THE SAN DIEGO MAYORS CYBER CUP (SDMCC) ORIENTATION 10 NOVEMBER 2015
AGENDA Welcome & Introductions Overview/key dates Team Registration Overview of CyberNEXS Key changes Rules & Scoring Registering the team for scoring during challenge Connectivity Requirements Coaches & Mentors Coordination Training
OVERVIEW & KEY DATES September - December 2015 - Mentor Assignments and Training Week of January 4, 2016 - Coach/Mentor Information Sessions via WebEx January 19-22 2016, 8am-6pm - Practice Round I February 8-11, 2016, 8am-6pm - Practice Round II February 26-27, 2016, 8am-6pm - Qualification Round I March 4-5, 2016, 8am-6pm - Qualification Round II April 2, 2016 - Finals Round 10am-5pm at UCSD Super Computer Center Reception and Awards Banquet, 5:30pm-8pm
COACH & MENTORS Coach = affiliation with school /organization Responsible for student management Mentor = industry cyber/it expert Knowledge transfer 2+ hours weekly with students * average time
TEAM REGISTRATION To register your team or sign up as mentor Register team: chardin@securingourecity.org Send Coach s name, school/organization, number of teams, mentor/request Sign up as mentor: csimpson@nu.edu Requirements 5-8 students per team Unlimited teams per school/organization Superset of multiple teams for Finals is allowed (max of 8 students) Qualification Rounds I & II REQUIRED to participate
CYBERNEXS LEIDOS
EVOLVING CYBERNEXS SYSTEM (FINALS) All system upgrades will be experienced during the Finals Rounds for SDMC Players will no longer have to learn how to use third party applications to access the VMs in the environment! (PuTTY, Remote Desktop) They will be able to click on a link on the main CyberNEXS console page and access the VMs directly through the browser
EVOLVING CYBERNEXS SYSTEM (FINALS) Users will be able to access the Virtual Machines directly from a browser
EVOLVING CYBERNEXS SYSTEM (FINALS)
EVOLVING CYBERNEXS SYSTEM (FINALS)
DOWNLOADING VMS (PRACTICE & QUALIFICATION ROUNDS ONLY) All Virtual Machines and documents available at the below link: https://www.leidos.com/cybersecurity/training/cybernexs/ cybernexsevents/cybernexsdownload
DOWNLOADING VMS (PRACTICE & QUALIFICATION ROUNDS ONLY) VM downloads will be available 1 or 2 days prior to the competition start windows VM zip files will be locked with a password Passwords will not be provided until 15 minutes prior to the start of each challenge window
HARDWARE REQUIREMENTS Windows 7 Preferred, Windows 8 and 10 Not tested, theoretically should work 1 GHz Intel compatible processor (AMD processors are not recommended) 2 GB RAM 10 GB of free disk space Keyboard & Mouse 1024x768 or higher display (Optional) It is recommended to use a projector or large display to share the screen output with the rest of the team, but not required Network connection from computer(s) to Internet
SOFTWARE REQUIREMENTS Operating System (Windows 2000 or newer, recent VMware supported Linux, or Macintosh 10.4.11 or later); Web Browser; SSH Client; VPN Client; and, VMware Player.
INTERNET REQUIREMENTS Minimum of 256kb uplink/downlink; and, Network firewalls and/or Web Proxies should permit unfiltered TCP port 80 out-bound from your network from each of the computer(s) involved in the competition to the LEIDOS CyberNEXS server.
