Wilson Chua
4 min readJul 29, 2023


EXCLUSIVE REPORT! Top Indonesian security pros and hackers together with tech masterminds unite to learn from a mind-blowing simulation attack! The stakes are high, and they’re not holding back!

In a thrilling sequel to Round #1, cyber whizzes Semi and Wilson hatched a genius plan for ROUND TWO of their electrifying Cyber Hack Challenge! In this Round #2, the Blue Team upgraded the server’s defenses, put up firewall, activated fail2ban and ModSec, but guess what? They slyly left loopholes to direct their red team adversaries right where they want them! It’s a nail-biting race against time!

The Red Team also had their work cut out for them. From the CyberHack Challenge #1, their OS fingerprinting and other reconnaissance already identified their potential targets:

The game unfolds as the Blue Team (Christian & BNS-Techs) joined forces and tackled the relentless cyber onslaught on their website! Armed with Security Ops Center technology like SIEM, Data Analytics Tools and Python, they’re smashing automated attacks like never before!

Blue Team’s Fail2Ban solution helped to blocked malicious IPs from doing more damage. As soon as 3 malicious attempts are associated with one IP address, that said IP is blocked from the server.

Partial Fail2Ban IP banned Lists

As expected, the Red team slowly ran out of valid IP addresses to use. And from later discussions, we learn that the Red Team shifted to using VPN services to rotate their IP address. They also had to limit the attacks below the threshold trigger. This slowed the Red Team down, considerably!

Suddenly, the website went under siege with massive UDP and ICMP attacks. The server went offline momentarily and became erratic. The server’s CPU usage shot through the roof, and MRTG could not produce solid output:

nag ‘bungi bungi’ ang graphs

The battle seemed to have shifted to shotgun-based Distributed Denial of Service attacks (DDoS).… but the Blue Tech heroes didn’t break a sweat! They fought back valiantly by unleashing the ferociously smart firewall rules to drop those nasty, malicious packets! Incredibly, Blue Team’s use of CloudFlare’s Turnstile service (in invisible mode) knocked out 75% of the attacks without the attackers noticing it.

The Blue Team uncovered the cause of the erratic server behavior. It was traced to unrelenting wave of mysterious UDP traffic sent to port 30190! A partial list of attacking IPs are shown below:

Mysteriously, this didn’t come from the Red Team! The plot thickens as unknown parties joined the fray. Brace yourself for a potential external threat that could send shivers down your spine!

And that’s not all! Blue Team and Christian spilled the beans on the *sinister tactics* used by hackers during their epic cyber battle! DDoS could be part of a “Smoke screen” attack. While Blue Team’s attention is focused on the DDoS, the attackers could be surreptitiously exploiting another vulnerability. Can the Blue Team devise ingenious ways to fortify their defenses in time? (In the span of a few hours, the Blue Team had to suffer over 466m ICMPs and 259m UDP packet attacks.)

It doesn’t end there! At the “Lessons Learned” conference held at the end of Round #2, the Red Team also shared the secrets to beefing up Blue Team’s protection! Token encryption needs to be stronger than ever, and those sneaky requests to their WordPress website needs to be clamped down!

Get ready for an adrenaline-pumping climax in Round #3! In the final round, we will provide a Windows based server as the victim server. The suspense is unbearable as they strategize for Round #3!

Red Team at work in doing the simulated hacks

Buckle up for a wild ride full of heart-pounding twists and turns! 🔥🎢 Don’t miss a single moment of this high-octane tech thriller! Stay tuned for the next jaw-dropping chapter in the sensational saga of the cyberwarfare elite! 🌐💻💥