In an effort to extend our security awareness message to children and parents, we created the “Wall of Lambs”.
The goal of this project is to teach children and parents alike to understand what basic insecure network traffic looks like to help them understand how they are at risk and what they can do secure their own traffic… and have a little fun in the process.
The traffic on a standard network (especially the Defcon network) has too much going on and is not consistent enough to be conducive for teaching at this level. To solve this, we partnered with the Capture The Packet (CTP) team. Together we generated very clean basic traffic to use in the lab environment (TELNET, SMTP and FTP traffic).
For Defcon Kids, we created two sessions; one lecture, one lab. In the lecture, we went through the basics of TCP/IP and showed what network traffic looks like using common sniffing tools such as Wireshark. The second session was a lab where we ran the game for the participates to get hands on experience with network forensics.
Using the CTP game engine we were able to simulate a live network traffic with very specific login/passwords to ensure everyone would have something unique to capture and learn from.
The participants logged into the CTP game engine, seeing a Jeopardy style board with challenges for each of them. For example: “User Jane Doe with the MAC address of 00:22:26:23:CE:5F logged in via TELNET, what was her password?”
As the participates found the users on the network and submitted them to gain points. When a credential was submitted by a participant, the data went up onto the Wall of Lambs to show everyone.
Our first event was a total success! Every child that participated in the event was able to capture traffic and find username/passwords and went away with a strong understanding of how insecure cleartext/plaintext protocols are.
If you or your organization is interested in having our team put on a similar event, feel free to contact us.