[757labs] For those of you who are Lockheed

[christopher.glaves.ctr at jfcom.mil]

The Corporate Advanced Concepts DASHNet Team is hosting:
"DUTCH - Bring Your Own Exploit Exercise:
Round One: HammerBlock"
Kickoff:   December 15, 2010
Close:      January 31, 2011                           
Where:    NCITE Global Range; Virtual Participation for Participants

Overview:  The Corporate Advanced Concepts DASHNet R&D program is calling LM employees to challenge their DUTCH technology.  DUTCH is a trusted hardware security device that uses a combination of memory analysis and a trusted NIC platform to protect from zero-day attacks and provide out of band analysis, firmware protection and self healing capabilities.  We want our LM employees to bring their own exploits or rootkits to throw at DUTCH, which will be hosted on the NCITE Global Range.  We will give you all the information you need to know on DUTCH and see if you can get through!  Anyone who compromises the box wins a prize and the ultimate bragging rights!

Objectives:  There are three main objectives for completing this exercise, and follow on rounds:
* Test the security functionaility of our DUTCH Hardware Device
* Identify cyber talent in the corporation
* Learn about the latest and greatest malware

Participants: Round One: HammerBlock will allow LM employees only to bring their best expolits to see if they can beat our DUTCH technology and compromise a box. They will need to use a non-LMI access account to get on the range and try to hack the system.  To participate, you need to complete a user access request and at kickoff, we will send you all the information you need to compete.
Contact Alisa O'Connor with additional questions.
 
Rules of Engagement 
Purpose of Exercise - This exercise is to enlist our fellow employees in an attempt to identify and exploit any weaknesses in the Hammerblock environment and recognize any who succeed in breaking into the protected server and retrieving the token.
Eligibility - Only US-based Lockheed Martin employees may participate in the exercise. 
Monitoring - All activity on the range is linked to your individual login and will be monitored and recorded.
Responsible Behavior During Exercise - You assume responsibility for all actions taken using your login.         

Do:
* be creative and use any approach you can think of to compromise the targets
* have fun and collaborate with your LM peers
* ask if you have any questions or need clarification

Don't:
* use the LMI or an LMI device. Alternatives: personal device, home internet connection.
* attack anything other than the targets (this includes infrastructure and other users) or engage in any criminal or abusive behavior. 
* ask us for charge numbers, you must cover your labor on your own time. We are not providing charge numbers.

General - You agree that participating in Hammer Block is voluntary and that you are aware there may be potential risks.  You accept sole responsibility and agree to hold Lockheed Martin harmless for any harm to your machine or connection that arises from your participation.  You agree to abide by the terms of participation and understand that by participating there is no contract, implied or otherwise, between you and Lockheed Martin beyond explicit permission to perform cyber attacks against the specified targets in accordance with these Rules. You also agree that all your activity is recorded, and that those recordings along with all outcomes from the exercise are the exclusive property of Lockheed Martin, and you agree not to disclose any findings or vulnerabilities outside of the Lockheed Martin Hammer Block management team. 

Prizes - There are fabulous prizes available!  Polo shirts.  Nice ones.  We'll definitely make sure that participants and winners get the best possible visibility with management for their efforts - who knows, there might be a new job in it for you!  But no matter what the prize, you will get major bragging rights if you win. 

Winning - Winning means you have successfully broken into the protected server and retrieved the token.  You've documented how to do this, and can repeat it for us when we ask. You agree to give us the exploit, methods, and related documentation. And we will give you the above-mentioned prizes.  As the exercise continues, we will keep a leader board. 

More info can be found via the new Eureka Portal.

--Chris