Re: Getting started with CTF?

You may find this useful for ideas.

Re: Getting started with CTF?

Thanks, this will keep me busy for awhile.

Although pardon me for saying, this seems awfully big. I just want to start small since the chair would like to see something that can be easily implemented. Then again, I'm just nitpicking here.

Re: Getting started with CTF?

It is big. And probably far beyond what any one person could set up, but I figured it could at least give you some ideas.

Re: Getting started with CTF?

Actually, this is really helpful. Since the document has some tools and startup problems, I think I can just make a simple isolated network and implement it.

I'm going to try making a simple paper and put this one as a reference to my chair.

I was geared more towards the competition side of network security training since I bet our college don't have any budget for a network security lab right now. But from the looks of it, I think the core is similar? Someone could correct me on that.

Re: Getting started with CTF?

Sorry for double posting, but I've presented my abstract to the computer science chair and I've got the green light for a proposal!

After reading some documents, especially the one from theprez98, thanks a lot btw , I've formulated some ideas for a small network security excercise, a.k.a. CTF for my college.

So far, I've come up with these:

1. Network topology
The network will consists of a single server (Apache 2.2.14) and wired through a multiplexer to 6 client machines. This network will be completely isolated from the school network to avoid compromise.

2. Client
Each cilent machine will be pre-installed with Sun OS and equipped with multiple attack, defense, and analytical tools. All client machines are identical to ensure a level playing field among the teams.

3. Tools
So far, I've come up with these:

Attack:
- Brute force password breaker
- Packet sniffer

Defense
- Intrusion detector (Snort)

Analytical
- Dissasembler (IDA free or radare)

4. How to play
Each team will be required to attend 3-4 briefing/class, @50 min, to learn about each and every tools. Some sample problems will be presented and solved.

The server will contain multiple exploitable services. A certain file or "key" will be awarded for a successful breach. The breaching team will then call the attention of a jury to confirm their achievement.

Each key starts out with 6 points. The first team to get it will be awarded 6 points, the second will be awarded 5 points, the last team will only get 1 point.

So far, that's what I've come up with. However, I do need some opinion on these matter:

1. Any comments on the network topology?
2. Do you think I need VM for each clients?
3. Do you have any ideas on tools?
(for attack tools, don't post the name. Just give me a general context such as "keylogger" and I'll look for it myself)

If you have any other comments, feel free to post it. I hope I'm not breaking any rules by asking about tools. I'm still learning about this CTF thing, so I'm bound to make mistakes. Any comments will be well appreciated.

Thanks

Re: Getting started with CTF?

Agent X, myself and several others in our area recently helped a local team prepare for the 2010 Northeast Collegiate Cyber Defense Competition (NECCDC). You might want to look at the site and get some ideas. Particularly the documents below. They give a lot of detail on how it operates.
2010 NECCDC TOPOLOGY
2010 NECCDC TEAM PACKET