PaulDotCom mailing list archives

Re: NetKotH: New game I'll be running at some cons

From: Adrian Crenshaw <irongeek () irongeek com>
Date: Thu, 7 Oct 2010 09:39:32 -0400

Exactly. :) That why I added that rule, so people could pull off tricks like
that.  Glad you spotted it.

Adrian

On Wed, Oct 6, 2010 at 7:24 PM, Dennis Lavrinenko <
dennis.lavrinenko () gmail com> wrote:

2. DoS and network routing/traffic attacks are allowed, even on the traffic
coming to and from contestants and the scoring box.

So, it would be possible to ARP poison the network and get points without
having to deface anything?

On Wed, Oct 6, 2010 at 9:50 AM, Adrian Crenshaw <irongeek () irongeek com>wrote:

I've been put in charge of the war game for the Louisville Infosec
tomorrow, and decide to try out my Network King of the Hill idea for the
first time. Below is my plan, please give me comments and suggestions. If
things go well with the trial run we will be playing it at Hack3rcon also.
Should make for easier to run hacker war games once I figure out the kinks.




*Network King of the Hill
(NetKotH)*

Adrian Crenshaw and Martin Bos are running a live hacking event on the top
floor. Go to the NetKotH area to register. The winner gets an iPod Touch.

Scoring:

1. The teams will be given IPs to web servers with vulnerabilities to
attack, their goal is to deface the front page on each. Expect there to be a
Linux and a Windows box, and maybe some surprises. J The IPs for this
game are:

10.0.0.1           Linux
10.0.0.2           Windows
10.0.0.3           Wildcard

Versions will be switching during the game.

2. Teams try to put up their own defacement, take down other people's
defacement, and lock down the box to keep others teams out. The teams name
must be in the <team></team> tag when they deface the site for the scoring
system to register it, but they can change the page however they like.

3. Once per minute (more or less) the scoring software will see who
currently owns the site, and score it.

4. Referees will work as a blue team to occasionally step in and change
things on the target IPs. Fix the defacement, patch, roll back changes,
switch Operating Systems, etc, just to even the playing field and make
things interesting.

Rules:

1. Only penetrate the hosts at the given IPs, not the scoring box
(10.0.0.99) or other contestant's boxes.

2. DoS and network routing/traffic attacks are allowed, even on the
traffic coming to and from contestants and the scoring box.

3. Stay on the NetKotH network while attacking.

4. Martin and Adrian may change other rules at will.

You may view the current scores by surfing to 10.0.0.99.


_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

NetKotH: New game I'll be running at some cons Adrian Crenshaw (Oct 06)
- Re: NetKotH: New game I'll be running at some cons Dennis Lavrinenko (Oct 07)
  - Re: NetKotH: New game I'll be running at some cons Adrian Crenshaw (Oct 07)
    - Message not available
    - Message not available
    - Re: NetKotH: New game I'll be running at some cons Adrian Crenshaw (Oct 10)
    - Re: NetKotH: New game I'll be running at some cons Kevin Shaw (Oct 10)