[Pauldotcom] Blue Team Tactics
dimitrios at gmail.com
Tue Jul 28 13:45:38 UTC 2009
Thanks for starting a thread like this John. It can be very educational to
see how others go about protecting their boxes coming from the Blue team!
On Tue, Jul 28, 2009 at 7:54 AM, John Strand <strandjs at gmail.com> wrote:
> Please! PSW land! Share your Blue Team tactics!
> What tools, scripts, and techniques do you use as part of Incident Response
> and Blue Team Activities?
> I have sat in on one to many Red/Blue/CTF games where the Red team gets
> Core, Canvas, Metasploit, Nessus, Satan, Sara, Cain and Able, Ettercap,
> Dsniff, Hydra, 0phcrack, Nmap, BT4 and various torture techniques (including
> IronGeek's rubber hoses) and the the Blue team gets....
> "An un-patched Windows 2000 box and a slew of un-patched software!!!!!''
> Please see the following video for reference:
> Yea.. Thats right.... As of today the Blue Team is what you get assigned
> to when you are caught stuffing peas up your nose.
> This stops today!!!
> There are a few rules. Tricks and scripts must be able to run at the
> command line of your operating system of choice and all tools must be
> freeware or open source.
> Thats it!!!
> Look, the Blue Team *can* rock!!! So please share your tricks.
> I am going to collect and add to them so we have a solid list and this will
> serve as the playbook for the Blues going forward.
> Be expecting this on the PDC site soon.
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Pauldotcom