CCDC Competition Info

From Forgotten Security’s CTF Wiki
Jump to: navigation, search

The important things to learn besides defensive techniques is Injects. Many injects are designed to help students deal with the Red Team Onslaughts

Mid-Atlantic CCDC has a shared blue team area with a large curtain separating the students from the red team area.

CCDC Memes
Pen_Testing_Hardware - Things to check for when Red Team might have been around

Contents

2014 Dates

2013 Dates

  • National Collegiate Cyber Defense Competition: April 19-21, 2013
  • Mid-Atlantic CCDC:
    • Registration Ends: March 1st 2013
      • 29-30 Teams with 271 students
    • Regional Qualifiers: Start March 18th 2013
    • Finals: April 10th-13th 2013
    • 1st Millersville University
    • 2nd North Carolina State - First year competing and they were tied for first
    • 3rd Radford University
  • Western Region CCDC: March 29th-31st 2013
    • 1st Cal Poly Pomona
    • 2nd UC Berkeley
    • 3rd CSU San Bernardino
  • At-Large CCDC: March 1st-3rd 2013
    • 1st University of Alaska Fairbanks
    • 2nd Honolulu CC
    • 3rd CTC
  • MidWest CCDC:
    • 1st Rose-Hulman Institute of Technology
    • 2nd Milwaukee School of Engineering
    • 3rd Northern Kentucky university
    • 4th Baldwin Wallace University
    • State Qualifiers in Feb. and March 2013
    • Illinois
      • 1st South Illinois University
      • 2nd University of Illinois at Urbana-Champaign
      • 3rd DePaul University
    • Indiana
      • 1st Rose-Hulman University
      • 2nd Ivy Tech Community College Northeast
    • Kentucky
      • 1st Northern Kentucky University
      • 2nd University of Louisville
    • Ohio
      • 1st Baldwin Wallace University
      • 2nd Rhodes State College
    • Minesota
      • 1st Century College
      • 2nd Minnesota State University Mankato
      • 3rd St. Cloud State University (SCSU)
    • Wisconsin/Iowa
      • 1st Northeast Wisconsin Technical College
      • 2nd Milwaukee School of Engineering
    • Missouri
      • 1st Southeast Missouri State University
      • 2nd Missouri University of Science and Technology
    • Michigan
      • 1st Davenport University
      • 2nd Ferris State University
      • 3rd Baker College of Clinton Township
    • Regional Finals: March 22nd-23rd 2013
  • North Central CCDC: March 22nd-23rd 2013
    • 1st Dakota State University
    • 2nd University of South Dakota
    • 3rd Western Dakota Technical Institute
  • North Eastern CCDC: March 8th-10th 2013
    • 1st Rochester Institute of Technology
    • 2nd State University of New York Institute of Technology
    • 3rd Worcester Polytechnic Institute
  • Pacific Rim CCDC: March 23rd-24th, 2013
    • 1st University of Washington, Seattle
    • 2nd Eastern Washington University
    • 3rd Evergreen State
  • Rocky Mountain CCDC: March 1st-2nd 2013
    • 1st Air Force
    • 2nd Kansas State
  • Southeast CCDC:
  • Southwest CCDC:
    • Regional Qualifiers: Jan. 25th-26th 2013
    • Regional Finals: March 9th-10th 2013
    • 1st Oklahoma State University
    • 2nd Southern Methodist University
    • 3rd Texas A&M University


National CCDC April 19th-21st 2013

Red Team

Red Team Tactics/Important Security things:
Default passwords (not just on OS, but also webapps, devices such as power strips, databases)
Pwnie Express
ASA - Setup and recovery
Backups - Hidden, and hashed to check for changes, DB dump
Sticky Bits and Immutable Flags
Use Nagios as a Pivot Point
Between Days, Red Team is given physical access to the blue team area (2012: 30 minutes)

Other important Research Topics
Laws surrounding theme
Incident Response Forms - Pre-fill and make sure everyone knows how to fill them out efficiently

CCDC Links

CCDC Competition Info - Injects, Strategy, and Equipment
CCDC_Teams - Mid-Atlantic Competitors, will add more as I find the info
Red Team - List of Red Team members from each year known
CCDC_Links - Blogs and other useful info pages specific to CCDC
National Collegiate Cyber Defense Competition

BSidesLA talk about the oddness of CSUDH CCDC experience

Preparing

Learn Sys Admin roles
Practice Defending, ask the CCDC Red Teamers or other Pen Testers to come in and help (they love to participate if they have time)
- if you do ask Pen Testers to help, make sure to get full value by asking what would make it hard for them.
Be wary of breaking your own services
Play Other CTFs

 I asked Dave Cowen, leader of the Nationals Red Team "What would you say is the best way to practice? Defending against a group of Red Teamers, practicing hardening boxes without an attacker, or ...?
He suggested "Start by hardening systems and try to understand what vulnerabilties exist by default. Understanding how the system should unction will make your life alot easier when you walk into unfamiiar territory. Once you feel comfortable walking up to a fresh install and locking it down invite you fellow team mates to take turns between blue and red so you can understand both sides. "
Personal tools