Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Dreaming of Summer

From: David Maynor <dave () 0dayspray com>
Date: Sat, 06 Dec 2003 11:54:18 -0500
On Sat, 2003-12-06 at 11:35, Brass, Phil (ISS Atlanta) wrote:

Screw defense.  You come in with whatever equipment you want.  The host
sets up a set of targets.  You attack them.  Maybe there's a duplicate
set of targets, one for each team.  Maybe there's just one set (more
chaotic, IMHO).  You get points for taking control of target services
and/or networks.

That gets rid of the sysadmin aspect.


I like the aspect of holding the service after its owned. At this point
you have to consider the switch vs. no switched network. If everybody i
attacking the same machine, tcpdump caps are trivial meaning that teams
could gain access just by copying other teams.

I would be infavor of something like a themed contest. For instace this
year we have a ecomm site running on a trusted OS. There is a series of
points awarded for how far you get. This deep sixes competeing against
other teams and makes it more blackhat like, its your team vs the
target. 
-- 
David Maynor
http://www.0dayspray.com/~dave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: