This is a short write up on some interesting things I found while completing a midterm project for a Network Forensics class I took last year. My network forensics group decided to map the traffic for contemporary Windows-based denial of service vulnerabilities. Our project utilized a live network of volunteer hosts connected to the university network. We used NetFlow data collected by Flow Tools. While searching for possible exploits I found a hidden network bridge. The bridge used a non-human host registered to a roaming port in a networking closet. The host was eventually found to use a rouge process which proxied connections from an external residence on to campus. A malicious user could have used this bridge to proxy requests from their home through the university.
I'm a CyberSecurity undergraduate part of a great program called the U. S. CyberCorps Scholarship for Service. The program helps students studying in information assurance related fields with tuition aid and professional benefits, provided the student promises their expertise to aid the U. S. Federal Government. Recently (this week) the program held a job fair in Washington D. C. for the students. Over 40 agencies occupied booths at the fair/symposium. The main objective was to identify potential students and expose them to information security related positions. Even before I was selected for the program, I held a vested interest in information security. Likewise, I had some previous application/interviewing experience for information security related internships. I wanted to take some time and outline my experience, and perhaps create a quick bulleted list for those seeking assistance with finding similar internships.