Skip to main content
June 17, 2008

Someone Should Have Told Them How Switches Work

From the Burlington Free Press, a story about a local hacking competition set up as a spectator event.

Their competition, tantalizingly called a "digital combat exercise," was supposed to give onlookers a rare opportunity to watch a computer hacking job in progress, complete with play-by-play.

It didn't work out that way, though, thanks to -- what else? -- some sort of technical glitch that obstructed efforts to monitor what the competitors were doing. So for the few non-techie spectators who showed up, the business of hacking was still as opaque and mysterious at the end of the 1 1/2-hour exercise as it was in the beginning.

A technical glitch? They always happen at the worst possible time, don't they? Read on.

The commentary was to come from Peter Stephenson, a member of the program's faculty, who sat at his own terminal and displayed on a big screen something he called a "sniffer trace," a multi-colored table with columns of numbers and letters -- the first in what was to be a series of tableaus that held the promise of monitoring all the traffic on the network next door.

The minutes passed, and not much happened. The sniffer trace stayed the same, and from time to time, when Stephenson tried to check on what individual teams were up to, the screen went blank. Could it be that the hackers weren't getting anywhere?

Someone decided to check on them in the old-fashioned way -- paying a visit in person. The report came back that they were, in fact, getting somewhere -- finding holes and vulnerabilities of various kinds.

You'd think that somebody on the faculty, or one of the grad students, or even somebody in the audience would have realized the problem. The story implies that they never did figure out what those pesky hackers were up to.

Related Content

Chris Eng, Chief Research Officer, is responsible for integrating security expertise into Veracode’s technology. In addition to helping define and prioritize the security feature set of the Veracode service, he consults frequently with customers to discuss and advance their application security initiatives. With over 15 years of experience in application security, Chris brings a wealth of practical expertise to Veracode.

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.