Team Exercise 3 Services Exercise April 15 2009 Report Due Date April 22 2009 Before the exercise You are to set up a collection of machines including at least 2 SSH servers at least 2 FTP servers at least one Windows Shared folder at least one telnet server and at least two web servers o at least one with a password protected portion o at least one with an SSL protected portion Each machine with the exception of the web server needs two or more enabled nonroot accounts All account and password information must be given to the instructor by the start of class on Monday April 13 The FTP server and the Windows Shared folder need to have files accessible for download For these machines you may use any operating system and any available version of the service You must complete a Machine Information Sheet for every machine that you start When the exercise is complete you will need to identify who accessed your files and what changes if any that they made Be sure that your systems keep appropriate logs During the exercise You will be provided with documented access to two other teams Verify that their services are functioning Try to complete a machine information sheet for all of the machines from the team for which you do not have access credentials In particular for each of their machines try to determine The IP address The hosting team The OS and The types and versions of all available services Attempt to access your opponent s assets Their leaked data are your bonus points the more sensitive the data the higher the score No credit is given for access to data to which you are allowed access for example defacing a web page to which you have authorized write access is valueless Access to an opponent s IDS or other defensive systems will be granted additional style points During the exercise you need to complete your command summary sheets Try to cover your tracks as best as you can The use of arbitrary third party tools may be allowed at the discretion of the instructor however all such tools must be approved prior to Spring Break All third party tools will be available for all members of the class The use of cunning and guile are encouraged After the exercise Your report will contain three components Design and Implementation How did you set up your systems How did you configure your network topology What were your firewall rulesets What defensive assets did you deploy Log servers IDS How were they configured Why did you make the decisions in this fashion Reconnaissance Attack Were you able to access the data they claimed you should Were their procedures to access the data reasonable Were you able to gain unauthorized access to other data Were you able to determine what services were running on your opponent s machines Were you able to access any of their information Analysis How well did your network hold up to actual use Were your uses able to access exactly the data that they should Were there any security breaches If so explain in detail what happened and how Remember as bad as a security breach might be it is much worse if it occurs without your knowledge