>> >> Considering how the U.S. Military can't even protect it's own networks >> against well-known USB malware, I find this suggestion laughable. >[...] > >But not just *any* of their networks, a *classified* network. > >I think I'm more offended than in hysterics. A) they've proven they're >not up to the job on their "critical assets" network - let alone their >garden variety networks. B) uhmmm.. right. US Military having control >over private networks. Pretty sure something in the Constitution says >that's against the rules. >
maybe...they just need...more...err...practice... Remember this? I do have mixed feelings about it - one side is the OMG!!WTF!! newbie error, the other is that they did at least have the guts to show up and put it on the line... "Come to think about it, day 2 was actually quite interesting all because of two teams, MIIT1 and Army Strong. Why was it interesting you ask? Well, Army strong was running daemon6 as root and MIIT1 finally discovered the buffer overflow in daemon6. So we all know what happened after that ;). With root privileges on Army Strong's box, MIIT1 managed to capture all of Army Strong's flags through only one single daemon. Even though MIIT1 only managed to exploit 1 daemon throughout the entire CTF, but thanks to Army Strong they were boosted up to 3rd place." https://www.hackinthebox.org/misc/HITB-CTF2009-Special-Report.pdf and a picture: http://photos.hackinthebox.org/gallery/view_photo.php?set_albumName=hitb2009 kl-party&id=hitb2009_pcparty_024 _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
