Tuesday, September 1, 2009

Network Diagram for USMA Internal

You can now download the network diagram for the USMA internal network from the dataset website. Please note, this is the planning document used just prior to the execution of CDX 2009. There may have been changes made at the last minute to the network that were not annotated on the network diagram. USMA utilized NAT (double-NAT in some cases). We will be uploading the final router configurations within the next week. A combination of the configuration files and the network diagram should help most folks correlate IP addresses in PCAP files to actual host IP addresses on the network. Let me know if there is something else that would be of additional help in this regard.

Link to network diagram

Thursday, August 20, 2009

Misconfiguration Issue of NSA Span Port

One of the purposes of releasing this dataset is to help us improve on our capture techniques so that the next dataset is that much more useful to anyone who uses it. Thanks to the input we have already received on the 2009 CDX dataset, we have identified an issue in the way the NSA switch was configured. Specifically, we believe the span port from which our capture node was placed was configured for unidirectional listening. This resulted in our capture node only "hearing" received traffic from the red cell. We don't believe this is the case with the capture files from the USMA network (we controlled that configuration). We will ensure this mistake is not made in upcoming captures and the 2010 CDX capture.

Friday, August 14, 2009

Link to 2009 Inter-Service Academy Datasets

Here is a link to the datasets and West Point logs from the 2009 Inter-Service Academy Cyber Defense Exercise.


Purpose of this Blog

The purpose of this blog is to provide an avenue for users of the 2009 Inter-Service Academy Dataset to provide feedback. We also welcome suggestions on improving the dataset, as we have already started planning the data capture for the 2010 Inter-Service Academy Dataset which we hope to be even larger (through the deployment of addtional capture sensors) and more valuable.

Between now and April 2010 (when the 2010 CDX takes place), we hope to engineer a few data captures of high profile network warfare games, as well as, data captures of red-on-blue events here at the United States Military Academy at West Point.

So, send us your feedback, comments, suggestions, etc. Our goal is to provide the research community with quality, relevant datasets.