COMMUNITY COLLEGE CYBER DEFENSE COMPETITION. Competition Scenario

Similar documents
NATIONAL CYBER DEFENSE COMPETITION. Competition Rules

Web Hosting. Important features to consider

UNIT ONE. Introduction to CyberPatriot and Cybersecurity. AIR FORCE ASSOCIATION S CYBERPATRIOT

SafeConsole On-Prem Install Guide. version DataLocker Inc. July, SafeConsole. Reference for SafeConsole OnPrem

Manual Update Java 7 25 Mac 32 Bit Offline

Frequently Asked Questions (FAQ)

Using the Remote Desktop Portal

Sage Abra Suite. Installation Guide

TRAINER MOODLE QUICK GUIDE

ACE Operation Manual

Instructor: Eric Rettke Phone: (every few days)

CCH ProSystem fx Practice Management

Imaging solution FAQs

Archivists Toolkit Internal Database

Class Note 1 PHP Oracle Development. Zend Server Setup (Updated 6/3/2015)

Edsel Ford High School

Student ANGEL FAQ. Table of Contents:

Azure 209x Practical Exercises Overview

A short guide to learning more technology This week s topic: Windows 10 Tips

Linux File System and Basic Commands

Welcome to our Moodle site! What is Moodle?

Designing a System. We have lots of tools Tools are rarely interesting by themselves Let s design a system... Steven M. Bellovin April 10,

VDI Users Guide. Mac OS X

Release Notes. MYOB AccountRight Basics About AccountRight 2011

SafeConsole On-Prem Install Guide

CSR Computer Policy Statement

Deposit Wizard TellerScan Installation Guide

Getting Help...71 Getting help with ScreenSteps...72

CS 1301 Fall 2008 Lab 2 Introduction to UNIX

File Upload Instructions Customer Access To Transcript Bulletin Publishing s FTP Site

Windows. Not just for houses

Connect using Putty to a Linux Server

Building a 64-bit CentOS 7 Workstation using Oracle Virtual Box

Deltek Time & Expense with Employee Self Service Version New Installation for Microsoft SQL Sever

ALTIUM VAULT IMPLEMENTATION GUIDE

Upgrading to UrbanCode Deploy 7

VMware Horizon FLEX 1.5 WHITE PAPER

Gree Change Service Manual Command Line Windows 7

GRANTS AND CONTRIBUTIONS ONLINE SERVICES USER GUIDE: CANADA SUMMER JOBS

Seqrite Endpoint Security

Lab 1: Accessing the Linux Operating System Spring 2009

Google chrome windows bit

Top Producer 7i Remote

This document contains information that will help manage various aspects of your online presence through one intuitive interface.

The security challenge in a mobile world

System Structure. Steven M. Bellovin December 14,

Student Guide INTRODUCTION TO ONLINE RESOURCES

Follow us on Twitter to stay in touch with the latest news, articles, product developments, and promotions for FreedomVOICE service.

MRU Secure Remote Access Service (SRAS) User Guide

Installing and Setting Up the Snap-on EPC. Rev.1.10 (10 Oct 2013) PN EN

Student Guide. By UNICAF University

// Mamut Business Software. Update Guide

GradeConnect.com. User Manual

Index Introduction 3 Chapter 1. - Beginning the installation User License Application User Information 4

Alkan University College Student Information Management System

Storebox User Guide. Swisscom (Switzerland) Ltd.

Setting up my Dev Environment ECS 030

Learning and Development. UWE Staff Profiles (USP) User Guide

Client-server practices

OCSAA Accreditation Dashboard

G-WAN. Complete install process for Ubuntu (both for the 32 and the 64 OS versions).

