0

I am a CS student, and am considering competing in the National Collegiate Cyber Defense Competition. Although I have a fair amount of experience in programming competitions (e.g. ACM at High School level, and various online competitions), I have never really considered information security competitions and/or study.

Question: Starting from nearly ground-zero in information security and networking, how should one prepare for playing "blue team" in a competition like the CCDC? Specifically, is there a "THE book" that would be useful to read?

(For an example, it is generally considered that Introduction to Algorithms by CLRS and The Art of Computer Programming by Knuth are definitive works for algorithm analysis. Also, The C Programming Language by K&R is the definitive work on C. Is there an analog for computer security?)

Note: I realize this may be closed as subjective (or similar), but I really think a question like this would add value (if not Google hits) to the site. I figure I'll give it a try and see what the community thinks.

apnorton
  • 103
  • 1
  • 7
  • There have already been numerous questions here about the same thing: "What's the definitive text?" If you search you will find them. You will also find that the answers are not helpful because the question is too broad. There IS no definitive text. Even narrowing the focus to 'network security' there is simply too much to know in too many areas. Consider that the CISSP certification requires understanding of 10 different knowledge domains. You can't condense "security" to a single text. – schroeder Jul 10 '14 at 14:15
  • There: http://security.stackexchange.com/q/2013/46652 Happy learning! – zX8iqV Jul 10 '14 at 14:47

1 Answers1

1

I recently joined my own school's cyber security club with no security knowledge and learned a lot in the months preceding the CCDC. First thing's first – linux skills are crucial; stopping and starting services, seeing who is logged into the machine, adding/dropping users, general directory structure & location of commonly needed files, familiarity with each distribution's package manager, where log files for different things are & how to read them, common ports, iptables or other basic soft firewalls, etc.

From there we looked at hardening different applications and protocols (ssh, imap, pop, active directory). We often did this by renting virtual private servers for less than a cent per hour (from places like digital ocean), but I would also suggest beefing up your linux skills through wargames like those on overthewire.org or hackthissite.org. We didn't look at networking at all, and only one out of the six teams competing used the provided hard firewall.

I'm not sure there is some go-to book for this type of stuff (there is a red team field manual field manual but no blue team counterpart??!), but there are tons of good resources on the net that will help you. I watched a lot of post-CCDC debriefs on youtube to see how teams tended to get owned and then learned about how to prevent that. Digital Ocean's knowledge base and nixcraft have great guides on how to harden basic things. You can also try googling around for other team's CCDC cheat sheets and research everything you don't recognize. The event organizers should also have some non-specific lists of technologies you may be responsible for during the competition.

Matt
  • 26
  • 3