DOCSLIB.ORG

Nessus Plugin Family

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Nessus Plugin Family SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 ITS DEPT Nessus Plugin Family March 5, 2012 at 6:15pm CST [third] Confidential: The following report contains confidential information. Do not distribute, email, fax, or transfer via any electronic mechanism unless it has been approved by the recipient company's security policy. All copies and backups of this document should be saved on protected storage at all times. Do not share any of the information contained within this report with anyone unless they are authorized to view the information. Violating any of the previous instructions is grounds for termination. Nessus Plugin Family SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 Table of Contents Plugin Family Summary ...............................................................................................................1 AIX Local Security Checks .......................................................................................................3 Backdoors .....................................................................................................................................................4 CentOS Local Security Checks ...........................................................................................6 CGI abuses .................................................................................................................................................. 7 CGI abuses : XSS ................................................................................................................................ 9 CISCO ............................................................................................................................................................. 11 Databases .................................................................................................................................................. 13 Debian Local Security Checks ......................................................................................... 15 Default Unix Accounts ............................................................................................................... 17 Denial of Service ...............................................................................................................................19 DNS ....................................................................................................................................................................21 Fedora Local Security Checks ......................................................................................... 23 Firewalls .......................................................................................................................................................24 FreeBSD Local Security Checks .................................................................................... 26 FTP .....................................................................................................................................................................28 Gain a shell remotely .................................................................................................................. 30 Table of Contents Tenable Network Security i Nessus Plugin Family SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 General ..........................................................................................................................................................32 Gentoo Local Security Checks ........................................................................................ 33 HP-UX Local Security Checks ...........................................................................................35 Junos Local Security Checks ............................................................................................37 MacOS X Local Security Checks ................................................................................... 39 Mandriva Local Security Checks ................................................................................... 41 Misc. ................................................................................................................................................................. 42 Netware .........................................................................................................................................................44 N/A ......................................................................................................................................................................45 Peer-To-Peer File Sharing ...................................................................................................... 47 Policy Compliance .......................................................................................................................... 49 Port scanners ........................................................................................................................................50 Red Hat Local Security Checks ...................................................................................... 51 RPC ....................................................................................................................................................................52 SCADA ........................................................................................................................................................... 54 Service detection .............................................................................................................................. 