Jump to content

mjones

Members
  • Posts

    1
  • Joined

  • Last visited

Everything posted by mjones

  1. You can ignore the following backstory, but I added it for dramatic effect. I am currently wrapping up my final Computer Forensics course here at school. Sadly I got stuck with a first year professor who doesnt know half of what she is talking about. She claims to have worked for a Fortune 50 company doing their network security, but her knowledge level is laughable for the job she used to have held. Students will commonly correct her on the basic facts about subjects, its almost offensive to my education. There are very few intelligent people in this class, its considered an easy minor, no wonder with professors like this, and a lot of Criminal Justice students latch onto it as well. All of this being said,I've learned next to nothing from these Computer Forensics courses with her after a full year. So to cap off my year she decides to announce a live "computer hacking" competition of sorts. The major problem with this competition is the fact that there has never been any sort of lesson on network penetration or computer hacking in the general sense. The closest we got was a card trick that somehow simulated password cracking. She basically went "WELP this sounds fun" and assigned it. All we know about the competition is the class will be split in 2 groups, one on defense and the other on offense. I have no doubt there are only two people on the opposing team who could be potential threats but I am pretty confident I know some stuff in this area. This type of work is what I'd like to do for a career so I'm making this assignment into a test of sorts for myself. ONCE AGAIN KEEP IN MIND WE HAVE BEEN TAUGHT ABSOLUTELY NOTHING INVOLVING NETWORK SECURITY OR PENETRATION TESTING. Everything here is stuff that I've either been taught, picked up over the years or have convinced myself to believe is true. Pick it apart, whats good, whats bad, whats flat out wrong. The Setting: Shitty PC's that barely boot. Windows XP Service Pack 3 Every machine was built using the same image, they all have very little added aside from some shithead forensic tools we've never used We're on our own network of about 15 machines The following are the software I plan on putting to use and my strategy for both defending and attacking. Defense: Software: Firewall - Really have no idea here, haven't used anything that was a specific "firewall" since ZoneAlarm back in 2006, would really be interested to hear some recommendations for a firewall. Anti-Virus - Microsoft Security Essentials, these PC's are terrible, Pentium 4's with 512mb RAM, and need all the resources they can hold on to and I've always liked this software. Miscellaneous: Get all machines patched up to date, uninstall all unnecessary programs, shit like Adobe Reader/Flash, MSOffice, etc. Remove all Administrator accounts, basically try to leave as few things they could attack as possible. Generate a strong Windows password, wont do much for physical security but I assume it'd help network-wise. Lame as it is, BIOS passwords on all our machines, theyre padlocked so the jumpers cant be pulled. Offense: I cannot stress enough how little I formally know about this shit, so please help me better myself. I think of it as a simple 4-part attack attempt 1. Port Scan, identify the targets and recognize their open ports 2. Vulnerability Scan, scan the target IP's and discover known vulnerabilities the machines currently have. 3. Attack, use Metasploit to exploit the vulnerability and gain access to the users system. 4. Keep control, installing a backdoor to keep control of the system (this is optional) Software: nmap - Read a few books on the tool so I know a decent amount of what I'm doing with it, couldnt think of a better portscanner Nessus - vulnerability scanner, again the most revered in its category I figured I couldnt go wrong, know little about the software though Metasploit - I've been looking for a decent introduction to Metasploit for a long time but havent had much luck. I've messed with it a little bit but would definitely like a thorough introduction from the start. I know Metasploit is even considered to be script kiddy-esque but I'm not sure of a better starting point. BACKUP PLAN: I will have unmonitored access to this lab for hours at a time, and I highly doubt the other students would consider physical security of their machines or take advantage of us in the same way. I had considered placing trojans on the PC's and adding them to the "Ignored" section of the Anti-Virus, along with simply adding another Administrator account and giving it remote desktop access. I'd rather have this as a back up plan because of how lame it is, but if times get tough I will resort to high school tactics. I'm basically wondering if this is an accurate strategy to be going into this type of thing with? Having you offer constructive criticism is something I'm looking for so please do. Have another place you visit where I could post this story and get some knowledgeable feedback, send that my way too.
×
×
  • Create New...