Thirty Two: Nationals

It’s been a little bit since I wrote my last blog post. That is because I am lazy.

At the end of April, our Northeastern CCDC team went to CCDC Nationals! Being on the Windows side, I was given about five boxes to secure (our hardening scripts are pretty great!) and triage.

None of my boxes ended up getting broken into, which is great! Unfortunately, we had a little firewall hiccup which had our servers down for a few hours at one point; as a result, we came out as 7th!

I realize that I have focused a lot on understanding Active Directory, GPO, footguns, etc. in Windows to prepare for this competition, but I was entirely blindsided by actually having to keep up services too! I was totally not ready for XAMPP servers on our boxes, and as a result, even though we didn’t really get badly broken into, a lot of data was deleted or stolen, rendering our services unavailable at times! I really need to focus more on services running on Windows boxes instead of just keeping it secure :)

I learned a lot, but wow, that was stressful. I’m thankful to my incredible team for their support and the fun times we have together. Hopefully we will make it next year, too!

Evan