56 Settings .........................................................................................................................................................57 Slackware Local Security Checks ................................................................................ 58 SMTP problems .................................................................................................................................. 59 Table of Contents Tenable Network Security ii Nessus Plugin Family SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 SNMP ...............................................................................................................................................................61 Solaris Local Security Checks ......................................................................................... 63 SuSE Local Security Checks ..............................................................................................64 Ubuntu Local Security Checks ........................................................................................ 66 VMware ESX Local Security Checks ......................................................................... 68 Web Servers ........................................................................................................................................... 70 Windows ...................................................................................................................................................... 72 Windows : Microsoft Bulletins ..........................................................................................74 Windows : User management ............................................................................................76 Table of Contents Tenable Network Security iii Nessus Plugin Family SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 Plugin Family Summary Plugin Family Severity Counts Family Score Total Low Med. High Crit. Windows 168870 34468 18276 1618 14574 0 General 19085 15318 13774 1447 97 0 Port scanners 14172 14172 14172 0 0 0 Service detection 9890 7619 7166 258 195 0 Windows : User management 5430 5041 4941 73 27 0 N/A 14047 5037 4004 41 992 0 Windows : Microsoft Bulletins 34624 4426 471 771 3184 0 Settings 3143 3143 3143 0 0 0 Web Servers 8732 2839 1926 332 581 0 Misc. 7413 2496 1700 321 475 0 Red Hat Local Security Checks 11848 1810 347 447 1016 0 RPC 3495 1461 990 315 156 0 DNS 5320 1168 345 465 358 0 CISCO 7351 1071 101 350 620 0 FTP 5650 1033 317 261 455 0 CGI abuses : XSS 2815 1021 173 834 14 0 CentOS Local Security Checks 6121 1009 441 0 568 0 Solaris Local Security Checks 9960 996 0 0 996 0 Backdoors 8864 983 56 66 861 0 Denial of Service 6094 969 34 470 465 0 Gain a shell remotely 6764 948 14 370 564 0 VMware ESX Local Security 7740 921 0 210 711 0 Checks Firewalls 4595 913 381 158 374 0 SuSE Local Security Checks 4381 904 485 42 377 0 Default Unix Accounts 9000 900 0 0 900 0 Peer-To-Peer File Sharing 4037 895 409 176 310 0 SNMP 3319 895 565 78 252 0 FreeBSD Local Security Checks 4512 890 479 11 400 0 SMTP problems 5170 874 196 258 420 0 Ubuntu Local Security Checks 4695 865 413 34 418 0 Databases 4422 865 399 91 375 0 Slackware Local Security Checks 5220 861 183 249 429 0 AIX Local Security Checks 8580 858 0 0 858 0 CGI abuses 4928 857 400 6 451 0 Debian Local Security Checks 4012 835 482 0 353 0 HP-UX Local Security Checks 5342 831 0 424 407 0 Plugin Family Summary Tenable Network Security 1 Nessus Plugin Family SecurityCenter 4 TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012 Family Score Total Low Med. High Crit. MacOS X Local Security Checks 4776 814 219 199 396 0 Gentoo Local Security Checks 4683 777 343 0 434 0 Fedora Local Security Checks 3149 726 386 91 249 0 Mandriva Local Security Checks 3973 706 343 0 363 0 Junos Local Security Checks 2386 468 90 212 166 0 SCADA 2343 434 134 113 187 0 Netware 1780 367 21 243
Load more

Recommended publications
  • DETECTING BOTS in INTERNET CHAT by SRITI KUMAR Under The
    DETECTING BOTS IN INTERNET CHAT by SRITI KUMAR (Under the Direction of Kang Li) ABSTRACT Internet chat is a real-time communication tool that allows on-line users to communicate via text in virtual spaces, called chat rooms or channels. The abuse of Internet chat by bots also known as chat bots/chatterbots poses a serious threat to the users and quality of service. Chat bots target popular chat networks to distribute spam and malware. We first collect data from a large commercial chat network and then conduct a series of analysis. While analyzing the data, different patterns were detected which represented different bot behaviors. Based on the analysis on the dataset, we proposed a classification system with three main components (1) content- based classifiers (2) machine learning classifier (3) communicator. All three components of the system complement each other in detecting bots. Evaluation of the system has shown some measured success in detecting bots in both log-based dataset and in live chat rooms. INDEX WORDS: Yahoo! Chat room, Chat Bots, ChatterBots, SPAM, YMSG DETECTING BOTS IN INTERNET CHAT by SRITI KUMAR B.E., Visveswariah Technological University, India, 2006 A Thesis Submitted to the Graduate Faculty of The University of Georgia in Partial Fulfillment of the Requirements for the Degree MASTER OF SCIENCE ATHENS, GEORGIA 2010 © 2010 Sriti Kumar All Rights Reserved DETECTING BOTS IN INTERNET CHAT by SRITI KUMAR Major Professor: Kang Li Committee: Lakshmish Ramaxwamy Prashant Doshi Electronic Version Approved: Maureen Grasso Dean of the Graduate School The University of Georgia December 2010 DEDICATION I would like to dedicate my work to my mother to be patient with me, my father for never questioning me, my brother for his constant guidance and above all for their unconditional love.
