CW 1: Security Audit
Assessment brief
View as Coursework BriefSubmission Informtion
| Handout Date | 20/9/2021 |
| Due Date | 3/12/2021 |
| Estimated Effort | 20 Hours |
| Percentage of Module Mark | 100% |
ILO's Assessed
- 1. Use appropriate tools to discover the structure of a network, the services running on it, and identify and classify potential security flaws
- 2. Demonstrate understanding of the core theoretical concepts that lead to insecurity in computer systems, and how there can be used to exploit and mitigate threats identified in a computer system or network
- 3. Discuss common penetration testing methodologies, vulnerability risk rating systems and how they relate to the security audit process
Task and Mark Distribution
In this coursework you are required to perform a security audit of a set of hosts.
It is a portfolio style activity, where you will submit the flags found in three, of the weekly lab tasks, and write a brief report on your findings.
You have free choice over two of the machines, but your report must include a writeup on one of the buffer overflow based boxes.
The individual machines will be provided as Challenge tasks during the lab sessions, in the second half of the module.
The tasks that can be submitted as part of the coursework will be identified as Coursework Tasks in the weekly documentation.
Submission Requirements
You are required to submit a short report with the details for all three tasks. The report should be suitable for a technical audience, (so assume you don't need to explain fundamental concepts like describing what XSS is).
Task and Marking Scheme.
Each of the challenge and will consist of Boot To Root Style challenges, where you will be need to use appropriate tools and techniques to identify, and exploit potential vulnerabilities.
You will need to complete an appropriate pen-test process for each of them. This may include:
- Reconnaissance
- Initial Exploitation
- Post Exploitation identification of vulnerabilities
- Post Exploitation
Marking for individual tasks
You will have a total of 30 marks for each of the free choice machines.
- User Flag (10 Marks), this will usually be in the
/home/<user>/user.txt - Root Flag (10 Marks), this will be in
/root/root.txt - Brief writeup (10 Marks)
For the brief writeup, you are expected to include details, and screenshots of any exploits used, and a brief description (suitable for a technical audience) of the process.
Marking for the Overflow based machine
Due to the complexity of the Overflow based machine, there are additional points for the root user. The rest of the marks are as before
- User Flag (10 Marks), this will usually be in the
/home/<user>/user.txt - Root Flag (20 Marks), this will be in
/root/root.txt - Brief writeup (10 Marks)
Overall Marking Scheme
| Topic | Marks |
|---|---|
| Machine 1 | 30 |
| Machine 2 | 30 |
| Machine 3 (Overflows) | 40 |
Suggested Report Structure
The recommended structure for the report is
- Introduction
- Machine 1 Description
- Machine 2 Description
- Machine 3 Description
- Summary
- References
Marking Matrix
| Grade | Mark | Description |
|---|---|---|
| No submission | 0 | No work submitted |
| Fail | 0-25 | Clear failure demonstrating little understanding of relevant theories, concepts and issues. Minimal evidence of research and use of established methodologies and incomplete knowledge of the area. Serious and fundamental errors and aspects missing. No evidence of research. |
| Near Fail | 25-39 | Very limited understanding of relevant theories, concepts and. Little evidence of research and use of established methodologies. Some relevant material will be present. Deficiencies evident in analysis. Fundamental errors and some misunderstanding likely to be present. |
| Pass | 40-49 | Meets the learning outcomes with a basic understanding of relevant theories, concepts and issues.. Demonstrates an understanding of knowledge and subject-specific theories sufficient to deal with concepts. Assessment may be incomplete and with some errors. Research scope sufficient to evidence use of some established methodologies. Some irrelevant material likely to be present |
| 2:2 | 50-59 | Good understanding of relevant theories, concepts and issues with some critical analysis. Research undertaken accurately using established methodologies, enquiry beyond that recommended may be present. Some errors may be present and some inclusion of irrelevant material. Good understanding, with evidence of breadth and depth, of knowledge and subject-specific theories with indications of originality and autonomy |
| 2:1 | 60-69 | Very good work demonstrating strong understanding of theories, concepts and issues with clear critical analysis. Thorough research, using established methodologies accurately, beyond the recommended minimum with little, if any, irrelevant material present. Very good understanding, evidencing breadth and depth, of knowledge and subject-specific theories with some originality and autonomy. |
| First | 70-79 | Excellent work with clear evidence of understanding, creativity and critical/analytical skills. Thorough research well beyond the minimum recommended using methodologies beyond the usual range. Excellent understanding of knowledge and subject-specific theories with evidence of considerable originality and autonomy. |
| Outstanding | 80-90 | Outstanding work with high degree of understanding, creativity and critical/analytical skills. Outstanding understanding of knowledge and subject-specific theories. Evidence of outstanding research well beyond minimum recommended using a range of methodologies. Demonstrates creative flair, originality and autonomy. |
| Exceptional | 90-100 | Exceptional work with very high degree of understanding, creativity and critical/analytic skills. Evidence of exceptional research well beyond minimum recommended using a range of methodologies. . Exceptional understanding of knowledge and subject-specific theories. Demonstrates creative flair, a high degree of originality and autonomy. |