User Tools

Site Tools


deterlab

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
deterlab [2017/05/18 18:39]
silvio.biagioni@unitn.it [Setup]
deterlab [2021/01/29 10:58] (current)
Line 1: Line 1:
-====== Class Capture The Flag on DETERLab ​======+====== Class Capture The Flag Experiment ​======
  
 ===== Requirements ===== ===== Requirements =====
Line 7: Line 7:
 ===== Setup ===== ===== Setup =====
 Before the exercise you need to perform the following steps: Before the exercise you need to perform the following steps:
-  - Create groups of students in your class project on DETERLab, one group per attack team.  Give to the groups easily related names (e.g., "​cctf-team1"​) since managing multiple copies of experiment and multiple teams could easily get confusing.+  - Create groups of students in your class project on DETERLab, one group per attack team.  Give to the groups easily related names (e.g., "cctf-exper1-team1"​) since managing multiple copies of experiment and multiple teams could easily get confusing.
   - Swap in the experiment using the related NS file: <code bash> /​share/​education/​CTF2_USC/​ctf2.ns </​code>​ Swap in as many experiments as you have teams. For each experiment, the obtained network template is described in the following picture. {{ :​networktopology.png?​600 |}}    - Swap in the experiment using the related NS file: <code bash> /​share/​education/​CTF2_USC/​ctf2.ns </​code>​ Swap in as many experiments as you have teams. For each experiment, the obtained network template is described in the following picture. {{ :​networktopology.png?​600 |}} 
-  - For each topology created, remove access to the three //client// machines for all but their attack team, and remove access to //server// and //gateway// machine for all but the automated defense team. Remove also the access to //router// for all teams. These steps can be done by running the setexpgroups.sh script: <code bash>$ ./​setexpgroups.sh ProjName expgroups mysql</​code>​ where  ''​mysql''​ is the configuration of the bank service offered by the server, whereas ''​expgroups''​ is a text file which specifies, by means of its two lines, the names of the experiments and the associated group names. An example the ''​expgroups''​ file is shown down here. <​code>​exp1 exp2  +  - For each topology created, remove access to the three //client// machines for all but their attack team, and remove access to //server// and //gateway// machine for all but the automated defense team. Remove also the access to //router// for all teams. These steps can be done by running the ''​setexpgroups.sh'' ​script: <code bash>$ ./​setexpgroups.sh ProjName expgroups mysql</​code>​ where  ''​mysql'' ​(contained in the local folder ''​setups/''​) ​is the configuration of the bank service offered by the server, whereas ''​expgroups'' ​(contained in the local folder ''​groups/''​) ​is a text file which specifies, by means of its two lines, the names of the experiments and the associated group names. An example the ''​expgroups''​ file is shown down here. <​code>​exp1 exp2  
-exp1-attack-group exp1-defense-group exp2-attack-group exp2-defense-group </​code>​ This step will ensure that during exercise team members cannot log into machines controlled by the opposing team and spy on them. +exp1-attack-group exp1-defense-group exp2-attack-group exp2-defense-group </​code>​ 
 +  
 + <​REPLY BEGIN: THE LAST STEP IS NOT CLEAR. WHICH IS THE SEMANTICS OF THE SECOND LINE?> 
 + 
 +In this specific case, we declare in the first line the experiment ID, and the list of the respective attack and defense groups. Therefore, the experiment ''​exp1''​ contains the attack group ''​exp1-attack-group''​ and the ''​defense group'',​ meanwhile the experiment ''​exp2''​ is related to the attack group ''​exp2-attack-group''​ and the defense group ''​exp2-defense-group''​.  
 + 
 +<REPLY END: THE LAST STEP IS NOT CLEAR. WHICH IS THE SEMANTICS OF THE SECOND LINE?> 
 + 
 +This step will ensure that during exercise team members cannot log into machines controlled by the opposing team and spy on them. 
  
deterlab.1495125541.txt.gz · Last modified: 2021/01/29 10:58 (external edit)