    [Show full text]
  • Oldschool E-Mail Setup Eine Freakshow
    Oldschool E-mail Setup Eine Freakshow [email protected] Chemnitzer Linuxtage, 2016 (Screenshot GMX vor >15 Jahren: Waybackmachine zu www.gmx.net) (Screenshot GMX heute) (Screenshot Gmail heute) Lösungen? ● Claws ● Mutt ● Eudora ● Netscape Navigator ● Evolution ● Opera M2 ● GMX ● Outlook ● Gnus ● SquirrelMail ● Hotmail ● The Bat! ● Hushmail ● Thunderbird ● KMail ● … Flußgrafik Email Netz MTA MRA MDA MUA MSA MTA Netz Hipster! ● KISS ● YAGNI ● DRY ● NIH ● Divide And Conquer ● Everything is a file ● No vendor lock-in ● Mißtraue Autoritäten – fördere Dezentralisierung Netz Netz Emails Client, den ich Remote verwenden kann Leicht erweiterbar Emails lokal Filter Offenes Format Adressen Netz Netz Abholen Transportformat? Pull Subject 1 Email = 1 File Keine Spuren X-List-ID Mit Hierarchien am Server Beliebige Einfaches Suchen Header Verlässliches Suchen Verarbeitung mit Unix Tools Client, den ich Remote verwenden kann Leicht erweiterbar Emails lokal Filter Offenes Format Adressen Netz Netz Abholen Transportformat? Pull Subject 1 Email = 1 File Keine Spuren X-List-ID Mit Hierarchien am Server Beliebige Einfaches Suchen Header Verlässliches Suchen Verarbeitung mit Unix Tools mbox Maildir mh Client, den ich Remote verwenden kann Leicht erweiterbar Emails lokal Filter Offenes Format Adressen Netz Netz Abholen Transportformat? Pull Subject 1 Email = 1 File Keine Spuren X-List-ID Mit Hierarchien am Server Beliebige Einfaches Suchen Header Verlässliches Suchen Verarbeitung mit Unix Tools mbox Maildir mh tmp 1439306571.1269_0.elvis ~/Post/Technik/Wikitech new 1448267819.5940_0.spencer ... 1457079728.2000_0.spencer:2, cur 1456839383.9873_0.nepomuk:2,SR 1457166567.23654_0.spencer:2,S ... Client, den ich Remote verwenden kann Leicht erweiterbar Filter Adressen Netz Netz Abholen Pull Subject Maildir Keine Spuren X-List-ID am Server Beliebige Header Client, den ich Remote verwenden kann Leicht erweiterbar Filter Adressen Netz Netz Abholen Pull Subject Maildir Keine Spuren X-List-ID am Server Beliebige Header fetchmail getmail mpop ..
    [Show full text]
  • Resurrect Your Old PC
    Resurrect your old PCs Resurrect your old PC Nostalgic for your old beige boxes? Don’t let them gather dust! Proprietary OSes force users to upgrade hardware much sooner than necessary: Neil Bothwick highlights some great ways to make your pensioned-off PCs earn their keep. ardware performance is constantly improving, and it is only natural to want the best, so we upgrade our H system from time to time and leave the old ones behind, considering them obsolete. But you don’t usually need the latest and greatest, it was only a few years ago that people were running perfectly usable systems on 500MHz CPUs and drooling over the prospect that a 1GHz CPU might actually be available quite soon. I can imagine someone writing a similar article, ten years from now, about what to do with that slow, old 4GHz eight-core system that is now gathering dust. That’s what we aim to do here, show you how you can put that old hardware to good use instead of consigning it to the scrapheap. So what are we talking about when we say older computers? The sort of spec that was popular around the turn of the century. OK, while that may be true, it does make it seem like we are talking about really old hardware. A typical entry-level machine from six or seven years ago would have had something like an 800MHz processor, Pentium 3 or similar, 128MB of RAM and a 20- 30GB hard disk. The test rig used for testing most of the software we will discuss is actually slightly lower spec, it has a 700MHz Celeron processor, because that’s what I found in the pile of computer gear I never throw away in my loft, right next to my faithful old – but non-functioning – Amiga 4000.
    [Show full text]
  • Design Document
    SPEC OSG Mailserver Subcommittee SPECmail2009 Benchmark Architecture White Paper Revision: v1.0 Date: 22 December 2008 Copyright © 2001-2009 Standard Performance Evaluation Corporation. All Rights Reserved. 1. Introduction 1.1 Overview SPECmail2009 is a software benchmark designed to measure a system's ability to act as an enterprise mail server servicing email requests, based on the Internet standard protocols SMTP and IMAP4. The benchmark concentrates on the workload encountered by corporate mail servers, with an overall user count in the range of 150 to 10,000 (or more) users. It models IMAP business users accessing IMAP servers over fast local area networks (LAN) instead of broadband, WAN or dialup access speeds. Two separate metrics measure e-mail servers with and without secure network connections (SSL). SPECmail2009 has been developed by the Standard Performance Evaluation Corporation (SPEC), a non-profit group of computer vendors, system integrators, universities, research organizations, publishers, and consultants. This paper discusses the benchmark principles and architecture, and the rationale behind the key design decisions. It also outlines the workload used in the benchmark, and the general steps needed to run a benchmark. However those aspects are covered in more detail in other documents. 1.2 Organization of this Paper Chapter 2 discusses the basic goals and non-goals of the benchmark. Chapter 3 introduces the two performance metrics for SPECmail2009 – IMAP sessions per hour - and how it relates to the transaction mix imposed on the system under test.. Chapter 4 explains the benchmark workload - how it was derived, how it translates into configuration parameters for the benchmark tool and size calculations for planning a benchmark, and how it relates to the benchmark metric.
