Preguntas y Respuestas CyberEx

InternationalCyberEx (to All):
Welcome everybody to this doubt solving session.

Please feel free to begin writing your questions
Indra (to All):
Can we use our own tools, apart from Kali/Backtrack?
Eleazar Aguirre Laboratorio de Ciberseguridad CIC-IPN MX (to All):
Will be there a limit of connections or IP addresses for each team?
Hi Indra, yes you can use your your tools. There are no limitations
Francisco Lazaro Anguis (to All):
Hello, We are Renfe
Hi CIC-IPN MX, there will be an user per team member. Only one connection per te
am member is allowed
Hi Renfe
To All:
Finally the year has the theme of attack and defense components or every team wi
ll have an infrastructure to execute the challenges?
Hi colCERT, the scenario is based only in a CTF mode. There is no need to defend
your systems.
Indra (to All):
Will there be parallel challenges to solve? Or will there be only one challenge
at a time?
That is to say that no attack will be given during the exercise
We are Renfe Team, we are trying call by telephone and we have problems.
in the conducting reconnaissance activities, will be possible to find other part
icipants?
The scenario is based on flags. Usually you have to solve the flags in order, bu
t in some cases you can do parallel tasks
Hi Renfe, this session will be only by text chat
To All:
Few challenges? they're going to split the four main topics explained at the fir
st meeting?
ok

In the reconaissance activities you will not find other teams.
Gabriela Ratti (to All):
the challenge must be solved by order or can we solve one challenge despite we h
aven't solved the previous challenge, for example?
There will be a number of flags per phase. And when you get the minimun number o
f flags in a phase you can reach next phase
To All:
Before exercise will have previous challenges?
Indra (to All):
Is it necessary to do a write-up after each challenge describing what has been d
one?
Hi Gabriela, you don't have to answer the flags in order, but in some cases for
a flag you need information from previous flags
How many phases will there be?
thanks!
To All:
Before exercise will have previous challenges?
There will not be previous challenges to the exercise
To All:
Thanks
There will be 4 phases
No write-up will be needed
Lucas Coronel - Banelco CSIRT (to All):
According to the connection, one connection is only 1 machine to connect? so if
we have more notebooks, only 1 machine could connect?
To All:
The questions and answers are doing in this meeting they will be sent via email?
Hi Banelco,
Each team member can connect their laptop. So you can connect so many machines a
s team members.
The questions and answers will be published as a FAQ in the web site
To All:
ok
After the CyberEx, will the solutions be published somewhere?
Indra (to All):
Can we assume that the environment we will connect to is secure? Will the enviro
nment be shared by other participants?
It is important to say that you play as a team. That is to say that if a team me
mber request a hint, it is a hint for the whole team and points are sustracted t
o the team's score
Indra (to All):
What is the expected network latency?
We don't expect to publish or share the solutions after the exercise. But we wil
l think about it
Thanks... so each team will have 1 VPN but we could use 'till 8 machines to conn
ect
To All:
The team will have a board including overall score for all computers or for ever
yone?
Yes. You can assume a secure environment.
Regarding latency, you will need a minimum connection of 256 Kbp/s
To All:
The challenges will be presented sequentially or we will send a document with th
e same?
Hi Banelco. If you have 8 team members, you will have 8 users and 8 simultaneous
VPN connections are allowed
There will be a scoreboard, so every team can see all scores.
But the scoreboard will be switched off one hour before end of the excercise.
This is because we want to create some buzz at the end of the exercise
At the beginning of each phase you can see all flags of that phase (and all chal
lenges).
What is the duration of the CTF? Will it have a break?

There is no need to answer the flags in order, but some flags depends on previou
s flags
The duration is 8 hours: from 10.00 EDT to 18.00 EDT. There will not be an offic
ial break
Thanks again...
Regarding latency, we have made a test and 150 ms (using ICMP) are the normal be
haviour
Very important: when you are connected to VPN, you are NOT connected to internet
... But you can disconnect to the VPN if you need and then connect again
To All:
The VPN connection is to be performed by an application, SSL ?, ipsec? what kind
of technology to be used
So maybe will be helpful to have a machine that it is not connected and can sear
ch in the internet
The VPN connection is performed by an OpenVPN client. So default port is 1194
We will provide the OpenVPN config file next week, so you can connect to the env
ironment
the connectivity test, to test the VPN, will be performed the days before, right
?
thanks, I already read the answer!
To All:
The username and password for the VPN will be the same for the 8 participants? o
r each individual will have some credentials
Hi Gabriella, we will provide the config file without user/pass, so you can try
the server connection without access to the platform
thanks!
There will be different user/pass for each team member. So: individual credentia
ls
There will be a "marshall" looking after the platform. So first bad behaviour is
a warning. Second bad behaviour is kick-out
MartinE (to All):

