guides:lockdown

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
guides:lockdown [2018/11/23 20:01]
amf42 [White]
guides:lockdown [2021/04/30 04:01] (current)
sjames5 specify ports for site-to-site VPN
Line 1: Line 1:
 ====== Lockdown ====== ====== Lockdown ======
  
 +Lockdown is a student-run Cybersecurity competition targeted for beginner Cybersecurity students. Students who attend Lockdown will leave after experiencing an active breach within a small corporate environment. They will also learn their strengths and weaknesses working with a team. Students should leave feeling accomplished but also with a drive to learn more!
  
 ===== Description ===== ===== Description =====
-What makes us different 
  
-Beginner comp+Lockdown is similar to Regional CCDC, except shorter and should be looked at as a stepping stone to CCDC. We offer a 1-day 7 hour competition with a mock corporate network that contains user infrastructure,​ cloud machines and general services to operate a company. Your job is to run the network and company during an active intrusion. ​
  
-Run by students ​+This competition is completely ran and developed ​by students, usually compromising of 10-12 developers of the competition,​ usually putting in 30-40 hours each. Totaling roughly 400 hours of time. 
  
 **This is closer to a "real world" project. ​ Not a school project.** ​ **This is closer to a "real world" project. ​ Not a school project.** ​
Line 15: Line 15:
  
 There will be times there are not enough students for each role. Students will need to wear multiple "​hats"​ in order to do Lockdown. ​ People with multiple roles will need to know the scope of each role. This is to help with biased decisions when there is a conflict in roles. There will be times there are not enough students for each role. Students will need to wear multiple "​hats"​ in order to do Lockdown. ​ People with multiple roles will need to know the scope of each role. This is to help with biased decisions when there is a conflict in roles.
 +
 ===== Gold ===== ===== Gold =====
 Project Manager of Lockdown. Do not put someone here who does not have a good work ethic. ​ This person has a holistic view of the competition from start (e.g. planning, role assignments,​ etc.) to finish (e.g. competition debrief, clean up, etc.). Project Manager of Lockdown. Do not put someone here who does not have a good work ethic. ​ This person has a holistic view of the competition from start (e.g. planning, role assignments,​ etc.) to finish (e.g. competition debrief, clean up, etc.).
Line 26: Line 27:
 Lagging indicator: How much were you running around during the competition?​ Lagging indicator: How much were you running around during the competition?​
  
 +
 +----
  
  
-Old Roles and Responsibilities (Need to be improved and expanded on)+Roles and Responsibilities (Not every single one of these tasks will //​always// ​be applicable. But it is important to have a definition of all possible tasks to make sure you are oriented for success.)
  
   * Gold Team Leader   * Gold Team Leader
Line 34: Line 37:
       * “CEO/​CISO”       * “CEO/​CISO”
       * Reports to Advisers       * Reports to Advisers
-  * Management students recommended here +  * Management students recommended here, needs strong project management and people management skills 
-  * Administration+  * Making sure interest Form goes out to past schools and Blue Teams 
 +  * Inventory 
 +      *  Registered Schools 
 +      * Lockdown Organizers 
 +  * Administration!
   * Planning/​Logistics   * Planning/​Logistics
 +      * Responsible for making a Google Calendar of dates and holding everyone accountable to those dates
 +      * Post competition dates and invitation to competition debrief in Town Square channel
 +      * Post team leads and invitation to volunteer in Town Square channel
   * UB Policies (Newspaper, room assignments)   * UB Policies (Newspaper, room assignments)
-  ​* Inviting ​partners ​and schools+      * Responsible for making sure we treat and competitors treat UB property with respect  
 +  ​* Inviting ​Partners ​and Schools
   * Project Management   * Project Management
 +      * Tasks, due dates, assignees, quality
   * Sponsors   * Sponsors
 +      * Responsible for getting sponsors and deliverable they are owed   
   * Size of 1 - 3 people   * Size of 1 - 3 people
 +
  
 ===== Black ===== ===== Black =====
Line 48: Line 62:
 Why? Why?
  