    [Show full text]
  • SMTP (Simple Mail Transfer Protocol)
    P1: JsY JWBS001A-60.tex WL041/Bidgoli WL041-Bidgoli.cls May 12, 2005 3:27 Char Count= 0 SMTP (Simple Mail Transfer Protocol) Vladimir V. Riabov, Rivier College Introduction 1 SMTP Security Issues 12 SMTP Fundamentals 1 SMTP Vulnerabilities 12 SMTP Model and Protocol 2 SMTP Server Buffer Overflow Vulnerability 15 User Agent 4 Mail Relaying SMTP Vulnerability 15 Sending e-Mail 4 Mail Relaying SMTP Vulnerability in Microsoft Mail Header Format 4 Windows 2000 15 Receiving e-Mail 4 Encapsulated SMTP Address Vulnerability 15 The SMTP Destination Address 4 Malformed Request Denial of Service 16 Delayed Delivery 4 Extended Verb Request Handling Flaw 16 Aliases 5 Reverse DNS Response Buffer Overflow 16 Mail Transfer Agent 5 Firewall SMTP Filtering Vulnerability 16 SMTP Mail Transaction Flow 5 Spoofing 16 SMTP Commands 6 Bounce Attack 16 Mail Service Types 6 Restricting Access to an Outgoing Mail SMTP Service Extensions 8 Server 17 SMTP Responses 8 Mail Encryption 17 SMTP Server 8 Bastille Hardening System 17 On-Demand Mail Relay 8 POP and IMAP Vulnerabilities 17 Multipurpose Internet Mail Extensions Standards, Organizations, and (MIME) 8 Associations 18 MIME-Version 10 Internet Assigned Numbers Authority 18 Content-Type 10 Internet Engineering Task Force Working Content-Transfer-Encoding 10 Groups 18 Content-Id 11 Internet Mail Consortium 18 Content-Description 11 Mitre Corporation 18 Security Scheme for MIME 11 Conclusion 18 Mail Transmission Types 11 Glossary 18 Mail Access Modes 11 Cross References 19 Mail Access Protocols 11 References 19 POP3 11 Further Reading 22 IMAP4 12 INTRODUCTION and IMAP4), SMTP software, vulnerability and security issues, standards, associations, and organizations.
    [Show full text]
  • System Node Reference
    IceWarp Unified Communications System Node Reference Version 10.4 Print ed on 10 December, 2012 Contents System Node 1 Services .......................................................................................................................................................................... 2 Service Ports ...................................................................................................................................................... 2 General .............................................................................................................................................................. 4 Service – Properties ............................................................................................................................... 7 Service – Logging ................................................................................................................................... 9 Service – Access ................................................................................................................................... 10 Service – Other .................................................................................................................................... 11 SOCKS and Minger Server .................................................................................................................... 12 SOCKS .................................................................................................................................................. 12 Minger Server .....................................................................................................................................
