From 26C3 Public Wiki
NetS-X
Contents |
About
Introduction of a teaching framework which extends traditional learning methods.
This is no simulation or emulation, the scenarios are played on real OS's with either physical or virtual hardware.
We offer every interested person a chance to test & extend their hacking skills.
... and no ist not another CTF.
So what is it?
NetS-X is a learning framework which enhances the learning process of future network and security concerned people. It allows a guided, hands on education without constant supervision. The special lies on the question "what is needed for a proper hacking education" and how the NetS-X scenario framework address these issues. NetS-X will be setup on top of an existing virtualized or real world enterprise like, sandbox network, to provide a suitable learning environment. The integration of VPN furthermore extends the learning on demand possibility of the Browser based NetS-X framework. In order to serve the need of actuality, it introduces framework technology, allowing tutors as well as the learner himself to add content to the education process.
Some available scenarios/tasks to see the potential of the framework:
- setup honeypots (install and configure nepenthes, catch trojan -> report trojan)
- brute-force attacks on different services with hydra & john (crack passwords)
- website defacement (sniff passwords, deface website)
- SQL injection
- ARP spoofing (ettercap)
- telnet hijacking (sniff password or hijack session -> create file on target system)
- Directory Traversal (gain root through traversal-> fix configuration to deny traversal)
And...
Lookout for the corresponding LT "Hacking education" !
Website
http://www.nets-x.hs-bremen.de (no Safari please)
Who will be there?
Alexander -> ogollemon [: aet :] jabber.berlin.ccc.de
Björn -> zelur.em [: aet :] jabber.ccc.de
We need
Two chairs on a table, downstairs.
