AusCERT09: US Military inspects student laptops for security threats

Speaking at the AusCERT conference on the Gold Coast today, he said recruits at the New York academy line up in the corridors outside their rooms in their barracks every Saturday morning for a notebook inspection or "IT SAMI".

"They're college students and they do what all college students do ... they share music," said Col Adams, who is assistant professor and senior research scientist at West Point's IT operations centre.

Senior classmen inspect the machines - with the cadets present - for attached shares and illicit or unauthorised content and use.

He said management of the academy that trained US President Dwight Eisenhower and General David Petraeus wants to make sure no honour codes are broken that could lead to a cadet's expulsion from the school and return to the ranks.

He doubted such an approach would work in the private sector or civilian schools although facets could be adopted. "Blue team" information security audits conducted on random samples of workers would be "very useful", he said.

Col Adams was glowing in his praise of open source platforms such as FreeBSD and virtualisation software, VMware.

"My course runs on (virtual machines); if you haven't played with VMware I recommend it, it's fantastic," Col Adams said.

He said virtual machines reduced the college's investment in time, allowed cadets to break the network, revert to a snapshot and do it again and it allowed them to "learn lessons without having to constantly rebuild" the network.

The college teaches Ada ("because you can't cheat at Ada"), C++, Python and Java, he said. And it standardised on FreeBSD: "We love it, it's the key to our success". Col Adams said the college uses Windows "as little as possible".

A big focus at the college is its cyber defence exercises. Cadets at branches of the US armed forces defend against "red team" attackers from the National Security Agency that initiates the competition each year. This year's exercise in the fictional friendly country of "Ruritania" drew on suspected Russian or "Carpathian" involvement in the cyber attacks on Estonia and Georgia.

Students on the blue team defending the network operations centre guarded against SQL injections, possibly tainted Apache/Fedora servers and domain controllers. But denial of service attacks were outside the rules of engagement because it would be too easy to execute such a strategy to score points, Col Adams said.

Also at AusCERT: Windows 7
Meanwhile in the civilian sphere, Microsoft talked up its tackling of unauthorised applications via its AppLocker functions in Windows 7. Microsoft conference speaker Jeff Alexander demonstrated how to lock down users' desktops using group policies.

System administrators can choose which applications are permitted using name or publisher credentials but Alexander recommended hash values that identified authorised applications be used instead.

Microsoft also demonstrated BitLocker To Go, which protects thumb drives from data loss because they must be encrypted to use on corporate systems, he said.

And the software maker aims to make firing up corporate assets when on the road as easy as sitting inside the firewall. Its Secure Anywhere Access provided a secure, seamless, always-on connection to corporate assets -- even on networks that don't support IPv6 or IPsec, he said.

The AusCERT Conference at the Royal Pines hotel on the Gold Coast runs to Wednesday.
Twitter feed from AusCERT is @natecochrane.