    [Show full text]
  • Groupwise Mobility Quick Start for Microsoft Outlook Users
    GroupWise Mobility Quick Start for Microsoft Outlook Users August 2016 GroupWise Mobility Service 2014 R2 allows the Microsoft Outlook client for Windows to run against a GroupWise backend via Microsoft ActiveSync 14.1 protocol. This document helps you set up your Outlook client to access your GroupWise account and provides known limitations you should be aware of while using Outlook against GroupWise. Supported Microsoft Outlook Clients CREATING THE GROUPWISE PROFILE MANUALLY Microsoft Outlook 2013 or 21016 for Windows 1 On the machine, open Control Panel > User Accounts and Family Safety. Microsoft Outlook Mobile App Adding a GroupWise Account to the Microsoft Outlook Client You must configure the Microsoft Outlook client in order to access your GroupWise account. The following instructions assume that the Outlook client is already installed on your machine. You can use the GroupWise Profile Setup utility to set the profile up automatically or you can manually create the GroupWise profile for Outlook. Using the GroupWise Profile Setup Utility Creating the GroupWise Profile Manually 2 Click Mail. 3 (Conditional) If a Mail Setup dialog box is displayed, USING THE GROUPWISE PROFILE SETUP UTILITY click Show Profiles to display the Mail dialog box. You must first obtain a copy of the GWProfileSetup.zip from If GroupWise is installed on the machine, the Profiles your system administrator before following the steps below list includes a GroupWise profile, as shown in the to create the profile on your workstation. following screenshot. You need to keep this profile and create a new profile. 1 Extract the GWProfileSetup.zip to a temporary location on your workstation.
    [Show full text]
  • AXIGEN Mail Server™ Has Been Designed to Enable Businesses to Cut Costs Without Cutting Corners
    Combating the increasing cost of email Why you should read this white paper Businesses usually adopt a commonsense approach when it comes to spending the IT budget with cost being a major influencer in purchasing decisions. However, when it comes to choosing a mail server, many businesses seem to pay less attention to the costs and, as a result, end up spending far more money than is necessary. This white paper will explain how businesses can significantly reduce the costs of their email communication while continuing to provide users with a best-in-class messaging and collaboration solution. White paper Introduction Today, email is absolutely mission-critical. Communication and collaboration keep your business running. Email and electronically enabled collaboration have become so embedded in normal day-to-day operations that many businesses simply could not function without them. These services enable everything from productivity enhancing collaboration between employees to external communications with customers and business partners and demand 24x7 availability. Many businesses, however, have found that the cost of providing employees with the latest in messaging and collaboration technology is rapidly escalating. To meet modern business needs, mail servers have had to become more complex – and with that additional complexity come additional management burdens and costs. Furthermore, some mail servers have an upgrade process that is both extremely complex and extremely costly and which may necessitate the purchase of replacement server hardware. Combined, these factors place a considerable drain on corporate resources. The problem is especially severe for small and medium sized businesses (SMBs) which usually do not have access to the same financial or technical resources as large enterprises.
    [Show full text]
  • March/April 2006
    The newsletter for IPFW computer users Information Technology Services March-April 2006 By Joseph McCormick Manager of Client Support his spring, most Indiana counties T will observe Daylight Savings Time Data Security and Your Workstation (DST) for the first time since 1970. In 2006, DST begins at 2 a.m. on the first Sunday in April (April 2) and ends at 2 option involves a reboot which With recent security incidents at a.m. on the last Sunday in October refreshes your workstation, and the (October 29). other campuses and businesses, it has next time you log in to the network, become imperative that we all take Because of modifications to the Trend OfficeScan antivirus steps to protect data accessed through GroupWise, to accommodate the software installed on your Windows our computers. Precautions should change to Daylight Savings Time, your workstation automatically updates. also be taken to protect data stored on calendar items scheduled between April Keep your workstation up-to- any portable devices such as laptops, 2 at 2:00 a.m. and October 29 at 2:00 date with vendor patches and virus disks or flash drives. Here are a few a.m. are now showing up an hour later protection by activating updates key steps that we can all do quickly to than originally scheduled. Unfortunately, promptly when you are signaled that increase security significantly. this problem was unavoidable as we they are ready. Windows XP/2000 adjusted the system to recognize Daylight users: when you see the “msg”. at the Savings time. bottom of your tool bar that says you Your cooperation is key to The only way to correct this have new updates, please click on the providing overall campus problem is to manually change your button and add your updates.
