Difference between revisions of "Cyber Security Competition"
imported>Cov (Created page with 'The '''Cyber Security Competition''' is a hacking competition hosted by the Linux and Unix Users Group. =Spring 2010 Information= The Linux and Unix Users Group at Virginia …') |
imported>Pew |
||
(10 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
− | The '''Cyber Security Competition''' is a hacking competition hosted by | + | The '''Cyber Security Competition''' is a hacking competition hosted by VTCSEC. |
=Spring 2010 Information= | =Spring 2010 Information= | ||
− | The Linux and Unix Users Group at Virginia Tech will host a computer and network (in)security competition as part of the [[Student Engineers' Council]]'s [[E-Week]]. Participants should bring a computer with | + | The Linux and Unix Users Group at Virginia Tech will host a computer and network (in)security competition as part of the [[gp:Student Engineers' Council|Student Engineers' Council]]'s [[gp:E-Week|E-Week]]. Participants should bring a computer with several gigabytes of free space, laptop power cord, if necessary, and Ethernet cable. Boxen to pwn will be provided. [https://secure.hosting.vt.edu/www.calendar.vt.edu/main.php?view=event&eventid=1265657761994 Calendar entry]. |
+ | |||
+ | ==Format== | ||
+ | The structure and scoring of the event is still under development, but we have the following goals: | ||
+ | * Everyone should be able to make some progress and make it onto the score board | ||
+ | * Points can be scored for: | ||
+ | ** Pwning boxen | ||
+ | ** Keeping your own vulnerable server up | ||
+ | |||
+ | Messing with others' vulnerable servers, patching the existing vulnerable system, and reverse-engineering and re-implementing the not-too-complicated server will all be options. | ||
+ | |||
+ | The vulnerable service will be intended for a BackTrack based virtual machine image. | ||
+ | |||
+ | ==Rules== | ||
+ | * Read the university's acceptable use policy. | ||
+ | * Obey the university's acceptable use policy. | ||
+ | * Do not red pill or otherwise break out of virtual machines. | ||
+ | * Technical measures may be implemented by the judges to mitigate excessive network traffic. | ||
+ | |||
+ | ==Suggested Configuration== | ||
+ | It is highly recommended to only access the wired competition with a virtual machine and not connect the virtual machine directly to the Internet. | ||
+ | * [[VirtualBox]] running a BackTrack based virtual machine bridged to your Ethernet card. | ||
+ | * Host machine connected via WiFi to the Internet. | ||
+ | * Single, isolated, read-only shared folder between host machine and virtual machine for extra tools. | ||
+ | |||
+ | ==Spectating== | ||
+ | Anyone who is interested is encouraged to come watch. We will be attempting to provide visually and aurally appealing and relevant network traffic information on big large screens. | ||
+ | |||
+ | ===Potential Visualization Software=== | ||
+ | * [http://code.google.com/p/pkviz/ PkViz] | ||
+ | * [http://www.selectparks.net/~julian/pg/pmwiki.php?n=Main.HomePage Packet Garden] | ||
+ | * [http://www.cs.ru.ac.za/research/g02v2468/inetvis.html InetVis] | ||
+ | |||
+ | ===Potential Auralization Software=== | ||
+ | None of the software suveyed sounded completely suitable. It is important that the sounds convey the right ambience--maybe one akin to Uplink. [http://peep.sourceforge.net/intro.html Peep] seems to be the best software available, perhaps changing its sounds and connecting it to Snort logs would work. The original Peep paper by Gilfix and Couch is probably useful to read. [http://www.inbflat.net/ In Bb 2.0] may be a good example of man-made, nicely meshing sounds. [http://lab.andre-michelle.com/tonematrix Tone Matrix] is another potential example of synthesized, well-meshing sounds. | ||
+ | |||
+ | [[Category:VTLUUG:Events]] |
Latest revision as of 08:52, 2 January 2018
The Cyber Security Competition is a hacking competition hosted by VTCSEC.
Contents
Spring 2010 Information
The Linux and Unix Users Group at Virginia Tech will host a computer and network (in)security competition as part of the Student Engineers' Council's E-Week. Participants should bring a computer with several gigabytes of free space, laptop power cord, if necessary, and Ethernet cable. Boxen to pwn will be provided. Calendar entry.
Format
The structure and scoring of the event is still under development, but we have the following goals:
- Everyone should be able to make some progress and make it onto the score board
- Points can be scored for:
- Pwning boxen
- Keeping your own vulnerable server up
Messing with others' vulnerable servers, patching the existing vulnerable system, and reverse-engineering and re-implementing the not-too-complicated server will all be options.
The vulnerable service will be intended for a BackTrack based virtual machine image.
Rules
- Read the university's acceptable use policy.
- Obey the university's acceptable use policy.
- Do not red pill or otherwise break out of virtual machines.
- Technical measures may be implemented by the judges to mitigate excessive network traffic.
Suggested Configuration
It is highly recommended to only access the wired competition with a virtual machine and not connect the virtual machine directly to the Internet.
- VirtualBox running a BackTrack based virtual machine bridged to your Ethernet card.
- Host machine connected via WiFi to the Internet.
- Single, isolated, read-only shared folder between host machine and virtual machine for extra tools.
Spectating
Anyone who is interested is encouraged to come watch. We will be attempting to provide visually and aurally appealing and relevant network traffic information on big large screens.
Potential Visualization Software
Potential Auralization Software
None of the software suveyed sounded completely suitable. It is important that the sounds convey the right ambience--maybe one akin to Uplink. Peep seems to be the best software available, perhaps changing its sounds and connecting it to Snort logs would work. The original Peep paper by Gilfix and Couch is probably useful to read. In Bb 2.0 may be a good example of man-made, nicely meshing sounds. Tone Matrix is another potential example of synthesized, well-meshing sounds.