Getting Started. System Requirements. Installation

CIMS Login Quick Guide Your Guide to Login Procedures

Business Insights Dashboard

Unity Loader V14.0 Readme

Office 365 provided by Hugh Baird College

MyPBX Security Configuration Guide

ONLINE TRAINING REFERENCE GUIDE

Welcome. Horn Center Open Access Lab. Wednesday, August 26, 2009 Hello, Give name and position. I work at the Horn Center Computer Lab

Deposit Wizard Panini Installation Guide

Getting Started with. Agents for Unix and Linux. Version

CoreMax Consulting s Cyber Security Roadmap

Student Guide INTRODUCTION TO ONLINE RESOURCES

Moodle Student Manual

OS3 infrastructure 2016/2017

CREATING WEBSITES. What you need to build a website Part One The Basics. Chas Large. Welcome one and all

Polarion Trial Installation 17.2

COMPETITION SUMMARIES Page 1

E-Book. Compatibility Doomsday: Discoverer, Microsoft and Java It s Only a Matter of Time. September 2017

TransUnion Direct User Guide

Posting Bridge Game Results to VCBridge.org by Bob Gruber

Tip: Install IIS web server on Windows 2008 R2

(Refer Slide Time: 1:26)

Chapter 6: Connecting Windows Workstations

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

NAMI Affiliate Profile Center Contact Manual

How to Stay Safe on Public Wi-Fi Networks

Secure Remote Access And Password Management

MRU Secure Remote Access Service (SRAS) External User Guide

How To Upload Your Newsletter

Instructions PLEASE READ (notice bold and underlined phrases)

CyberPatriot X Round 1 Checklist and Instructions

Best Practices of IBM Notes Traveler Deployment. Date: 27 Aug 2015

STAROFFICE 8 GETTING STARTED

Practice Labs User Guide

EQNMR Facility Rules of Use

Azure for On-Premises Administrators Practice Exercises

Getting Started GateManager5 PREMIUM Domain Administration

MyPBX Security Configuration Guide

Chapter 16: Advanced Security

Transcription:

COMMUNITY COLLEGE CYBER DEFENSE COMPETITION Competition Scenario IOWA STATE UNIVERSITY, INFORMATION ASSURANCE CENTER FALL 2012 COMMUNITY COLLEGE CDC SCENARIO FALL 2012 PAGE 1 OF 8

Computer Discount Center (CDC) welcomes you and your team! My name is Oscar, assistant to President. Our goal is to provide the best custom-assembled computers to each and every customer. The President wants to grow the company by way of ecommerce. In preparation for the influx of orders we have recently virtualized our existing systems. This will allow us to grow in to the future. However, we have learned our IT staff of one is not enough to complete the next step in the allotted time. I have brought your team aboard to move our company on to the final stretch. I do warn you our IT staff was not able to do anything outside of just virtualizing our systems. We still do incorporate legacy systems that should be brought up to standards. We have two standing system as of now: An out of date Windows Server that is the entry to our intranet and more, and a Linux web server that has been setup by a previous IT employee (Matt) who is no longer with us. I would like to see the new virtualization software used fully. Feel free to split off services from existing systems on to their own VMs, if you feel you can do it securely and without breaking their functionality. The current IT staff have knowledge of Windows, Linux, and Unix, but their strength is in Linux. Do remember that after your stay is done, the current IT will be in charge of management and maintenance. Being understanding of increased security concerns we would like to increase our current security audits. To make sure key information is being secured, we would like for you to place flags at designated locations with in the systems. This will allow our audits to confirm the strength of your security implementations. These new security implementations you are enabling should be strong enough to withstand attacks from even the most skilled internet hackers along with any internal would-be spy. We like to refer to them as the Red Team. While security should be at the forefront of your agenda, do not forget we have employees who do work from home or from the road. You should not put to much extra burden on them, in the name of security. Our DNS is provided by our ISP, ISEAGE, we refer to them as the White Team due to that they are the most trust worth people we know, and they handle all back end work so we don't have too. You will have to contact the White Team with the IPs you have assigned to each service. COMMUNITY COLLEGE CDC SCENARIO FALL 2012 PAGE 2 OF 8

