Sunday, March 16, 2014


The Northeast Collegiate Cyber Defense Competition is a competition designed to test students in the IT and Cyber Security fields. The competition consists of a team of 8 from each College that passed the qualifier round. Teams are given a fresh network in which they must run, secure, and actively defend from hackers (Red Team) over the course of three days. First place is able to move on to the national level of the competition known as CCDC which can be read about more on their home page -

This year NECCDC was held at the University Of New Hampshire and I was fortunate enough to be the first ever freshmen to represent Champlain College. Going into the competition I had no idea what to expect. Despite practice and preparing with my team for months nothing could have prepared me for what the actual competition would have in store. I was chosen to manage our network's client computers and was tasked with securing each device. The clients for NECCDC 2014 included a Kali Linux box, ubuntu, Windows 7. and Windows 8.1. While most of my time was spent on helping enumerate possible threats and vulnerabilities from the Kali system, I was rarely standing still. A constant flow of injects and chaos kept me moving about from system to system in a joint team effort to mitigate incoming attacks from red team. Coming into our network, each box was backdoored from the start with various scripts connection out on arbitrary ports as well as internal cron jobs and tasks that performed....dirty.... actions. One such script discovered would dig out passwords and export them to a Red Team Server.

By day 3 our team was not only stressed and sleep-deprived, but also wary of what to expect. To our surprise we found ourselves in first place at the beginning of day 3. After the final grueling hours of trying to scrape as many points as we could it was "hands off keyboards" and time for red team debriefing. Each team was fortunate enough to get to have our "hackers" from red team come into our room and thoroughly explain what they had done. This was an amazing learning experience in that it is not often systems administrators have the privilege of having their hackers explain exactly what they did and how they did it. 

At the end of the competition Champlain College was able to walk away in second place with RIT in first. Despite winning first place this was a huge accomplishment. Never did I expect to place so well on my first time competing in the competition, especially at my young grade level and age (18 years old). My first NECCDC competition will probably be one of the most memorable experiences of my life and I cannot wait to return next year to take on Red Team once again.