SWIFT Workshops – A Review

SWIFT has long been pioneering the field of network administration, system administration, and cyber security. SWIFT was recently recognized for its efforts in creative innovative ways to provide students new opportunities for hands on and learning.

We believe first and foremost in students learning through hands on and interactive activities. If you want to learn more, show up to our workshops or to our meetings to get involved!

Just a few recent activities we’ve done:

DHS Webinar

Renee Forney, the DHS executive director of cyberskills management (DOCM) will be speaking in a live webinar on Wednesday May 18th at 12pm to 1pm.

This is a great opportunity to learn about the efforts by the government to secure our infrastructure and systems across the country as well as learn how to get involved in defending the nation.

Pizza will be provided!

So join us in 98P-2-007 from 12Pm to 1PM to learn about cyber security and the DHS!

SWIFT Executive Board Elections 2016-2017

As we begin Spring Quarter it is time to start voting in the next board for SWIFT. Come join the nationally competitive cyber security and network administration club and help shape the future!

Coming next year, we will be modifying our structure to provide more opportunities for students of all skills to participate! One of the most requested changes people have asked is for more ways to participate in SWIFT.

All skill levels are welcome to participate and encouraged to learn new skills. If you don’t think you are ready to be on the executive board, join us on our working groups to help improve and shape our events for years to come!

Here is a breakdown of the Core Executive Board (sub positions available)

core-eboard-design

E-Board Position Description
VP of Marketing Oversees marketing team, ensures media and communications match events and go out in a timely manner following student interest. (Great for Business and Marketing majors to get a portfolio and leadership skills)
VP of Operations Configures and deploys hardware, virtual machines, networking gear, and other equipment. Learns how to use equipment and ensures all required tools and hardware remain operational. (Great for students interested in telecommunication and system administration!)
VP of Competitions Coordinate and help SWIFT members who participate in our Cyber Defense and Offense competitions. (Great for students looking to challenge their skills)
VP of Events Ensures Directors of Events create no conflicts, and helps share events to allow for collaboration between other clubs.
System Administrator Tasked with maintaining SWIFT servers (Great for students interested in system administration)
Treasurer Tasked with maintaining club funds and handling membership. Great for anyone who likes to work with others!
Social Media Evangelist Maintains social streams and provides interaction on social media.
Director of Public Media Maintains public repository of media from events, collects members photos as well as official articles related to club.
Director of Communications Handles all communication between university and the club as well as handling the blog.

Remember, there are plenty of other positions available! In addition to the roles above, feel free to apply for one of our working groups to gain experience. These will start meeting this year for events like Tech Symposium so you can get aquainted with the events as well as gain experience.

  • Security Workshop Coordinator
  • Tech Symposium Coordinator
  • SWIFT Meeting Coordinator
  • FragNite Coordinator

These Working groups are great for resumes as well and do not require any previous experience. By helping plan these events, you can put “Helped Plan Tech Symposium” or similar on your resume while gaining experience in the all the areas of cyber security, network administration, and system administration. If you are unsure where to get started, these are a great place to start!

If you have any questions, please do not hesitate to contact us!

To get involved simply click here!

How to Keep Your Digital Skeletons in the Closet

A primer in Privacy…

The Internet is a scary place, mostly because of horrible people like
yourself. If anyone saw your browser history they would judge you harshly,
and rightfully so. Sadly enough, a *lot* of people have access to your
browsing history, whether you know it or not. Advertisers, governments,
ISPs, schools, all peek into your data. You’re being watched.

So what can we do about this constant surveillance? Make life difficult for
the people watching, that’s what. This presentation will cover a number of
‘privacy enhancing technologies’, from secure text messaging to anonymous
browsing, encrypted chat and video calls. Learn how to properly assess
threats to you and your data, and understand what you can do to best
protect yourself.

You don’t need to be an expert on encryption or computers to glean useful
information from this talk, you just need to be willing to listen and try
some new things out.

And let’s be honest, you’re going to come for the free pizza anyway so don’t bother pretending to be there to listen to me talk.

Slides Available here. Meeting Video available here.

