Home > Articles > Cisco Network Technology > General Networking > A Student-Hacker Showdown at the Collegiate Cyber Defense Competition

A Student-Hacker Showdown at the Collegiate Cyber Defense Competition

Article Description

Students faced off against experienced hackers at the Mid-Atlantic Regional Collegiate Cyber Defense Competition. The students' goal: lock down unfamiliar systems and secure their networks. The hackers' goal: to own the students' networks and steal important data. Seth Fogie witnessed this real-world competition and reports on its unexpected twists, turns, and even drama.

Like this article? We recommend

Intrusion Prevention Fundamentals

Intrusion Prevention Fundamentals

$51.99 (Save 20%)

The Details

There are several different groups involved with the games. Each has a function, and a tag. The white cell is there to keep the games running smoothly. Gold members are the judges and professors who basically monitored the games from afar. The red cell was there to attack, and finally, the law enforcement was there to arrest the hackers.

The Scoring

At the beginning of the game, everyone starts with zero points. If the team can keep all the services open, and a selection of 'target' files available, they keep that zero. However, if a team suffers from a loss of confidentiality, integrity, or availability in any other way, they start collecting points — sometimes quite rapidly. Figure 1 is a shot of the scorebot system, and backend components of the network.

Figure 1

Figure 1: Scorebot system

The Feds

One particular aspect of this game that added significant value was the inclusion of a reporting process to the authorities. On hand was a real US Secret Service agent who deals with computer-related crimes on a regular basis. His job in the game was to show up on scene when a student team detected an attack. If the incident report was filled out correctly (see a real incident report from USSS web site: http://www.secretservice.gov/forms/form_ssf4017.pdf), the team would get points taken away from their growing score. This aspect to the game was actually one of the most valuable as one who has had to deal with the authorities before. Not only will this experience give each of the students something to look back on if they ever have to deal with the government for real, but they also now have someone they can talk to if something does arise.

The Network Layout

The network was separated into seven different subnets. Five were split up between the teams, one was used for scoring systems, and the final was for the Red Team. At the edge of each of the student's networks was a router and firewall, which were off limits until the second day and third days, respectively. Finally, each school had four servers in a DMZ that were connected to the firewall, each with a 'public' IP and a specific purpose. In addition to this, they had two workstations that were in the protected area of the network that were used for syslogging and other functions. The following breaks down the initial system setup — try not to grimace.

  • Alpha1 – Windows 2003 Server running IIS 6.0 (HTTP/HTTPS), MYSQL and OSCommerce (with PHP support).
  • Alpha2 – Fedora Core 4.0 with VSFTPD and DNS (BIND)
  • Alpha3 – Fedora Core 3.0 with SSH
  • Alpha4 – Windows 2000 Server with IIS5.0, MYSQL, Telnet, SMTP/POP, and DNS (Secondary) running an HR database.

Each system and program was of an unknown patch state/version. In addition, there was a network IP camera thrown in for grins and giggles. Welcome to most small IT shops where money is tight and time is valuable. Figure 2 provides a look at an unmanned pod. Note the four monitors that are connected to the stack via KVM.

Figure 2

Figure 2: Unmanned pod

Business Objectives

To make the games a bit more realistic, each team would receive various business objectives that would have to be completed in due course, or they would lose points. This could be something as simple as add an email account or even install PGP. The details of the objective were up to those running the games.