Jump to content

Steps and tips to detect big and small system vulnerabilities; School Team

Windows2000
By Windows2000
in General Discussion
 Share
Posted

So, this thread is for CyberPatriot and my team tryouts.... (This is not a repost)

https://www.uscyberpatriot.org/

 

 

So, let me explain how a normal competition works.

You are on a computer running a Windows/Linux Distribution where many things have been messed up.

This includes but not limited to: viruses. malware, useless add-ons, change of system settings, etc that are limited to the OS only. (No hardware stuff including BIOS)

The OS will be running on a VMware. 

Typically you will be given a ReadMe text where there is a rubric and a scenario.

An example of a scenario would be something like:

"The computer you are on belongs to a company. The computer has been infected, so clean it up. (lol my wording) Make sure the computer agrees to the following guidelines.

  1. No useless programs
  2. Make sure the user password follows the following guidelines: whatever the guideline is 
  3. Network protocol must meet the following guidelines: whatever this is
  4. etc etc

Things as not significant as "device auto play" and "Windows Features" (well sorta) will not be listed in the readme.txt and you will be expected to check them. (Team commander argues that "it would be very bad as a single flash drive can corrupt the entire server")

https://www.uscyberpatriot.org/competition/training-materials/training-modules

 

How a competition will be graded will be based on a testing engine. As far as I know, the testing engine logs every change and event taken within the VMWare.

 

 

The main goal of every round of competition is to improve the security of one or more virtual machine images. In the past, teams have been tasked with:

  • Maintaining and hardening ​critical services​​
  • Fixing vulnerabilities
  • Removing malware from the systems
  • Answering forensics questions
More cybersecurity elements are added as teams advance to later rounds of competition. In previous seasons, teams have been given networking challenges, such as:​​

 

  • Virtual network configuration​
  • Subnetting and IP addressing

https://www.uscyberpatriot.org/competition/training-materials

 

 

So TL;DR

How do I detect small and big system vulnerabilities? 

I produce music!


Link to comment
Share on other sites
Link to post
Share on other sites
Posted

What happened to your other topic?  :wacko: It seems to be unaccessible...

i7 4790K || R9 290X + R9 290 || 16GB G.Skill TridentX 1866 || Gigabyte Z97MX Gaming 5 || Crucial MX100 256GB || WD Caviar Blue 1TB

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing General Discussion

×