-Everyone needs to be familiar with the infrastructure of the competition,​ at the very least blue team infrastructures. Not knowing the infrastructure causes issues during the competition (e.g. White team members now have to ask black team lead about how something works, Red team doesn'​t know what to target and not to target, ​black team is bogged down with simple questions)+Everyone needs to be familiar with the infrastructure of the competition,​ at the very least Blue Team infrastructures. Not knowing the infrastructure causes issues during the competition (e.g. White Team members now have to ask Black Team lead about how something works, Red Team doesn'​t know what to target and not to target, ​Black Team is bogged down with simple questions) 
 + 
 + 
 +**Everyone needs to know at a base level the machines and what services are on them and if they are cloud or not. No excuses.** ​
  
  
-Old Roles and Responsibilities (Need to be improved and expanded on)+Roles and Responsibilities (Not every single one of these tasks will //​always// ​be applicable. But it is important to have a definition of all possible tasks to make sure you are oriented for success.)
  
   * Black Team Leader   * Black Team Leader
       * Reports to Gold Team Leader       * Reports to Gold Team Leader
-      * In charge of black team responsibilities+      * In charge of Black Team responsibilities ​and acting as a project manager for Black Team with Gold Team
   * Charge of the Network Infrastructure   * Charge of the Network Infrastructure
-      * Assigning tasks to black team members+      * Assigning tasks to Black Team members
       * Reports to Gold Team Leader       * Reports to Gold Team Leader
-      * CSE students recommended here +      * CSE students recommended here! 
-  * Vsphere+  * vSphere
       * Network Infrastructure       * Network Infrastructure
   * Topology, IP schema   * Topology, IP schema
Line 66: Line 83:
   * Development   * Development
   * Operating Systems   * Operating Systems
-  * Creation of VMs+  * Creation of VMs Templates
   * Snapshots   * Snapshots
   * Documentation   * Documentation
 +      * Make sure existing documentation is updated to current standards and operations
   * Development   * Development
   * Templates   * Templates
-  ​* Documentation is key factor+      * Follow the template standard  
 +  ​* Documentation is Key Factor
   * Services   * Services
   * Configuration   * Configuration
Line 77: Line 96:
   * Testing   * Testing
   * PCAP of Competition   * PCAP of Competition
-  ​* Clone teams from templates +      * Not always necessary 
-  * Change ​settings ​of services ​and IPs +  ​* Clone Teams from Templates 
-  * Testing ​(might need everyone)+  * Change ​Settings ​of Services ​and IPs 
 +  * Testing 
 +      * Passwords on White Team password sheet 
 +      * Laptops in the rooms with exception account  
  
 ===== Red ===== ===== Red =====
 +
 Create what's in scope and not in scope document and share with white team.  White team will have an easier time to know what red team will and will not be doing (e.g. Not changing passwords, not deleting user accounts, etc.) Create what's in scope and not in scope document and share with white team.  White team will have an easier time to know what red team will and will not be doing (e.g. Not changing passwords, not deleting user accounts, etc.)
 +
 +Currently, we partner with RIT students to do Red Team. Red Team Leader needs to coordinate with RIT's point of contact to discuss strategy and timeline of the competition. ​
  
  
-Old Roles and Responsibilities (Need to be improved and expanded on)+Roles and Responsibilities (Not every single one of these tasks will //​always// ​be applicable. But it is important to have a definition of all possible tasks to make sure you are oriented for success.)
  
   * Red Team Leader   * Red Team Leader
Line 104: Line 130:
   * Kali Linux   * Kali Linux
   * Team server   * Team server
 +
  
 ===== White ===== ===== White =====
-The "​managers"​ of the blue team.  White Team's main responsibility is to make sure that blue team participants are having a decent time (within reason), and learning. Indicators used during the past:+ 
 +The "​managers"​ of the Blue Team.  White Team's main responsibility is to make sure that Blue Team participants are having a decent time (within reason), and learning. Indicators used during the past:
  
  
 **Education:​ The competition will be an educational tool to teach students about building systems and services, hardening, using tools, team dynamics, etc by the end of the competition. **Education:​ The competition will be an educational tool to teach students about building systems and services, hardening, using tools, team dynamics, etc by the end of the competition.
 ** **
 +
 Leading Indicators: Setting up a proper system for educational;​ Red Team’s attack plan; technical difficulties ​ Leading Indicators: Setting up a proper system for educational;​ Red Team’s attack plan; technical difficulties ​
  
