CCDC Nationals 2010 (part1)

The Collegiate Cyber Defense Competition (CCDC) is a national competition for college students designed to promote learning about cyber defense. Each year regional competitions across the nation act as preliminary rounds and then send the regional winners to a national competition in San Antonio. Each college team is required to defend an identical network from attacks by a red cell team and to perform business tasks at the same time.

National CCDC 2010 – [nationalccdc.org]

Competition Overview

You have just been hired as the network and security administrators at a small company and will be taking administrative control of all information systems. You know very little about the network, what security level has been maintained, or what software has been installed. You have a limited time frame to familiarize yourself with the network and systems and to begin the security updates and patches before the red team starts actively attacking your company. In the midst of all the commotion, you have to keep up with the needs of the business and user demands while maintaining service level agreements for all critical Internet services. Welcome to the first day of the National Collegiate Cyber Defense Competition (CCDC).

The teams gathered together at the beginning of the competition.

Teams gather in general room

Teams gather in general room

Teams gather to hear Dwayne

Teams gather to hear Dwayne

Dwayne Williams from CIAS (Competition Director) explained the rules.

Dwayne Williams talks to the teams

Dwayne Williams talks to the teams

Then Mayor Castro of San Antonio made some remarks.

Mayor Castro

Mayor Castro

In previous years, the scenario presented to the student teams (mentioned above) was that they were replacing a fired IT staff. This year, the scenario changed to a hostile takeover that included disgruntled former employees resigning and a new requirement for re-branding of existing web pages.

Competition Scenario

Competition Scenario

Each student team went upstairs to a private conference room where their network equipment was located and began the competion.

Upstairs

Upstairs

Each team was given the following equipment:

  • Cisco switch and ASA firewall
  • Laser printer
  • Win 2003 (DNS)
  • BSD (DB)
  • Mandriva (Apache, PHP, OpenSSL, e-commerce)
  • Win 2008 (AD, IIS)
  • Solaris x86 (SMTP, POP3)
  • Win XP
  • Linux
  • Win 2000 Pro
  • Win Vista Bus
  • Win7
Network diagram

Network diagram

Critical services for scoring included:

  • HTTP
  • HTTPS
  • SMTP
  • SSH
  • SQL
  • DNS
  • VOIP

And down in the Operations Center, the scoring engine was hard at work keeping track of all this:

Services scoring

Services scoring

On a regular basis, “business injects” were delivered to each team with business task requirements to be turned in to the white team (scoring/judging) or tested by the white team, either remotely or locally. Some of the business injects this year included:

  • Rebrand the entire web presence with the new corporate name and logo images
  • Configure SSH for use
  • Install and configure WSUS for updates
  • Implement VPN access
  • Install a “live chat” function on the web page
  • Write a corporate policy covering appropriate use of social networking sites
  • Perform a security assessment on your own network and write up a report
  • Upgrade workstations to Win7
  • Perform a password strength audit on your systems and report
  • Pack up all the equipment at the end of the competition
Business injects

Business injects

Meanwhile, down the hall from the Operations Center, the Red Team started their work at the same time as the defending college teams. But for their Friday (first day) operations, they were quite restrained, content to collect as much information as possible on each team and entrench positions for use during the rest of the weekend. This usually involves pulling password hashes for overnight cracking and installing user accounts, agents or backdoors to ensure later access.

this post is continued at: CCDC Nationals 2010 (part2)

SEE ALSO FROM PREVIOUS CCDC EVENTS:
other CCDC related posts

Comments are closed.