Email from Chris Lee* to Team
Captains - 11/14/2006 [updated 4/2/16 by JAC]
Every team will be given a removable hard drive (for the
Klaus 2446 computers) and a installation DVD.
Once the hard drive is initialized, every software change
should be documented as to the reason. In other words, do
not do a wholesale update.
If the team is given the source code for an application, and
a vulnerability is found, the source code may be modified
and the application recompiled (if necessary).
Teams should use the T-square site for all team-wide
communication, "NetSecLab - Team n" where "n" in the team
number. Look under "Email Archives" to find the
team-wide email address, and use it for team email. Use the
"Blog" for transferring information (notes), the "Resources"
for up- and down-loading files, and "Chat" for real-time
online meetings.
-----
Now that we have teams designated, it's time to start.
First, you are graded on your reports at the end of the exercise. Your competition score is posted but has only a small influence on your grade, if you participate (as shown by contributions to the Team Web site). Non-partipation may reduce your final grade by up to 2% (20% of your HW grade, exceptions ).
An A+ report includes:
- a good list of security tools and a very brief discussion about them;
- a discussion on how you evaluated your security and then mitigated your risks (usually in a time-line fashion, so keep records);
- a discussion on the stages of attacking, including the preparation (preparing scripts and finding exploits to run);
- links to sources of information and exploits;
- and something interesting (usually a defense or confusion technique) that I've likely never seen before (there's lots out there and you could easily dream up stuff).
- examples include, planting call-home programs on victim machines, using the victim machines to forge traffic, creating a limited home shell environment
Grammar and spelling are not critical (although appreciated). The reports are graded on content.
Second, your primary job as
captains is to interface between the TA (Yi-chi Shao),
professor and your team. Gong Chen and Hamza Aharcheou will
be acting as Advisors for the exercise. Trust no one else.
- Questions about the lab should be emailed to me, or posted on the Team blog (which I will check regularly).
- I highly welcome questions, ranging from naive to complex questions about security technology and the lab rules.
- The hard drives will be issued to and returned by the captains.
- We'll need to securely exchange
the "customer" account password. A "customer" must be able
to access Telnet and FTP services at all times, as well as
MulticastZoo.
- If you have issues with your teammates, come to me, sooner rather than later. Most conflicts are just misunderstandings or ambiguity about responsibilities.
To help you get started with your team, here's a list of high-level responsibilities.
- Install OS (self-booting Linux install CDROM's will be distributed).
- Research hardening (securing) the default install
- Research vulnerabilities
- remote
- local
- network
- Forming attack plans (time is tight, try to maximize your attack by preparing scripts to run them ahead of time)
- Writing together the report. The
Team Leader will assign responsibilities.
My advice, which should only be followed if you think it applies to your team,
- Try try to get everyone involved in all aspects, but have someone a tad more focused on it than the others.
- Use interesting ways to compile
information other than emails. Use the T-square team
site which has a group email archive, wiki, blog, ... .
- Listen. Be patient with people. You're relationship to your teammates is likely more important than achieving the highest score.
- Look for creative solutions to logistical and technological problems.
Chris Lee (edited by John Copeland,
April 2016)
* Chris Lee finished his PhD in December 2008. He was
instrumental in developing this exercise from the time he
took the course in 2003 through the 2008 exercise.
Thanks are also due to Selcuk Uluagac, Raheem Beyah, Kevin
Fairbanks, George Macon, Gong Chen and other former 6612
students who aided the development and implementation.