GOALS Removing vulnerabilities and hardening systems; Maintenance of critical services Length of maintaining system health Thwarting and removing hacker activities Decoding, decrypting and file carving forensic challenges
SCORING Scores are calculated once per scoring cycle based on the previous criteria Scoring cycles are typically between 2 to 5 minutes Cumulative scores are totaled throughout the competition The final winner is determined by the ratio of cumulative points earned versus the total points possible for that team. Tickets submitted by each team change the points possible
SCORING CALCULATIONS Windows Protection 40% Windows Vulnerabilities 17.5% Windows Critical Services 12.5% Windows System Health (length of maintaining each healthy system) 10% Linux Protection 40% Linux Vulnerabilities 17.5% Linux Critical Services 12.5% Linux System Health (length of maintaining each healthy system) 10% Forensics 20%
TROUBLESHOOTING If your team needs a target rebooted, fill out a trouble ticket Online Trouble Ticket System Paper Ticket Notify the Green Team (They have paper tickets) Include the following: System Name The word REBOOT in the text of the ticket If you determine the reboot did not work, you may reset the system back to its initial pre-game state. Fill out a trouble ticket. Include the following: System Name The word REVERT in the text of the ticket
RULES Overarching Goal: Maintain integrity of the game Limited resources Laptop (Must use provided equipment for Finals) Cannot bring your own equipment to the Finals Do use your own computers for Practice & Qualification Rounds No other electronic equipment, phones, or media allowed Printed material, notepads, pens, pencils are all allowed!
RULES Firewall Rules You may not use firewall rules to block any access from other systems on the subnet If pings, port scans, etc. are blocked, the target will be reverted by the White Team Some service packs of systems you will gain control of, will automatically enable the firewall. BEFORE rebooting the system to take control, you must ensure the firewall is DISABLED
RULES The following accounts must not be touched/disabled/modified in any way for any challenge: CyberNEXSAdmin CngClient CyberNEXSClient
RULES DO NOT block your access method to the hosts! The systems are connected to via SSH and RDP, if you block this access then you can t login to your own hosts. Some service packs will enable firewalls for you, so check BEFORE you reboot. DO NOT disable or stop any of the following services. All are required for network connectivity: Netbios TCP/IP NetBIOS Helper (LmHosts) Terminal Services (TermService) DNS Client (Dnscache)
SCORING REGISTRATION Only the Team Captain Registers a Team Create a Login Account with the CyberNEXS server Registration IP will be provided. Select Login Registrations
TEAM REGISTRATION When you register your account, enter the your team name in all the fields except the PASSWORD field. Choose a password to use for the duration of the round
COACHES & MENTORS
DISCUSSION PLAN Competition Goals Team Coordination Tips for helping your team BaseCamp Collaboration tool Ethics and Safety`-
WORKING WITH YOUR TEAM Time commitment Weekly meetings Email support Identify team skill sets Many students only need a link and a little guidance
COACH AND MENTOR COORDINATION Establish a schedule Consider virtual tools like WebEx etc. Things happen and schedules change School requirements Some schools may require a background check
FOCUS Follow best practices Build good checklists Scripting
TOOLS NSA Website High School Course Material SANS Linux Security Checklists and Cheatsheets
MENTOR AND COACH COLLABORATION SITE Provide a mechanism to share useful technical information between teams Help coordinate events Answer questions
https://basecamp.com/
ETHICS AND SAFETY Responsible use of computing resources Mention the use of some tools can be used for good and bad Ramifications of being caught Sony DOS attack example
TRAINING PLAN Weekly training sessions via GoToTraining Recorded Need volunteers to help build lessons
TRAINING SESSIONS Session 1 Intro to the Competition Session 8 Linux Security Session 2 Intro to the CyberNEXS System Session 9 Advanced Windows Session 3 Organizing your team Session 10 Using Remote Systems Session 4 Computer and Network basics Session 11 Advanced Linux Session 5 Cyber Security Fundamentals Session 12 Encryption Session 6 Basic Windows Security Session 13 Incident Response Session 7 Intro to Linux Session 14 Advanced Defense
FREE PLAY PRACTICE SESSION COACHES & MENTORS ONLY 17-22 November 2015; 0800-1800 REGISTRATION REQUIRED: cybernexs@leidos.com Send first & last name and school/youth organization affiliation to the email above If no current school affiliation (i.e. new mentor) enter SOEC Tech support Tues Thurs. 0800 1600 ONLY; Limited on Friday - Sunday Password & Login info sent after registered
QUESTIONS? Craig Hardin chardin@securingourecity.org Chris Simpson csimpson@nu.edu Joe Pistone jpistone@ucsd.edu Leidos tech support team cybernexs@leidos.com