Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Kali Linux CTF Blueprints

You're reading from   Kali Linux CTF Blueprints Build, test, and customize your own Capture the Flag challenges across multiple platforms designed to be attacked with Kali Linux

Arrow left icon
Product type Paperback
Published in Jul 2014
Publisher Packt
ISBN-13 9781783985982
Length 190 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Cameron Buchanan Cameron Buchanan
Author Profile Icon Cameron Buchanan
Cameron Buchanan
Arrow right icon
View More author details
Toc

Table of Contents (9) Chapters Close

Preface 1. Microsoft Environments 2. Linux Environments FREE CHAPTER 3. Wireless and Mobile 4. Social Engineering 5. Cryptographic Projects 6. Red Teaming A. Appendix Index

Creating a vulnerable machine

The purpose of this book may seem counterintuitive to the majority of practices that security professionals carry out each day, but most core ideas to create a secure machine are the same as those to create a vulnerable machine.

Servers can be thought of as being created to serve a specific purpose—for example, to provide DNS services, host an Exchange environment, or manage a domain. This idea can be applied to the practice of hosting vulnerable services as well. The aim is to expose the server in one very particular way and secure it in every other aspect. You may treat them as authentication methods for the overthinking masochists of the world if you wish; that may help you envision the end result a little more clearly. To that end, the following tenets should be abided by:

  • Unless the scenario aims require it, ensure that any other services that you require to run on the system are fully patched and up to date.
  • Unless the scenario requires it, a proper antivirus solution with a firewall should be in place to secure other services.
  • Run the scenario on a separate network to any production or sensitive systems. This is quite simple to achieve by setting up a new network on a LAN connection without Internet access or through the use of virtual machines.

Securing a machine

Virtual or physical, your machine needs to be secure, and there's a simple process to achieve this. Build a fresh operating system. This is easy with a LiveCD when you have a spare Windows OS, but that's not always possible. At the time of this writing, TechNet provides 180-day accounts of the Windows operating system for testing purposes (technet.microsoft.com), which covers this style of usage. If you are using this book to kick off a future career in CTF building, consider getting a Microsoft Developer Network (MSDN) account, which will enable you to set up multiple environments for testing purposes.

Note

At this point, if you're aiming to host a vulnerable Windows product, don't perform the following step.

So, you have a fresh install—what now? Ensure everything is up to date. As you don't have anything other than the OS installed, you should just run Start | Search | Windows Update. Let it run, finish, and restart. Have a look through your build and remove any unnecessary programs that may have come with the install. You are now working with a clean slate. Wonderful.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image