ColaSec

Columbia's Information Security Group

A free and informal gathering of information security professionals and enthusiasts in Columbia, South Carolina at the USC/Columbia Technology Incubator on the 3rd Tuesday of every month at 6:00 PM.

@Cola_Sec, #ColaSec, @USCColaInc

Image credit: Zach Pippin
zachpippin.com

February 2019 Meetup Recap

Josh Huff presents OSINT: Breach Data, Ethics, and OpSec... Oh My!

What does breach data look like? Is breach data ethical? How can they be used? What does breach data teach us about privacy and security awareness? What can we do to protect our own data against a breach? Using real-world examples, we’ll discuss these questions and provide resources you can use to leverage breach data in your own investigation.

Read More

Soda City Battlegrounds Update

Tonight we completed a final inventory of our hardware and identified the go-forward hardware for SCBG.  We have a few systems that should be outstanding for phase 1 and are ready to get started after a couple more sessions.

We also permanently racked the firewall, switch, and KVM switch.  As a consequence of this, the cables that were previously run for this gear no longer works, so we've striped all of the networking cables.

Next up, on January 31: 

  • Establish cable routes for data, KVM, and power.

  • Re-cable every server such that they can be serviced independently.

  • Establish basic connectivity with the gateway from each host.

Extra credit:

  • Get the Dell storage array working so we can have a sweet SAN

When everything above has been accomplished we'll build a basic remotely accessible VM lab on a single host.  This lab will host a network segment for intentionally vulnerable training VMs, set to revert weekly. 

Once we get that working regularly, I want to get a contained subnet built with packet capture & security onion upstream to host the known compromised hosts for forensic analysis.

After that it's on to phase 2.