ColaSec

Columbia's Information Security Group

1431 Assembly Street Columbia, SC, 29201 United States

A free and informal gathering of information security professionals and enthusiasts in Columbia, South Carolina at the Richland County Public Library on the 3rd Tuesday of every month at 6:00 PM (click on the YouTube bubble).

Founded 2014 (COVID can’t stop us)

Image credit: Zach Pippin
zachpippin.com

Soda City Battlegrounds Update for March 2019

March 19, 2019  /  Adam Twitty

Lots of progress was made during the last meetup. We now have pfSense setup and running as our primary firewall and have a distinct wireless network setup for accessing the battleground. Our next point of discussion will be how the internal parts of the network should be configured to allow each team access into the battleground without allowing access into areas that they should not be able to interact with. For example, we want the Purple team environment to be inaccessible from the Blue and Red team environments. We will also need to look into getting the VPN setup at some point. For now, the good news is that we can get into the battleground by connecting to it via wireless rather than a cable.

As always, we would like to encourage everyone (experienced or not) to come out to the meetups. We have been having them consistently every other Thursday at Whit E. Octopus. We usually get started around 6:30 PM and go until 8ish (depending on how much progress we are making).

The next meetup at the time of posting this will be March 28th.

Comment
tags / SCBG

February 2019 Meetup Recap

February 22, 2019  /  Adam Twitty

Josh Huff presents OSINT: Breach Data, Ethics, and OpSec... Oh My!

What does breach data look like? Is breach data ethical? How can they be used? What does breach data teach us about privacy and security awareness? What can we do to protect our own data against a breach? Using real-world examples, we’ll discuss these questions and provide resources you can use to leverage breach data in your own investigation.

Read More
Comment

Soda City Battlegrounds Update

January 29, 2019  /  Adam Twitty

Tonight we completed a final inventory of our hardware and identified the go-forward hardware for SCBG.  We have a few systems that should be outstanding for phase 1 and are ready to get started after a couple more sessions.

We also permanently racked the firewall, switch, and KVM switch.  As a consequence of this, the cables that were previously run for this gear no longer works, so we've striped all of the networking cables.

Next up, on January 31: 

  • Establish cable routes for data, KVM, and power.

  • Re-cable every server such that they can be serviced independently.

  • Establish basic connectivity with the gateway from each host.

Extra credit:

  • Get the Dell storage array working so we can have a sweet SAN

When everything above has been accomplished we'll build a basic remotely accessible VM lab on a single host.  This lab will host a network segment for intentionally vulnerable training VMs, set to revert weekly. 

Once we get that working regularly, I want to get a contained subnet built with packet capture & security onion upstream to host the known compromised hosts for forensic analysis.

After that it's on to phase 2.

Comment
tags / SCBG

November 2018 Meetup Recap

December 31, 2018  /  Adam Twitty

Announcements and Intro

Presentation

Supply Chain via Material Analysis Mackenize Morris "This is a particularly pernicious threat ... because it's very difficult for the average citizen, company or government entity to understand every component that was put into a piece of equipment or network that they've purchased," Homeland Security Secretary Kirstjen Nielsen.

Comment