CNT5605 - 2012 Fall
Group Assignment 9
No Journals Due

Assignment: Security Preparation Assignment

Objective: Your objectives are to prepare your machines to defend from root compromise.

The first thing that I would recommend is updating your machines. Zero-day exploits have been used before, though it's not your primary concern. After that, I would do an "exterior" scan of both your active servers to find out what services are available.

Past those two, it would probably be a good idea to try some penetration testing. Metasploit, w3af, and openvas are all possibilities. It's probably best to build a separate virtual machine for your penetration testing — Backtrack has been a popular choice for people trying to do penetration testing. Another possibility is SIFT, although you have to register to get a copy.

A warning: the most successful techniques have always been based on social engineering. The single most successful social engineering technique has been spear phishing.

Rules on Defense

You may turn off all outward facing services except those we use in class. Once we have enabled a service, however, you should leave it running for the semester unless I ask you to turn it off.

You must leave your real machines up and running, and able to connect to the Internet. Your VirtualBox CentOS server must also remain up and available. Both of these will be checked in class next Tuesday, and continuous checks will go on throughout the rest of the semester.

No journal is due for this assignment. I will give you 1 point on your final grade for each successful flag retrieved up to a 3 point maximum.

I will deduct 1 point from your final grade each time you have a flag captured, up to a 5 point maximum.

Flags may be captured until 3:00pm on Friday, December 14. Both of your machines must stay up until that time.