Presentation is loading. Please wait.

Presentation is loading. Please wait.

Game Mark Shtern.

Published byHarald Berg Modified over 5 years ago

Similar presentations

Presentation on theme: "Game Mark Shtern."— Presentation transcript:

1 Game Mark Shtern

2 Game Objectives Secure your infrastructure using IDS, application firewalls, or honeypots Plant your flag on opponent’s machine Prevent intruders from planting their flag Remove your opponents’ flag Identify intrusions Discover your opponents’ password hashes and brute force them The flag is signed file. Students cannot recreate flag.

3 Game Rules You are not allowed to configure any network firewalls (yours or an opponent’s) You are not allowed to configure intrusion prevention You are allowed to kill any process that belongs to an intruder You are allowed to change your opponent’s passwords

4 Scoring Plant/Find Backdoor 5 Plant a flag 20 Catch intrusion 10
Change an opponent’s password 10 Take ownership of an opponent’s complete infrastructure 40 Lose control of a Windows workstation -5 Lose control of a Linux workstation -10 Lose control of a DC -20

5 PROJECT PENETRATION TESTING
Mark Shtern

6 Project penetration testing
Project presentation (12 minutes) on Monday, April 1 6 question for presenter Review other projects’ design Find security design flaws and vulnerabilities in other projects Post discovered flaws on the course forum Confirm / deny posted flaws of your project

7 Scoring QA phase Presentation -10 (10) Discover vulnerability 5 (-5)
Discover vulnerability and exploit it 10 (-10) Discover design flaws 20 (-20) Deny posted flaws 10 (-10) Unanswered post -5 (5) Presentation Discover security problem in Q&A session 10 (-10) Unanswered/Unprepared/Irrelevant questions -10 (10)

Download ppt "Game Mark Shtern."

Similar presentations

Vulnerability Analysis. Formal verification Formally (mathematically) prove certain characteristics Proves the absence of flaws in a program or design.

Vulnerability Analysis. Formal verification Formally (mathematically) prove certain characteristics Proves the absence of flaws in a program or design.
Hacking Techniques & Intrusion Detection Ali Al-Shemery arabnix [at] gmail.

Hacking Techniques & Intrusion Detection Ali Al-Shemery arabnix [at] gmail.
Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.
Network Security and its Impact on Network Continuity.

Network Security and its Impact on Network Continuity.
Web Server Administration TEC 236 Securing the Web Environment.

Web Server Administration TEC 236 Securing the Web Environment.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Practical Training of Information Security Masahito Gotaishi, R & D Initiative, Chuo Universty.

Practical Training of Information Security Masahito Gotaishi, R & D Initiative, Chuo Universty.
Rochester Institute of Technology Secure IT 2007 Security Auditing Course Development Rochester Institute of Technology Yin Pan

Rochester Institute of Technology Secure IT 2007 Security Auditing Course Development Rochester Institute of Technology Yin Pan
Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.

Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.
Profile-Based Web Intrusion Prevention System by Donovan Thorpe CS526 Fall 2002.

Profile-Based Web Intrusion Prevention System by Donovan Thorpe CS526 Fall 2002.
TCP/IP Networking 09/10 Lab Exercises RULES OF THE GAME.

TCP/IP Networking 09/10 Lab Exercises RULES OF THE GAME.
T RIP W IRE Karthik Mohanasundaram Wright State University.

T RIP W IRE Karthik Mohanasundaram Wright State University.
LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Introduction to InfoSec – Recitation 15 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Introduction to InfoSec – Recitation 15 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Part 2- An IT Auditing Framework

Part 2- An IT Auditing Framework
Brad Baker CS526 May 7 th, 2008 5/7/2008 1. 1. Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.

Brad Baker CS526 May 7 th, /7/ Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.
Web Server Administration Chapter 10 Securing the Web Environment.

Web Server Administration Chapter 10 Securing the Web Environment.
CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.

CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.

Similar presentations

Ads by Google