To assure that we have not left any employee out the transition we will provide a list of users. These users need access to all systems. It is the middle of the fiscal year and we do not want to make users re-create their passwords. We will include their passwords along side their user names. Passwords may NOT be changed without authorization from the HR manager (We call him the Green Team Leader, since everything in his office and his attire is green). On behalf of everyone at Computer Discount Center (CDC), I thank you! With your help we are able to grow our company to new horizons. - Oscar Rodriguez COMMUNITY COLLEGE CDC SCENARIO FALL 2012 PAGE 3 OF 8

Your network must provide the following services: Web Server (www.siten.cdc.com) [PROVIDED] This server is on a new version of Fedora, so the OS should be secure. Matt wrote the website himself, and says it should be totally secure, but you should verify that. It is important that our ecommerce system isn t be hacked. No web content or functionality may be removed from this machine. Doing so is equivalent to taking the web server offline. Your team should focus on implementing common security measures. Focus on areas such as user authentication, protecting the confidential information (especially credit card numbers!), and other web security measures to protect our sensitive data from being leaked. The website should be accessible at www.siten.cdc.com on port 80. The underlying OS can be reinstalled, patched, and reconfigured; do whatever you need to do to make it work securely. Many teams will consider installing a whole new operating system and migrating content over from the old system. This is effective for advanced teams, but is definitely not recommended unless you know how complicated it will be. Content must be backed up (including any databases). FTP uploads should be kept in the users' public_html directories and accessible from siten.cdc.com/~<username> Ask the competition director if you need further clarification. RDP Server (rdp.siten.cdc.com) [PROVIDED] First, we must provide a full desktop experience on an RDP server for our employees. They will be using their own computers to access it, and we don't know how powerful they will be. One employee is using an old Pentium II laptop running Linux with rdesktop for his workstation. So, you'll need to make sure that users can do everyday tasks such as browse the internet, write documents, check e-mail, etc. Your team is required to use Windows Server 2003 or Windows Server 2008 R2. You are allowed to install new Service Packs and patches as you deem acceptable, but the core operating system to be installed MUST remain as Windows Server 2003 or Windows Server 2008 R2. Every user should be able to access and run the following programs, and icons to these programs should be placed in the following folder: "C:\Documents and Settings\All Users\Desktop" (2003) or the COMMUNITY COLLEGE CDC SCENARIO FALL 2012 PAGE 4 OF 8

C:\Users\Public\Public Desktop (2008 R2). (Note that this folder may be hidden). FileZilla FTP Client Notepad++ Mozilla Firefox PuTTY SSH Client LibreOffice Adobe Acrobat Reader Must be compatible with rdesktop running on Linux The White Team has pointed out that the site http://ninite.com/ may be use to automate the installation or upgrade of these programs. The other functions currently existing on the RDP server is the wiki and backup system listed below. Corporate Wiki (wiki.siten.cdc.com) The corporate wiki is currently on our RDP server, I would look in to moving it to a new server. HTTP should be available to members via wiki.siten.cdc.com Member content CANNOT be deleted, doing so is equivalent to taking the wiki offline. Users must be able to upload files via the wiki. The wiki we have provided is run on MediaWiki, but it can be run on any wiki software of your choice. If you decide to move the Wiki to another system you must move ALL existing content as well, including text, images, and uploads! Content must be backed up (including the MySQL database) to the backup server during the competition. The content in this Wiki is highly sensitive and confidential. Make sure that only authorized users have access to the information stored on the wiki. See the wiki itself for further details. Shell Server (shell.siten.cdc.com) Some of our employees are working on new/existing coding projects for the web server or general systems and would like a more powerful testbed to compile and debug their code. You will need to setup a Linux server for them to access via COMMUNITY COLLEGE CDC SCENARIO FALL 2012 PAGE 5 OF 8

