LAN parties for corporations

As regular readers are no doubt aware, I have argued for many years that one of the difficulties we face in implementing security is the perception that the IT group or network administrators are imposing arbitrary rules on the rest of the organization.

Sometimes, a gulf develops between IT and less technical users; they don’t socialize together and they rarely interact except when there are problems. Under such circumstances, it’s no wonder that many organizations experience varying levels of hostility between the security team and users. Anything that can build solidarity among all the employees, regardless of their specific job assignments, can help dispel the haze of us/them thinking that interferes with effective security.

The student chapter of the Association for Computing Machinery (ACM) at Norwich University runs LAN parties for anyone who likes networked games. Some of the students involved were discussing the event with me and our discussion turned to how such games might be useful in the corporate world. The following article was written by Karthik Raman, one of my undergraduate information assurance students, with contributions from two of his fellow students, Ryan Davis and Michael Martell.

* * *

Network administrators can use computer gaming parties to boost employee morale and improve users’ computer knowledge.

LAN parties are similar to quarterly company barbecues: they can get employees from different divisions of the business to interact in a fun, informal atmosphere. If multiplayer games are supported at a LAN party in a team-building exercise, different company divisions can game against each other in healthy competition.

In addition, at LAN parties, the IT staff can get the chance to interact closely with other employees. As they help the network administrator set up the LAN, they can demonstrate computer networking to employees and dispel any notions of wizardry surrounding their work.

If a business is building a Computer Emergency Response Team (CERT), then one can use the gaming network to train the new members. CERTs from sister organizations can be invited to compete in a computer security contest. In a test to see who can best secure a computer, the competing CERTs will not only exercise their skills, but also have fun at it.

Norwich University’s LAN04

Earlier this year the Association for Computer Machinery Chapter at Norwich University (NU-ACM) hosted our fourth network gaming party. Judging from the success of previous LAN parties at Norwich, about 100 gaming nodes were expected at LAN04; however, our server hosted close to 180 IP addresses for computer gamers and networked X-Boxes.

During the party, the NU-ACM created a help desk for attendees to configure network connections. In addition, to ensure that all gamers had current versions of gaming software, we set up a file server with updated patches on the network. We also served food and drinks and handed out prizes from sponsors.

LAN04 featured an information assurance education event called Computer Security Challenge, in which teams of participants secured a poorly configured Linux box connected to a small, isolated network. At regular intervals, a hostile server attempted to exploit vulnerabilities on all machines on this network. The winners were judged by how well they configured the target.

LAN04 was a hugely successful event at Norwich University. The gamers enjoyed 12 hours of network gaming and the NU-ACM members gained valuable technical and practical experience from organizing the event.

LAN04 demonstrated how easy it is to set up a small network for gaming. The network architecture took NU-ACM about two hours to plan and three hours to set up. In a corporation, LAN parties can be held in a conference room or be spread out across contiguous office spaces. Make sure that the rooms have adequate power. Once a venue is decided on, the network administrator should model the LAN architecture.  

At LAN04, the NU-ACM used a version of Knoppix Linux to set up DHCP and file servers. Game software updates were placed on a large-capacity external USB hard drive attached to a NU-ACM member’s computer. This computer normally ran Windows XP, but when it was booted up using Knoppix with a few simple changes in configuration, the desired DHCP and file servers were up and running. Files were then served from the USB hard drive, and the hard drive with Windows XP remained untouched.

The advantage to this method of creating servers is that there is no need to buy special equipment. As long as production machines have been backed up, one can use them to set up the gaming LAN and return them to production the day after the LAN party.

In summary, try organizing a LAN party for your organization. A LAN is easy to set up and costs next to nothing; your employees will all love gaming on it. The improved social relations can significantly affect technical support, willingness to report security problems, and the ease with which you will be able to implement security policies.

You can contact the ACM chapter at Norwich University at mailto:acm@norwich.edu

The NU-ACM recently won the award for Outstanding School Service from the ACM; see https://www.acm.org/chapters/stu/2004_awardSchool.html