    [Show full text]
  • Toward an Automated Vulnerability Comparison of Open Source IMAP Servers Chaos Golubitsky – Carnegie Mellon University
    Toward an Automated Vulnerability Comparison of Open Source IMAP Servers Chaos Golubitsky – Carnegie Mellon University ABSTRACT The attack surface concept provides a means of discussing the susceptibility of software to as-yet-unknown attacks. A system’s attack surface encompasses the methods the system makes available to an attacker, and the system resources which can be used to further an attack. A measurement of the size of the attack surface could be used to compare the security of multiple systems which perform the same function. The Internet Message Access Protocol (IMAP) has been in existence for over a decade. Relative to HTTP or SMTP, IMAP is a niche protocol, but IMAP servers are widely deployed nonetheless. There are three popular open source UNIX IMAP servers – UW-IMAP, Cyrus, and Courier-IMAP – and there has not been a formal security comparison between them. In this paper, I use attack surfaces to compare the relative security risks posed by these three products. I undertake this evaluation in service of two complementary goals: to provide an honest examination of the security postures and risks of the three servers, and to advance the study of attack surfaces by performing an automated attack surface measurement using a methodology based on counting entry and exit points in the code. Introduction Contributions and Roadmap System administrators frequently confront the The paper makes two major contributions. First, problem of selecting a software package to perform a I undertake an in-depth discussion of the relative secu- desired function. Many considerations affect this deci- rity postures of the three major open source IMAP sion, including functionality, ease of installation, soft- servers in use today.
    [Show full text]
  • OFELIA Bridge Setup
    Bridging Devices onto the OFELIA Testbed David R Newman December 10, 2013 1 Introduction The OFELIA testbed makes it possible to bridge devices onto slices created via an island's Expedient site. This document will provide instructions on how to bridge both Linux and Windows devices. OpenVPN is the best suited application for setting up an Ethernet bridge from a Linux virtual machine on the OFELIA testbed. It can be installed as a server package on most Linux distributions and as a client on most Linux and Windows distributions. OpenVPN's Linux instructions on how to do setup an Ethernet bridge using OpenVPN can be found at: http://openvpn.net/index.php/open-source/documentation/miscellaneous/76-ethernet-bridging.html This guide is an adaptation of these instructions for setting up an Ethernet bridge to an OFELIA island virtual machine. It assumes that you have already: 1. Created your own OFELIA account. 2. Connected to the OFELIA testbed network over VPN. 3. Created a project through an OFELIA island's Expedient website . 4. Added a slice to that project. 5. Created a couple of virtual machines on the OFELIA island's virtual machine servers. 6. Congured a owspace connecting together these virtual machines with one or more switches. Section 2 describes the project, test slice and owspace used as an exemplar in this guide. If you need help getting to a similar point follow the instructions at: https://alpha.fp7-ofelia.eu/doc/index.php/Working_with_the_OFELIA_Control_Framework Section 3 describes how to generate the server-side conguration for Ethernet bridging and section 4 how to generate the client-side conguration.
    [Show full text]
  • Attacker Chatbots for Randomised and Interactive Security Labs, Using Secgen and Ovirt
    Hackerbot: Attacker Chatbots for Randomised and Interactive Security Labs, Using SecGen and oVirt Z. Cliffe Schreuders, Thomas Shaw, Aimée Mac Muireadhaigh, Paul Staniforth, Leeds Beckett University Abstract challenges, rewarding correct solutions with flags. We deployed an oVirt infrastructure to host the VMs, and Capture the flag (CTF) has been applied with success in leveraged the SecGen framework [6] to generate lab cybersecurity education, and works particularly well sheets, provision VMs, and provide randomisation when learning offensive techniques. However, between students. defensive security and incident response do not always naturally fit the existing approaches to CTF. We present 2. Related Literature Hackerbot, a unique approach for teaching computer Capture the flag (CTF) is a type of cyber security game security: students interact with a malicious attacker which involves collecting flags by solving security chatbot, who challenges them to complete a variety of challenges. CTF events give professionals, students, security tasks, including defensive and investigatory and enthusiasts an opportunity to test their security challenges. Challenges are randomised using SecGen, skills in competition. CTFs emerged out of the and deployed onto an oVirt infrastructure. DEFCON hacker conference [7] and remain common Evaluation data included system performance, mixed activities at cybersecurity conferences and online [8]. methods questionnaires (including the Instructional Some events target students with the goal of Materials Motivation Survey (IMMS) and the System encouraging interest in the field: for example, PicoCTF Usability Scale (SUS)), and group interviews/focus is an annual high school competition [9], and CSAW groups. Results were encouraging, finding the approach CTF is an annual competition for students in Higher convenient, engaging, fun, and interactive; while Education (HE) [10].
    [Show full text]