ok
what is the meaning of bad behaviuor?
To All:
Misbehavior of a member may disqualify the team?
We mean by "bad behaviour" following some rules: no brute-force, no attack to th
e answering site, not removing files of the machine, etc. We will send you the c
oncrete rules previous to the exercise.
Misbehaviour of a team member will disquallify the whole team
that you mean misbehaving? you publish the rules of what is allowed and what is
not?
thanks!
Obviously a DDoS is also not allowed.
In any case, in the platform manual all rules are specified
To All:
Misbehavior of a member may disqualify the team?
Yes. Misbehaviour of a team member will disquallify the whole team. But you will
get first a warning
During the exercise you can send us technical questions through the support chan
nel. This channel will be accessible in the scoreboard site
Could you please give us some tips/recommendations to perform the cyber-excercis
e?
Recommendations: first -> be patient
second -> use the hints if you have problems. it is better to go through the nex
t flag
third -> syntax is important. A small modifier may be critical for answering a f
lag
We think that that are the main points

Great... thanks, very helpful!
Indra (to All):
Gracias (thanks). Nos desconectamos.
You can try various times answering a flag. That is to say, you don't have to wr
ite the right question at the first attempt
and that will not substract points?
You can try as many times as you want
The only thing that substract you points is asking for hints
Similar to this, reaching a flag previous to other teams don't give you more poi
nts: there are no bonus-flags
thank..
Indra (to All):
(before leaving...) is there any time limit for each challenge?
Regarding connectivity test: you will have 8 hours on Tuesday and Wednesday. You
can try when you want.
If you have problems with your connection, please send us an email to internatio
nal@cyberex.es
No. There is no time limit for a challenge
Rey, Jorge (to All):
When will you share information aboput the exercises's scenario? Things like top
ology, credentials, operating systems, network devices... Credentials...
We will not share information about the scenario. You will get small pieces of i
nformation when you advance through the scenario
But we will not send you the information before the beginning
thanks :-)
Jc (to All):
Hey guys Im a bit lost What is going on?
Hi JC, we are waiting for new questions
Jorge Martinez (to All):

Hi, I was wondering, how many teams are going to participate?
Regarding the exercise day, there will be an official launch. This GoToMeeting w
ill be available all that day and some minutes before the beginning our director
s will give you some words
After that official launch we will send the credentials to each captain and you
can begin with the exercise
Jc (to All):
Hey, could you explain us a bit more on the structure of the excersice how exact
ly is gonna be played out?
Jaime (to All):
hi there ! , which will be the connection method ?
Hi Jorge, 45 teams are confirmed to participate. You can find some statistics in
the web site: https://www.cyberex.es/international
Hi JC, there will be 4 phases. In each phase you will need to answer to challeng
es (that is to say, capture some flags)
In each challenge you can ask for hints, but that substracts you points of the s
core of the flag
Hi Jaime, the VPN connection is performed by an OpenVPN client. So default port
is 1194
We will provide the OpenVPN config file next week, so you can connect to the env
ironment
Jaime (to All):
there's any limit to concurrent connections ?
Jaime (to All):
is there one file per team ?
There will be an user per team member. Only one connection per team member is al
lowed. So your team will have as many connections as team members
There is only one config file for OpenVPN for all teams. When you try to connect
the server asks you for user/pass. Then the platform assings each user the envi
ronment of their team
Jaime (to All):
so could i infer that the traffic beetween team members will be blocked?
Jaime (to All):
and the other teams?, each team will be isolated ?

It is not necessary to have traffic between team members. Remember that this is
not a red/blue team
You only access to the environment to get information of the challenges, but the
re should be not an interaction between users
As we said before, there will be a "marshall" looking after the platform. So fir
st bad behaviour is a warning. Second bad behaviour is kick-out. We mean by bad
behaviour some basic rules: no brute-force, no attack to the answering site, not
removing files of the machine, no DDoS, etc. We will send you the concrete rule
s previous to the exercise.
Jaime (to All):
thanks for the answers
ports/services scanning will be allowed, isn't it?
To All:
We can have the full list of teams by country?
Jaime (to All):
and sorry if you should repeat something
Yes Jorge. You can perform ports/services scanning
But you cannot perform DoS to a port/service...
We are not going to send the distribution of teams per country. The only public
information is the number of teams.
To All:
thanks
We have reached 12.00 am EDT.
Thank you all!!! We will get all your questions and publish it in a form of FAQ
in the web site. In any case, there will be another session tomorrow at 10.00 am
EDT. If you have more questions we will be available in the same channel number
.
thank you! Goodbye!
thank you all. Bye.

Preguntas y Respuestas CyberEx

Încărcat de

Informații document

Descriere originală:

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Preguntas y Respuestas CyberEx

Încărcat de

Drepturi de autor:

Formate disponibile

InternationalCyberEx (to All):

Welcome everybody to this doubt solving session.

InternationalCyberEx (to All):

InternationalCyberEx (to All):

MartinE (to All):

Lucas Coronel - Banelco CSIRT (to All):

Jorge Martinez (to All):

InternationalCyberEx (to All):

S-ar putea să vă placă și