Security Basics mailing list archives

Re: capture the flag (hacking games)

From: FocusHacks <focushacks () gmail com>
Date: Sat, 11 Feb 2006 06:42:16 -0600

As the last person in this thread pointed to Wikipedia, one of the
most popular CTF sessions is held yearly at the DEF CON security
convention in Las Vegas, NV.  Matter of fact, I think the phrase
"Capture The Flag" used in the context of a hacker's game may have
very well been mainstreamed because of DEF CON, if not actually born
of the first iterations of the annual convention.

That said, you can easily use DEF CON's CTF rules and apply them to
your own game on your own turf.  All it takes is 8 or more willing
participants with computers that they don't mind hauling somewhere,
some power strips, extension cords, network cables and an ethernet
switch.  You could even go all wireless if, for instance, your
participants had capable machines.

Ideally you want a group of people to be the sysadmins with a variety
of operating systems and services being offered on their servers. 
Then you want a group of attackers.

The sysadmins do their best to lock their servers down while keeping
public services useable.  The attackers do their best to thwart the
bastion hosts.

Read www.defcon.org to get the actual rules for their version of CTF. 
Or show up in Vegas!  I'll probably be there again this year.


On 2/9/06, Robert Bauer <rbauer () snowcompanies com> wrote:

This sounds like a lot of fun - does anyone know where these are being
held?  I'd love to attend.

Robert Bauer


List Spam wrote:

The particular rules of the game will be determined by the game
organizer, but typically, CTF games are just that - Obtain something
of value from an opponent.

They often times are single-target games wherein a number of
competitors will try to access/disable/misuse a central resource owned
and secured by the organizer.  Other times they are a "BYOT" (bring
your own target) game where you are charged with defending your
resources against an opponent(s).  There are also (my favorite, btw)
combination games wherein you must both actively attack your
opponents' resources and defend your own.

The whole point of these kind of games are to allow you to obtain new
defense methods, gain new contacts, and learn humility.  That being
said, they are often great fun as well.

Good luck and have fun!

RE

On 2/4/06, donita espinoza <the_d_student () yahoo com au> wrote:

Hi..

I heard about hacking competition games in my town,
and its about 'capture the flag'. I really new to this
stuff.

and the prize for the winner is accer laptop, i know
nothing about 'capture the flag', do anyone of you
mind to explain about this game ?

I think its a good event (with a good prize) so i have
a plan to join this event, and i hope i'll get good
advices from you all..


sorry for my english, thank you very much



nita


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------



---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------



--
http://www.FocusHacks.com - The Ford Focus Modification Site!

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

capture the flag (hacking games) donita espinoza (Feb 06)
- Re: capture the flag (hacking games) List Spam (Feb 06)
  - RE: capture the flag (hacking games) David Gillett (Feb 08)
  - Re: capture the flag (hacking games) Robert Bauer (Feb 10)
    - Re: capture the flag (hacking games) Harrison Holland (Feb 13)
    - Re: capture the flag (hacking games) List Spam (Feb 13)
    - Re: capture the flag (hacking games) Albert Gonzalez (Feb 13)
    - Re: capture the flag (hacking games) FocusHacks (Feb 13)
- Re: capture the flag (hacking games) unixadmin99 (Feb 07)
- <Possible follow-ups>
- Re: capture the flag (hacking games) pg_vlad (Feb 06)