Cyberlympics 2012 Round 2 and Round 3 summary

As promised, I am going to give a short summary of the second and third round of the Cyberlympics 2012 competition. Both rounds were organized by SAIC (CyberNEXS), basically we played on their regular training games (CyberNEXS Cyber Security Training).

Round 2 - Penetration Testing

This round was quite fun, since our team members were scattered to different locations, so we had to use Skype in order to work together. There were some technical problems, so the game started around 22:00 instead of the scheduled 21:00.

Anyways, we had to VPN into the CyberNEXS system, then we logged into our attacker Backtrack machines (we got 2, if I remember correctly) and the fun began. The first set of target systems were accessible from our attacker machines, and there were dual homed hosts, providing access to the next subnetwork.

We just did the usual thing: port scanning, launching exploits, cracking and bruteforcing passwords, etc. so nothing extra. Points were given for planting flags and writing detailed reports from the findings. I think we have owned 4 or 5 servers, which was enough for the 4th place in this round.

Round 3 - Centralized  Network Defense Game

In this round, 5 or 6 (can't remember the exact number) servers were given for us running Linux and Windows (servers and desktops too) operating systems, and we had to harden them, but in the meantime, maintain critical services, prevent the attacks and report incidents (points were given for accomplishing these).

We prepared with a few scripts and programs, to automate hardening and help us monitoring the system status. I don't know why we thought that we had to concentrate on attackers from outside, but it was a big surprise when we realized that our systems were heavily backdoored, we spent most of our time removing these and writing incident reports about them.

And that's all! :) Of course I can't give out more details, but I think even this short summary gives an idea how these rounds looked like.