIT's “A Student-Hacker Showdown at the Collegiate Cyber Defense Competition” article), Cisco Press's copy of article (ScoreBot picture)
- Web app attack
- Announcement of web attack
In the Pacific Rim CCDC 2008, the Red Team was known to deploy at least a couple of social engineering tactics. One was to hand out an official-looking memo. Teams which did not properly authenticate the source of that memo ended up following the instructions of an attacker. This was apparently pretty successful. Another attempt was when a member of the red team simply stood up by the microphone where announcements were made. The competitors hadn't been allowed to know their placement within the competition as it was running: such announcements were only made after the competition ended. So this red team member announced that there was a website set up to show the placements. This website is said to have actually been malicious, including attack code.
A Student-Hacker Showdown at the Collegiate Cyber Defense Competition: Day Three (Cisco's mirror) describes some attacks that the Red Team deployed after hours: “Using only the light from a glow stick (the hotel they were staying at didn't have any flashlights), they found a ladder, climbed up the outside of the room (12 foot ceilings), pulled back a drop ceiling tile, and climbed down a wooden rod they collected from nearby. With physical access granted, the Red Team” performed a variety of activities that the article describes further. What they did can be summarized in two words: deployed pain.
Note that the physical environment described by that article might suggest that each team gets its own room. However, it also may have just been one room that they went into using this illegitimate method because that's what they saw as an available method to perform after hours. The physical environments may vary between CCDC competitions. The nine teams of eight students each in the first PacRim competition was, as noted by the video UWTV's production called “Cybersecurity: The First Pacific Rim Regional Collegiate Cyber Defense Competition”, placed around nine tables in one room. It was a bit crowded: Not unpleasantly so because people could move about, but there were walls separating the teams.
- Technical guides
- ][Cyber Pillar][
Calomel.org:: Open Source Research and Reference
This site shows how to accomplish some tasks using some of the best available solutions. The site may be less useful for people who intend to use specific operating systems.
Presumably a page by Gilles Chehade
redirects to opinion on calomel which is quite unflattering (despite the “INNACURATE” spelling of “inaccurate”), post about Calomel refers to various additional complaints, such as Henning Brauer's disapproval of calomel website. Commnets on kernel performance tuning(/mirror: Comments on network performance tuning guide) shows disgruntlement over the site, including some quotes that discourage using on-board cards, when in reality on-board cards are actually much less likely to unpleasantly saturate an expansion card bus. (A bit off-topic: don't necessary trust the comments about net.inet.tcp.????space having no impact: Download rate and sysctl settings states “This is less true now than when it was written, the average internet connection has changed a bit since” that advice was made.)
- Petri IT Knowledgebase by Daniel Petri
This site often has some guides on how to accomplish certain tasks, typically in an environment involving using Microsoft Windows (and particularly Microsoft Windows Server operating systems).
- Ars Technica
- Stack Exchange
Stack Exchange runs a bunch of sites that have the same sort of format, but are focused on different topics.
- Careers 2.0
StackOverflow's dominance may be clearly visible as many positions are related to developers. However, Careers 2.0 for System Administrators will show jobs related to being s sytems administrator: these have been known to use either the sysadmin tag, or the systems and engineering tags.
- Stack Overflow
For programmers. Questions relating to code development/fixing/creation. When programmers want to use code, this may be an applicable site. (When someone wants to actually run code, that may be more applicable to Server Fault or Super User.) Other sites run by Stack Exchange include Programmers Stack Exchange for conceptual questions, or Theoretical Computer Science “for theoretical computer scientists and researchers in related fields”.
There may also be sub-sites that are useful/related, such as ReverseEngineering.StackExchange.com or Theoretical Computer Science site from StackExchange or Programmers.StackExchange.com.
The main page says, “Server Fault is a question and answer site for professional system and network administrators.” (People performing IT in corporate environments may often find useful answers here, or at SuperUser.com. Questions about using programming languages may also end up finding their way here often, although Stack Overflow may often be a more applicable spot for such questions. Questions related to using technology in home environments will generally be more applicable to SuperUser.)
On a side note, there are some other sites that may be relevant:
- Using technology in home environments.
Those are believed to be the primary sites, as they do have their own domain names. There are a list of other sites run by Stack Exchange, including some sub-categories like Technology-focused sites from StackExchange. Even some software may have its own specific section, as seen by some of the technology-focused sites. For example, there are sites related to video games (Arqade for people interested in discussing video games, or Game Developers (which is probably meant for video gaming, unlike Board & Card Games site by StackExchange which is meant for players and topics of “designing board games or modifying the rules”). Other game-related sites include Chess.StackExchange.com or Tabletop/paper-based Role Playing Games site by StackExchange).
- Archives of web content
- Wayback machine @ Archive.org
A fairly massive collection. There are a couple of policies that may be unfortunate for some purposes:
- Apparently it honors all robots.txt files to the point of clearing out old archived information. If a domain changes control/ownership, the new owner can specify that there should be no access to bots, and then information that was previously archived becomes unavailable.
They have a very specific process about requesting things for legal purposes.
The site generally shows a modified version of the original files. These modifications convert URLs to redirect back to the Wayback Machine's archive, which is generally convenient. This re-writing can be overcome by adding “id_” (without quotation marks, so that is the lowercase letter I and then the lowercase letter D and then an underscore) after the timestamp/version, but before the following slash. The example shown at Wayback Machine @ Archive.org FAQ about viewing a page without the Wayback code in it is http://web.archive.org/web/20051001001126id_/http://www.archive.org/
- Google Cache
Go to Google, and search for “cache:
” (without the quotation marks).