SSH. The White Team has provided a few examples: Debian Ubuntu Fedora OpenSuSE If you are familiar with another distro, we encourage you to use that. Employees need to be able to access an SSH/SFTP server to compile C and C++ code (using the GCC compiler suite) and Java code using either Oracle Java or OpenJDK. Users should be allowed at least 1GB of storage on this server (even though they may not use that much). File sizes must be able to grow to 250MB, as some projects require large databases. Users should be able to have at least 25 processes. In order to test to make sure that compilation works properly on the shell box, we will provide (at a later time) a set of files and test scripts that Blue Teams can use to verify their boxes are properly configured. SSH/SFTP should be running on standard port 22 SSH/SFTP should be offered via the DNS name shell.siten.cdc.com User files must be backed up Backups (does NOT need to be publicly accessible) Our RDP server has a system to back up databases on the web server, content on the wiki, and user documents on the RDP server. Look in to the notion of moving this to a separate system, but we ll leave that up to you. We d also like you to backup any user files on the shell server. Systems fail at random times, so the Green and White teams may ask you for a backup of all systems at any time! Must backup wiki content, shell server contents, RDP user documents, and web server databases Must keep a minimum of 8 backups at 1 hour intervals. DNS ISEAGE, our ISP, is handling DNS for us, so you won t have to implement it yourself. You will need to let the White Team know which IPs you have configured your services at. Firewall (Optional) COMMUNITY COLLEGE CDC SCENARIO FALL 2012 PAGE 6 OF 8

Your team may decide to use a firewall to protect your servers. White Team recommends pfsense (www.pfsense.org) for this task because they are familiar with it and can provide you with basic assistance if needed. However, other solutions are acceptable as well if you would prefer to use them. All setup will be done remotely (see the Remote Setup document). Hardware has been provided to meet the requirements of a basic network design, and our budget is currently limited, so you will need to ensure you distribute your limited computing resources (see the CDC Rules document). The day before we go online, you will have setup time to put the finishing touches on the network before the services go live for the world to access (Friday, Nov. 30 th from noon until 11:59pm). The site must be online by 8:00am on Saturday, Dec. 1 st! The White Team, require that your network be documented so they can understand how you have designed the new network. You are also required to create a guide for your fellow non-technical employees on how to use your services. Both of these documents must be provided to the White Team prior to the start of the competition or your team will incur penalties. See the Rules document for details. Member Expulsion Procedure Unfortunately, we occasionally have unruly members. To prevent a member from discovering that he/she is being ejected, accounts cannot be disabled until a member is notified of his/her expulsion. However, once a member is expelled, his/her accounts must be immediately disabled. This will prevent any type of retaliation or intellectual property theft caused by a disgruntled former employee. The Green Team Leader will notify your team (Blue Team) of a pending termination with a scheduled time. The member accounts must be terminated within 5 minutes of the scheduled time, but NO SOONER. For example, if you are told at 2:00pm to disable an account at 3:15pm you are required to have that account totally disabled on all services by 3:20pm, but not even a minute before 3:15pm, lest you tip off the expelled individual. We recommend either implementing an automated system to handle member expulsion, or a well documented process of ensuring that an account can be disabled on all systems within 5 minutes. Please be sure to detail how you are approaching this problem in your Green Team Documentation. COMMUNITY COLLEGE CDC SCENARIO FALL 2012 PAGE 7 OF 8

Shell Server Test Scripts In order to test to make sure that compilation works properly on the shell server we will provide (at a later time) a set of files and test scripts that Blue Teams can use to verify their boxes are properly configured. During the Green Team usability checks these scripts and files (or slightly modified ones) will be used to verify that your services are operating as expected. Concluding Thoughts Hello, everyone! This year I am the CDC director, Patrick Turvin. I welcome back all returning participants. For new participants, I have been the Community College CDC director for the past two years, this will be my third. I have been a part of 11 CDCs in total. I am currently an employee of the ISEAGE research group here at ISU. I also graduated from Kirkwood Community College, so I know what it's like be a participant on that level. I strive to bring another successful competition to each of the students, advisers, and volunteers. If you have and questions or concerns don't hesitate to contact me. Enjoy yourself, and have fun. Good look to everyone! - Patrick Turvin, Director COMMUNITY COLLEGE CDC SCENARIO FALL 2012 PAGE 8 OF 8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback