Dailydave mailing list archives
RE: Dreaming of Summer
From: The Dark Tangent <dtangent () defcon org>
Date: Mon, 08 Dec 2003 05:50:51 -0800
Ah,The eternal debate on how to run a CTF contest in less than three days that really gives people of different skills a chance to compete, while still having time to see their friends. If you bias it to teams too much, you shut out single people, and vice versa. Unless the boxes are pretty stock, it takes less time to lock down the machine than to craft a new or novel attack. In the short term the defenders seem to have an advantage. In the long term I think it shifts the other way. Unfortunately, the game is a short term deal.
Do you go with stock builds, or obscure vintage gear? Are there network secrets that each team is told, or does everyone start with the same information? Add in the physical dimension and it gets busy. Try to graph all the angles the planners have to cover, and you can see it becomes complex for a couple days of execution.
In the past we tried attack centric, then defense centric, then some bastard operators from hell thrown into the mix. In the end people seem to want something that is realistic and complex, and that takes five people months to set up. Since we didn't have that kind of focus or dedication, with all the other issues surrounding the show, we went with the Ghetto's offer to run CTF one year. They did a good job, and so they then did two. Now they will do three years. They seem to spend a fair bit of time thinking through the issues
Jeff At 04:10 PM 12/7/2003, ph00dy () hushmail com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey *, Sorry to chime in on this so late, but I've been too busy to read email as of late and couldn't resist on the reply. Ctf was a sysadmin contest. Not by design of the contest as much as the scoring. The scoring focus was on uptime instead of roottime(tm). Look at the results. Anyone who was there will remember ceasar talking about how "sharkbait" had owned * many times over and had thier flags all over everyone, but somehow they got 3rd because the other teams had better uptimes. It's the ghetto crew's deal so they can score it however they want (which was a mystery to everyone watching the board as it went up and down for no particular reason), but in my mind a contest of that nature should probably have more focus on who's owning who and for how long and less on if your mudd is up or not. Also... no disrespect to anyone but I'd also like to say that my perception of a "secured build" generally isn't one with sql injection vulns, bad passwords, vulnerable applications, trojained binaries, and configuration files with passwords sitting on the / of the webserver running on openbsd, but that is just me. All that being said it was still fun. ph00dy >Actually, that's very much what the game was like last year- They >gave >us >a relatively secured build with lots of insecure e-biz-type apps >running >on it. You got points for keeping them up for extended periods and >also >for >capturing and then keeping a service. > >The games have been fairly interesting the last two years. > >t > >-----Original Message----- >From: dailydave-bounces () lists immunitysec com >[mailto:dailydave-bounces () lists immunitysec com] On Behalf Of David >Maynor >Sent: Saturday, December 06, 2003 8:54 AM >To: Brass, Phil (ISS Atlanta) >Cc: dtangent () defcon org; dailydave () lists immunitysec com >Subject: RE: [Dailydave] Dreaming of Summer > > >On Sat, 2003-12-06 at 11:35, Brass, Phil (ISS Atlanta) wrote: >> Screw defense. You come in with whatever equipment you want. > The >host >> sets up a set of targets. You attack them. Maybe there's a duplicate >> set of targets, one for each team. Maybe there's just one set >(more >> chaotic, IMHO). You get points for taking control of target services >> and/or networks. >> >> That gets rid of the sysadmin aspect. >> >I like the aspect of holding the service after its owned. At this >point >you have to consider the switch vs. no switched network. If everybody >i >attacking the same machine, tcpdump caps are trivial meaning that >teams >could gain access just by copying other teams. > >I would be infavor of something like a themed contest. For instace >this >year we have a ecomm site running on a trusted OS. There is a series >of >points awarded for how far you get. This deep sixes competeing against >other teams and makes it more blackhat like, its your team vs the >target. >-- >David Maynor >http://www.0dayspray.com/~dave >_______________________________________________ >Dailydave mailing list >Dailydave () lists immunitysec com >http://www.immunitysec.com/mailman/listinfo/dailydave >_______________________________________________ >Dailydave mailing list >Dailydave () lists immunitysec com >http://www.immunitysec.com/mailman/listinfo/dailydave > > -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAj/TwiYACgkQI04fV6DUWemOtQCfaE1BX6aaoK3KMLW9MmwdufNMBOkA n1UWKQkjNbgSaFCKCR6YUPDbGKdp =WxB3 -----END PGP SIGNATURE-----
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- RE: Dreaming of Summer, (continued)
- RE: Dreaming of Summer Brass, Phil (ISS Atlanta) (Dec 06)
- RE: Dreaming of Summer David Maynor (Dec 06)
- Re: Dreaming of Summer Dave Aitel (Dec 06)
- Re: Dreaming of Summer David Maynor (Dec 06)
- RE: Dreaming of Summer David Maynor (Dec 06)
- RE: Dreaming of Summer Halvar Flake (Dec 09)
- RE: Dreaming of Summer David Maynor (Dec 07)
- RE: Dreaming of Summer Halvar Flake (Dec 09)
- RE: Dreaming of Summer David Maynor (Dec 07)
- RE: Dreaming of Summer Brass, Phil (ISS Atlanta) (Dec 06)
- RE: Dreaming of Summer The Dark Tangent (Dec 09)