CrowdStrike – To Catch a Hacker

Ever wonder how to dissect a cyber attack? At this Tuesday’s SWIFT meeting, we will be explaining just that! Join us as consultants from CrowdStrike show how they investigate breaches across thousands of systems at the same time. You will get an introduction to how knowledge in computer and network forensics can be combined with the power of Splunk to search for attacker activity at scale, as well as a story that will recount how CrowdStrike investigated a breach carried out by nation-state attackers.

Make sure to attend to on Tuesday, January 26th, 2016 in 162-1001 (Large Lecture Halls) at U-Hour (12pm to 1pm). They will be discussing these skills as well as opportunities available at CrowdStrike.

CrowdStrike is a Google-backed cyber security company which specializes in endpoint protection, cyber intelligence, and security consulting services.

nginx Workshop

This workshop is an in depth look at the powerful nginx (Engine-X) web server on the Debian Linux Operating System from initial install to fully functional web services. Learn the tips and tricks of being a web administrator!

We will be covering topics such as how to setup a media juke box on nginx and much more. In addition we will also be providing several tips for use in protecting and hardening web servers from common attacks and leaks.

This workshop is interactive, so please down the OVA here

This requires VirtualBox! Please have VirtualBox installed and this Virtual Machine loaded for Tuesday

Attack and Defense Workshop

How do hackers break into your system or steal all your information? How can you protect yourself?

With Heartbleed, POODLE, Shellshock, and many other vulnerabilities, this workshop will show you how the attackers get in and how to protect yourself.

Join SWIFT for an evening of cyber defense and offensive security techniques with the best that Cal Poly Pomona has to offer, the Collegiate Cyber Defense Competition (CCDC) team. We will also be introducing our Year-Around-Security-Competition!

We have learned from our workshops last quarter and have improved our infrastructure and activities to function better. We will be covering security defense and offense through interactive demos and virtual machines for each attendee.

We will cover how common exploits are run with the Metasploit Framework and many other tools, this is a great chance to get familiar with these industry standards!

Additionally we will be giving everyone access to our new CTF (Capture the Flag) Competition platform for everyone to learn new skills and challenge themselves.

Don’t delay and sign up for this event! Here.

Symantec Reverse Engineering and Malware Exploration Talk

Going into our Thanksgiving week, Symantec will be presenting on Tuesday with a hands on talk covering malware analysis and program security.

This talk will be covering program analysis as well as reverse engineering. These techniques are used extensively in malware protection and takedowns. If you have heard of cryptolocker or stuxnet, they were discovered and taken down using these skills. This talk will allow you allow you to identify problems in code and identify adversaries across the globe.

If you attended the event (or even if you didn’t) the challenges are uploaded here

These challenges are accompanied by walkthrough-guides to provide visuals to walk through how to figure out these challenges. In addition, the source code is provided for each binary. They require Microsoft Windows to run.

The programs needed to analyze and explore these programs are IDA (Free) and OllyDBG. These programs are free and available for everyone.

SCALE14x Attendance

The Southern California Linux Expo (SCALE) is happening January 21st through 24th. SWIFT is providing sponsorship for discounted room and/or tickets. The cost for the room and ticket is $80, while just the ticket is $40. This is an 80% discount and space is very limited! You must be a member to get the discounts – which costs $35 for the entire year and provides access to many conferences like this. This conference is a great opportunity to network with professionals and enhance your marketable skills. Learn topics from basic system administration, security, and much more. If you have indicated your interest, please bring your money to a Tuesday meeting! We will be assigning the room to everyone on the list or is interested on a first-come-first-serve basis until we are out of remaining rooms. After that we will be able to provide discounts on tickets.

More information on SCaLE is at https://www.socallinuxexpo.org/scale/14x

Attending with SWIFT will give you a discount of over $300 if you were getting a room and a ticket, the deadline to signup is the last week of Fall Quarter!

Please sign up at http://goo.gl/forms/KivNneQ9XA

The required forms to sign and send back are available here

Personal Security Workshop

Come join us on Tuesday, 11/10 at 12PM to learn about how to protect your personal security

Personal security includes personal information that you use every day such as your credit cards, social security numbers, and much more.

How does your mobile devices leak this information? Or how do you?

Come learn how attackers steal this information and most of all how to protect yourself