Line 117: Line 146:
  
  
-**Competitive:​ No team or competitor has given up due to the lack of ability to continue caused by technical problems, ​red team, and/or lack of valiance for the duration of the competition.** ​+**Competitive:​ No team or competitor has given up due to the lack of ability to continue caused by technical problems, ​Red Team, and/or lack of valiance for the duration of the competition.** ​
  
-Leading Indicators: ​technical ​difficulties; ​read team’s attack plan; why winning is important+Leading Indicators: ​Technical ​difficulties; ​Red Team’s attack plan; why winning is important
  
 Lagging indicator: One competitor gave up Lagging indicator: One competitor gave up
Line 132: Line 161:
  
  
-Old Roles and Responsibilities (Need to be improved and expanded on)+ 
 +---- 
 + 
 + 
 +Roles and Responsibilities (Not every single one of these tasks will //​always// ​be applicable. But it is important to have a definition of all possible tasks to make sure you are oriented for success.) 
  
   * White Team Leader   * White Team Leader
Line 166: Line 200:
   * Competition Survey   * Competition Survey
   * Design, development,​ implementation,​ execution, reports ​   * Design, development,​ implementation,​ execution, reports ​
 +
  
 ===== Blue ===== ===== Blue =====
  
 +The Blue Team are the competitors. They are responsible for having fun and following the rules.
 +
 +====== Tasks ======
 +
 +Who owe's who what? Most of these tasks are within the relevant teams sections. However there is a concise running list below.
 +
 +Red Team
 +    * Schedule of Attacks
 +    * Iterate to everyone that Red Team will NOT touch competitor accounts, change their password or names
 +    * Red Team will NOT break DNS, will not stop access from competitors,​ they should always be able to SSH and RDP into machines
 +    * Make sure implants will NOT break machines
 +    * Setup Site 2 Site
 +    * Manage the VPN through Gretzky
 +
 +
 +Gold Team
 +    * Google Calendar schedule
 +      * This will contain tasks and due dates, no need to manage the little stuff, but rather the bigger deadlines
 +    * Make master list of competitors
 +      * Who signed the CoC? Who signed the photo release?
 +      * Reach out to sponsors
 +      * Setup meeting time
 +
 +
 +White Team
 +    * Stuff
 +
 +Black Team
 +    * Stuff
  
-====== Phases ====== 
  
 ===== Planning ===== ===== Planning =====
 +
 "​Success doesn'​t just happen. It's planned for." "​Success doesn'​t just happen. It's planned for."
  
Line 179: Line 243:
 "A goal without a plan is just a wish." "A goal without a plan is just a wish."
  
-This is the most important phase. ​ Everything needs to be sorted out here.+^ Lame quotes by Aaron! Ha! 
 + 
 +**This is the most important phase. Everything needs to be sorted out here.** 
 + 
 +The goal here is to decide all of this in a meeting with the leaders of Lockdown
  
 Due Dates Due Dates
Line 191: Line 259:
 Leader Designations Leader Designations
  
-Participants to be invited ​+Participants to be Invited ​
  
 Goals  Goals 
Line 208: Line 276:
  
 ===== Development ===== ===== Development =====
 +
 +Who owe's who what?
  
  
 ===== Competition ===== ===== Competition =====
 +
 Setup Setup
 +   * Site 2 Site VPN
 +       * Top port on the machine (i.e. the on-board NIC)
 +       * Left port on the wall
 +   * The competitor rooms, make sure the laptops are tidy and connected and the room is generally clean
 +   * Prizes ​
  
 Registration Registration
 +   * Make sure to send registration form to competitors ahead of time, Gold Team to track this
 +   * Make sure to put a nice and friendly person to greet competitors as they show up, (:
  
  
 ===== Closing ===== ===== Closing =====
 +
 Clean Up Clean Up
 +   * UBNetDef is responsible for making sure the rooms and space we were allocated goes back to the state it came in.
 +   * CLEAN YOU FOOLS
  
 Debrief ​ Debrief ​
 +   * Gold Team to take notes
 +   * What went well?
 +   * What went poorly?
 +   * How can we improve? ​
   ​   ​
  
  • guides/lockdown.1543003270.txt.gz
  • Last modified: 2018/11/23 20:01
  • by amf42