So I know it's taboo to ask for this sort of support:
HI CAN U PLZ HLP ME HAX MY GFS HTOMAIL?!!! KTHXBYE!!1
However, I have a computer security class assignment that some of you folks might be able to help with.
So here is what's up:
Teams of two in the class each have control of a box on a little private network. We each picked different distributions of linux to install on them, and got ourselves some little servers up and running. The professor's machine is the sample user's machine, from which he attempts to use the services we provide from our servers. Every four or five days we have to offer another type of service (FTP, HTTP... etc) as he assigns, or sometimes we just have to make changes to those that we already offer.
Now, here is the challenge:
We've had a week of bloodshed free setup time before the chaos begins, but starting today we get to start trying to screw with the other group's boxen. The point is to secure our servers well, but to make sure we can still provide the services we're supposed to. We are supposed to be as evil as possible, but we get points off if another group knows what we did and who we are.
So my questions are the following:
I know some of you here are pretty solid linux users/admins. Do you know of any dirty little tricks or resources I should look into for the offensive side of this exercise? (My job is offense, but I'm of course helping secure our box too)
and
Any suggestions for how I should make sure my box is secure? I've been doing plenty of reading, but if you have any good resources, let me know. (We ended up getting Arch Linux for ours [no two groups could have the same]). Also, what do you suppose would be the best way to track what other people are doing to us (log file interpreters perhaps)?
PS: I know its been a while since I've been back here. Taking six courses a semester really kills the free time. I miss you guys!