Category Archives: CCDC

Red Star, Schmed Star

 

In MACCDC 2015 Regionals the network started out with the VMs outlined in our team packets. Our team captain was away from our tables handling other administrative duties. An ‘inject’ came through which required us to use “Office Software” to create something, I can’t recall if it was a power point or ‘word’ document, to explain something that was going on with the network or systems. Along with the inject a new VM appeared in our vSphere console. It was a linux system labelled “Red Star”. We quickly launched it and realized this flavor of linux has a GUI vs just a console, but everything was in a different language, a language that our system administrators couldn’t read. We all left our seats and surrounded our teammate to see if it was something maybe we could read but, it wasn’t 😦 We tried carelessly clicking around trying to change the language to English but were failing at doing so.

Redstar3

Our team captain came back from her assignment and needed an update on what we were doing. We explained that we can’t read the language on the new system and were struggling to complete the new inject we received. She was standing over the shoulder of one of our system administrators and looked down at the new linux box. Her eyes focusing on the foreign letters on the screen she exclaimed excitedly “I can read this! Its Korean!”. It was a eureka moment for all of us. It was like when Lex Murphy realized it was a unix system. (https://www.youtube.com/watch?v=dFUlAQZB9Ng)

Our team captain is of Korean decent.

The linux system that was injected into the game was: https://en.wikipedia.org/wiki/Red_Star_OS

It’s not the hard things that trip you up, it’s the small stuff you waste time on.

 

 

What is actually learned from CCDC

A great questions was asked from a Red Teamer on twitter: What is actually learned from CCDC?
(https://twitter.com/carnal0wnage/status/718204762290843648)

I don’t think I could fit an answer into 140 characters so, I took to a blog for a proper response.

If your asking what is actually learned from the red team hacking a bunch of blue teamers…. NOTHING. We know you can do it. You know you can do it.

What we do learn are the things we taught ourselves in preparation for the competition. We don’t directly learn any of the objectives outlined in the CCDC Team Packets. (Did anyone even read them?)

For MACCDC the objectives are outlined as:

  • Build a meaningful mechanism by which institutions of higher education may evaluate their programs
  • Provide an educational venue in which students are able to apply the theory and skills they have learned in their course work
  • Foster a spirit of teamwork, ethical behavior, and effective communication both within and across teams
  • Open a dialog and increase awareness among participating institutions and students

Lets break this down 1 item at a time.

Build a meaningful mechanism by which institutions of higher education may evaluate their programs

Institutions of higher education cannot use CCDC to evaluate their programs. College’s often have guidelines and requirements to stick to course material as provided by their vendors. Sure, some teachers/professors stray from that a little. They do not use CCDC as a gauge to see how well their material is being taught. How well a team performs in CCDC is not a directly correlation to how well those students performs in class thus, it cannot be used for higher education to evaluate their programs.

In fact I’d be interested to find-out how many colleges request pcaps and the scoring metrics to see how their school did and if there is anything that could improve in their programs for next year. They probably don’t and secondly MACCDC probably couldn’t deliver those items.

Provide an educational venue in which students are able to apply the theory and skills they have learned in their course work

I think this statement should be changed from ‘educational venue’ to ‘venue’.

Every experience in life is a learning experience. Everywhere we go and everything we do is learning experience. We don’t call all the places we go ‘educational [place]’. In order for something to be called an “educational [place]” its primary function should be for educating. CCDC is not for educating and should NOT be labelled an ‘educational venue’ instead just ‘venue’.

Now with that statement changed to “Provide a[n] educational venue in which students are able to apply the theory and skills they have learned in their course work”, I can agree with part of it. I can agree with “Provide a venue in which students are able to apply theory and skills they have learned”, that’s it. Believe me, in your ‘course work’ you aren’t studying BigBlueButton, PBX, Cyclos, Request Tracker or JessX. None of these are in any course work I have seen come from any college. Leave me a comment below if you have worked on these boxes as part of your regular studies.

Foster a spirit of teamwork, ethical behavior, and effective communication both within and across teams

This is a mixed message with taken into context with the rules of the game. On page 7 of 2016 Team Packet Final it states:

e. Team members are forbidden from entering or attempting to enter another team’s competition workspace or room during CCDC events

I’m sure this will be twisted into saying ‘this doesn’t mean blue team to blue team, it means blue team to red team and vice-versa’. I’ve had CCDC officials twist things like this.

I can say from personal experience we have been instructed not to talk to other blue teams. We couldn’t talk to other blue teams even when trying to troubleshoot an issue where we needed to test connectivity from outside of our own site.

I wasn’t able to attend the Red Team-Blue Team mixer this year but I bet that was the most valuable part.

I wish the ‘teamwork’ extended to inter-team communication not just intra-team communication.

Open a dialog and increase awareness among participating institutions and students

I don’t even know what this means. “Increase awareness” about what? CCDC? Cyber Security?

Just the facts Ma’ma.

Through my CCDC experiences I learned a handful of technical skills that are still with me that I use everyday. Simple Linux administrative tasks, ASA and pfSense administration. The differences between stateful and stateless protocols and how they both work with iptables, Cisco ACL’s & MPF, and pfSense rules.

Being a team leader I learned how to give lectures and create powerpoint presentations and spin up VMs for live demos.

In-order to give a proper and well informed presentation about something you are forced to learn more about it than you ever thought you needed to know. I think a great training exercise for CCDC is to have every student create a presentation about something so they are forced to learn everything about it.

Everything I learned for CCDC is something I taught myself and its those things that stayed with me for life.

As for what I’ve gained from my CCDC experiences. I have gained something no class can teach… friends. I came into the CCDC club for my school and met a bunch of strangers. We made it through qualifiers and into regionals as acquaintances and classmates. We left regionals as friends. Some of those friends I still talk to even though we haven’t see each other in a few years.

In Conclusion

Even though CCDC is flawed(probably throughout the nation) it still offers a place where like minded individuals get together to teach each other and try to reach a higher understanding of the aspects of cyber security that interest them and then ultimately exercise those skills in a place with your friends. This competition is only as fun as you make it. I remember most of our systems had NyanCat across our screen. There was nothing left to do other than the Macerena, so we did. I remember having to leave the pit together for an inject and running through the mezzanine with our arms out like a bunch of airplanes. We always sent the Red Team fun gifts that we contributed to as a team.

If any one wants to share what they’ve learned or has an opinion on what is actually learned from CCDC competitions leave a comment below.