Stephen,
Great work capturing notes at yesterday’s mtg including some thoughts that I
had during the session. I look forward to seeing the Ninja’s defending the
servers against the Red Team Bots with you at the helm!
Ninjas,
Here is the recording -
https://urldefense.com/v3/__https://us02web.zoom.us/rec/share/HAKZ8i2u-GPoLQrz-h16vskYo32uO0gpDCWklz-jfZcZcdEwVM_lZhlrJczULNTg.oUPexvSFX4KonalZ__;!!Gqic7nUINw!1AQfAi0ghTULi530nS8G2SaxGROEcsWAXeAkGY1Gjk7Ux2veQGtM4XiOBy3pZTkhvic$
And password to the recording - Eha3.WZdtNKnaE7.EH
Super proud of the team to be in the SoCal Cyber Cup finals!
Kind Regards,
Rick
--------------------------
Rick Cassoni, CISSP, PMP
Department Chair, Computer Studies (CSIT)
Oceanside Campus, T111
P 760.757.2121 x6369<tel:760.757.2121;6369>
rcassoni@xxxxxxxxxxxxx<mailto:rcassoni@xxxxxxxxxxxxx>
miracosta.edu/csit<http://www.miracosta.edu/csit>
miracosta.edu/home/rcassoni<http://www.miracosta.edu/home/rcassoni>
Want to learn more about CSIT events, jobs,
internships, etc... like the CSIT Department on
Facebook<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.facebook.com_MiraCosta-2DCSIT-2DDepartment-2D1724330054454928_-3Ffref-3Dts&d=DwMGaQ&c=bxXB6XgK3xQjNA1pniRjug&r=uGzzDFzKJQlQFYYq8CHhYZfD1MwwGsRkdOxbqks8w7U&m=N9hoiv6ZWiizJbHeluqu4fRTIhoNeXs26UARyMiNxr8&s=IKblt8Mu_8KkBH0TUfti3h9kLp5ls8B9DpiJrhZQU40&e=>
and follow us on
Instagram<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.instagram.com_miracostacsitdepartment&d=DwMGaQ&c=bxXB6XgK3xQjNA1pniRjug&r=uGzzDFzKJQlQFYYq8CHhYZfD1MwwGsRkdOxbqks8w7U&m=N9hoiv6ZWiizJbHeluqu4fRTIhoNeXs26UARyMiNxr8&s=f5ChhYsmuAu7zDXqolH-ubCN8DjejS1yWuKUCimREB8&e=>!
On May 19, 2021, at 9:22 PM, Stephen Hilliard <xxbravo01xx@xxxxxxxxx> wrote:
Hello Team Ninja,
Here are a number of links and notes from today's Finals round preview.
Finals Challenge Document
https://drive.google.com/file/d/1shWkoToxmQwhGV5sfyboFSGvpO6Nht5n/view<https://urldefense.com/v3/__https://drive.google.com/file/d/1shWkoToxmQwhGV5sfyboFSGvpO6Nht5n/view__;!!Gqic7nUINw!20-0vbvnYPFYMKDRtxmweSLb4g8z8x7ux_uupaPOkqQ4VyancuJ34HViWJsc52wJ96U$>
Finals Challenge Environment
https://drive.google.com/file/d/197Z2sP0IoQNCQPoubrDQYRMRzqNaBuTd/view<https://urldefense.com/v3/__https://drive.google.com/file/d/197Z2sP0IoQNCQPoubrDQYRMRzqNaBuTd/view__;!!Gqic7nUINw!20-0vbvnYPFYMKDRtxmweSLb4g8z8x7ux_uupaPOkqQ4VyancuJ34HViWJscNt2OqxI$>
My Notes from the meeting:
-A series of different nodes that need to be protected on a network.
-We will remotely connect to each device/server
-Availability must be maintained for services on a node
-scorebot checks services every minute (service is down= incorrect submission,
lose points and accuracy)
-blocking red team and scorebot IP's may = DQ
-Don't stand up Dummy services
-may install any services if service is still available
-Working on synchronized terminals (bottlenecks if working on the same Kali box)
-familiarize with 5 target machines (apache, node.js, ftp, sql, redis)
-ssh (hostname) to access the target machine
-all vulnerabilities can be remediated
-log analysis highly valuable skill for the challenge
-all terminal sessions will be logged
-Default Machine used _Kali2021.1 default meta package
-We can restart servers
-There will be backdoors on the servers (exploits and backdoors can be removed)
Theory Crafting (ProfC)
-Might be worth looking at these machines/services to update. review of
apt-get and yum.
-so change the root passwords and passwords for the services. :-)
But not the service checking accounts
-Definitely strong and different passwords for each account/service
-So maybe a google shared notes sheet ahead of time to share info??
-Maybe even lock accounts that are not necessary, but being careful to not lock
an account that is required for a service.
-So maybe be ready to download packages and SCP over to the systems as required.
-Maybe also lock down ports except for default ports
-Definitely need to patch the services asap.
-Recommendation - have log analysis packages at the ready for each of the
services. SCP over to the machines and install at the beginning.
-Would take a look at / have cheat sheets ready for ufw
Please don't forget the Finals Schedule is as follows:
Below is the preliminary schedule for the Finals on Saturday, May 22nd, 2021.
11am Start Orientation, approximately 30 minutes
Break until Noon Please use bathroom, grab water / juice / soda, eat, grab
snacks
12pm to 4pm Finals Challenge – please plan for an extra 45 minutes, just in
case.
4pm to 5pm Break to finalize scores and set-up virtual Awards Ceremony
Order Dinner using your gift card
5pm to 6pm Awards Ceremony
Go Spartans!
________________________________
Caution This email originated from outside MiraCosta College. Ensure you trust
the authenticity of this sender before clicking links or attachments.
