Hak5 Hackme?

[jzman]

Just recently i have stumbled upon the idea of setting up a hak5 hackme server. The idea is that every week there will be a new crack-me challenge. There will be an accompanying website that shows statistics and what are the new competitions with a way for users to give feedback effectively. One example of a competition would be to just exploit a very early version of apache. I want to set this up just for educational purposes only. I also want help people explore new tools and techniques for offensive security and to inspire them on what defensive security measures they should be taking with their servers/projects while they are having fun doing it. I do not want people to use this service for malicious purposes or to inspire people to crack into other people's networks/computers. If the service gets abused it can be taken down in a very prompt manner. The whole event would be community driven and It seems like a fun project that i can attempt and see how it plays out, but i want your opinion, should i even attempt to start this service, what are the pros/cons of this, what platform or security measures should i take? I would appreciate any advice, thanks.

[Seph]

Thats a neat idea man. Like you said though this can sorta go hairy if people start abusing it.

Really the only suggestion I can think of is just make sure this is a isolated standalone P4 server (if your hosting locally...) Speaking of hosting, I dont think the server providers will be too happy with its intended use to be honest.

Anyway I like the idea, I'm all for it if you decide to go through with it.

[digip]

Maybe use a VM or Deep Freezed host machine, so if it gets hosed, a reboot resets everything to square 1.

[Seph]

VM would work too, however I dont advise it. Maybe its just my paranoia speaking but keeping a machines thats inteded to be hacked as isolated as possible is the way I would do it, even so far as have its own internet line. Really shouldnt underestimate the damage a hacker can do once they get in

[VaKo]

Its been punted about before, it all crumbles at the logistics stage but it would still be cool to run.

[xeemo]

Sounds like a great idea. The challenge can be rooting the box or something. I doubt any destruction would take place to anything other than possibly the box in question. If it does there would be nothing stopping it from happening right now. If HAK5 got hacked it would probably be due to a faulty setup or a zero day exploit.

This could give some hackers something ethical to do for fun (rather than something unethical...like hacking HAK5). Perhaps even a prize could be awarded to the first person to leave contact info or something on the box (stickers, or whathaveyou). I remember The Screen Savers doing this once. I don't think anyone successfully hacked the box. It was Windows XP with all of the patches at the time installed. I remember the computer mysteriously restarted, and I'm pretty sure that was the only thing interesting that came of it.

[h3%5kr3w]

this would be really cool (like rootwarz) but the main issue for me, if I were hosting it, is how do you tie the server to your own infrastructure without letting others see key aspects of your own network. I believe seph was right. It really would need it's own line. Also I would have it where you telnet into a machine to start so that way the isp cant tell what your doing, and make sure no one can bounce back out onto the internet (botz man.. bots)

If you could finalize those two issues, it would be gravy!

I really wish they had some local things like this in hand (like with your local lug) so that way you could learn at a pace. I have 'played' around a lot with metasploit and yersinia, and even did a mitm once (cant remember the name of it but it's one click hack software 4 n00bs..) I would like to know some of the more key tricks -o- teh trade, rather than being a glorified script-kiddie.

XpSp1 FTW! ez2hack.

XpSp3 = TOUGH

Vista =eh..

Win7 = bsodable atm, but as far as I know that's it.

[jzman]

Thanks guys. The HackME server will most likely be hosted on a Xen VPS that is not on my personal network. I have been told that you can break out of a OpenVZ VM easily since you share the kernel. I can put in place as many security measures that are possible, as long as it does not defeat the purpose of the hackme server. Some measures that i have in mind at the moment are stuff like banning abusers or making a bash script for streaming logs to another server or preventing people from deleting the logs. The server will only be up for 2 days out of a week, and every week there will be a new challenge with a fresh new install of Debain/Centos/Suse/etc each week. So in the case that someone does root the server and install a bot or a backdoor, they have a very limited timeframe to abuse the server. The outgoing connection of the VPS that i am thinking about buying only goes to 20mbps so that should prevent possible abusers from DoS'ing. If the hosting company finds out what i am doing with the server then i can just take it down. I am pretty sure that they will not find out, as long as the server is not repetitiously max'ing out on the servers resources then they probably will not care. Again thanks for the advice Guys.

[gcninja]

isnt that what a DMZ is for? cutting people off from other places on the router?