# FIC forensic challenge validation server

This is a CTF server for distributing and validating exercices. It is design to
be robust, so it uses some uncommon technologies like client certificate for
authentication, cryptographic functions and DMZ network architecture.

## Development and testing

The easiest way to have a working server is to build a Docker container.

### Docker

First, build the container with the following command:
```
docker build -t fic2014 .
```

Then, run it with:
```
docker run -t -i -P fic2014
```
It will ask you for a passphrase, you must provide one with at least 4
characters. This key is used to generate the server certificate.

When you see:
```
root@xxxxxxxxxxxx:/var/www/fic2014-server/misc#
```
congratulations, the container is running!

Use `docker ps` to view to which local ports was assigned the contained
webserver.


## Production environnement

### Setup

#### Frontend

FIXME

#### Backend

FIXME


### History

#### FIC2014

Two machines were used : one for backend (Phobos) and one for frontend
(Deimos). They ran a GNU/Linux Gentoo Hardened with custom 3.2 kernel without
module loading, unused and unecessary components and with all GrSecurity
features activated.

Each machine was two network interfaces: one was used to permit to the backend
machine to connect to the frontend (over IPv6). The second interface on the
backend was used for administration purpose (with a laptop not connected to
Internet). The second interface on the frontend was used to provide network
connectivity to participants.