PREPARATION

ONE TIME TASKs

  1. Based on your work to date you create an infinitely secure BLUE that can be deployed and destroyed as fast as Hypervisor can do it and is authorized to the ZeroTier network.
  2. Students must create their own RED or PURPLE VM/LB machines and must join, be authorized and tested and then de-authorized (offline - blocked fromZeroTier) until a Super Demo.
  3. Students must create their own own practice BLUEs - VMs or LBs. And they have all the time in the world to whip up their evil ;-)
  4. When first invited to the private network an appropriate hostname will be assigned. The host (short) name will be BLUE, RED or PURPLE and the fqdn will be

    <user>.[blue|red|purple].internet.local

    Where <user> is the my.vcccd.edu email name of the machine’s owner.

SHOWTIME

  1. When it is time for a Super Demo Ken May decides which team or individual is RED and which is PURPLE.
  2. Phil Man provides group access to the class to the SANDBOXED but VULNERABLE BLUE machine (screen ONLY) though TeamViewer, et. al

BLUE

  1. Verify network access
  2. Coffee break until malware arrives (class is watching ;-)

RED

  1. Starts screen sharing in Zoom
  2. Machine is re-authorized
  3. Does his dirty deeds.
  4. BLUE bites the hook (we can all see it)
  5. BLUE realizes he’s been hacked - “contacts PURPLE”
  6. Machine is de-authorized
  7. Stops screen sharing

PURPLE

  1. Starts screen sharing in Zoom
  2. Machine is re-authorized
  3. “Here I come to save the day!” ;-)
  4. [Probably some scanning - but what else?…]
  5. Resolves the issue(s)
  6. Reads BLUE the riot act about Phishing
  7. BLUE acts contrite
  8. Machine is de-authorized
  9. Stops screen sharing

POSMORTEM

  1. Class discussion