[olug] Cyber Defense Competition @ IWCC

Rob Townley rob.townley at gmail.com
Wed Mar 30 19:19:34 CDT 2016


ssh daemon left with PermitRootLogin and passwords allowed instead of ssh
keys only.  This is usually the default until the system is setup.



On Mar 30, 2016 6:56 PM, "Jared Bernard" <jared.bernard at gmail.com> wrote:

> @Joseph.gulizia -  IoT is a good idea but may be beyond our students and
> needs to be supported by Esxi for this year's event. However, definitely a
> possibility for future events.
>
> @rob.townley - I'll take a look at Trixbox.
>
> Most likely the network will consist of 2 Linux boxes, 1 Windows Server
> with AD and 3 or 4 Windows client machines.
>
>
>
> On Wed, Mar 30, 2016 at 5:28 PM Rob Townley <rob.townley at gmail.com> wrote:
>
> > Versions of TrixBox that shared entire / filesystem in RW mode for
> guests.
> >
> > On Mar 30, 2016 4:40 PM, "Craig Wolf" <wolfout101 at gmail.com> wrote:
> >
> > > Heck, just install a Windows 7 box and let them have at it.  8)
> > >
> > > Craig Wolf
> > > (402)990-3010
> > >
> > > Strengths: Activator, Relator, Adaptability, Learner, Achiever
> > >
> > > On Wed, Mar 30, 2016 at 3:12 PM, Kevin <sharpestmarble at gmail.com>
> wrote:
> > >
> > > > I know you mentioned applications, configurations, or scenarios. Did
> > you
> > > > think of IoT devices?
> > > >
> > > > On Wed, Mar 30, 2016 at 1:33 PM, Joseph Gulizia <
> > > joseph.gulizia at gmail.com>
> > > > wrote:
> > > >
> > > > > Sounds interesting.  I'll know more after Friday so I can plan to
> be
> > > off
> > > > > and attend.
> > > > >
> > > > > On Wed, Mar 30, 2016 at 12:48 PM, Jared Bernard <
> > > jared.bernard at gmail.com
> > > > >
> > > > > wrote:
> > > > >
> > > > > > I'm an instructor at Iowa Western and we are preparing for our
> > annual
> > > > > cyber
> > > > > > defense competition. We are looking for suggestions of
> > applications,
> > > > > > configurations or scenarios that are exploitable which our
> students
> > > > will
> > > > > > have to secure and harden in the competition. In the past we've
> had
> > > > older
> > > > > > versions of Debian running an outdated version of Apache, php,
> > vsftp,
> > > > > > poorly developed webpage, some type of outdated wiki, unnecessary
> > > > > services
> > > > > > with default configs, CMS or custom scripts.
> > > > > >
> > > > > > Any other suggestions or modifications of what we tried in the
> > past?
> > > > > >
> > > > > > Also, If anyone is interested, we have some openings on the red
> > team
> > > to
> > > > > > anyone who might be interested in hacking and taking advantage
> the
> > > > > exploits
> > > > > > on our student's network. Competition is April 29, free meal,
> > snacks
> > > > and
> > > > > > beverages. Should be lots of fun.
> > > > > >
> > > > > > Thanks,
> > > > > > Jared Bernard
> > > > > > _______________________________________________
> > > > > > OLUG mailing list
> > > > > > OLUG at olug.org
> > > > > > https://lists.olug.org/mailman/listinfo/olug
> > > > > >
> > > > > _______________________________________________
> > > > > OLUG mailing list
> > > > > OLUG at olug.org
> > > > > https://lists.olug.org/mailman/listinfo/olug
> > > > >
> > > > _______________________________________________
> > > > OLUG mailing list
> > > > OLUG at olug.org
> > > > https://lists.olug.org/mailman/listinfo/olug
> > > >
> > > _______________________________________________
> > > OLUG mailing list
> > > OLUG at olug.org
> > > https://lists.olug.org/mailman/listinfo/olug
> > >
> > _______________________________________________
> > OLUG mailing list
> > OLUG at olug.org
> > https://lists.olug.org/mailman/listinfo/olug
> >
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>


More information about the OLUG mailing list