AO Wargame Proposition
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: AO Wargame Proposition

  1. #1

    AO Wargame Proposition

    I think those wargame sites like hackthissite, and the like are good, but I they are more targeted at website hacking, and I don't feel they are very realistic. I think we should set up a different kind of wargame here at AO. It would be something like the following...

    --------------------------------------------------------------------------------------------------------------------------------------------
    Everybody signs up at the beginning of the round. They are then seperated into two teams, the attackers and the defenders. The attackers are assigned a goal like steal "sensative" (a file made specifically for this game), or take over a computer (maybe not this), etc (more can be added as the game expands). I guess each membe would need to list their IP and all that so it would be a war. There would have to be rules that you agree to like no destruction, no stealing stuff except what is required, no damaging the box, etc... I am not really good at this, but if someone could flush this out a little better I think it could kick a lot of ass and help people learn good security practices.

    -Cheers-

  2. #2
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    I'm not a lawyer, but I'm pretty sure you'd need one after this would be over
    And if it's posted about on AntiOnline, JUPM could be held responsible...

  3. #3
    @ΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,696
    I'm thinking of setting up a wargame one of these days, and of course open it up for AO members. It is only a tentative plan for my GF's box... (I ain't using mine) ...

    If I make a final decision, I'll post about it in... probably GCC. Registration will be required, if I find anyone spoofing IP's or any of that sneaky stuff, it's off.

    I will post the logs afterwards, of course.
    Real security doesn't come with an installer.

  4. #4
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,066
    It's a pretty cool idea, but your just asking for trouble with this. There will always be someone that will ruin it for everyone.
    I am the uber duck!!1
    Proxy Tools

  5. #5
    Senior Member therenegade's Avatar
    Join Date
    Apr 2003
    Posts
    400
    Agreed The Duck..whats to say that some scrippe wont just come and ruin it?Moreover,like Negative said..get them lawyers ready lol..all in all,a great idea..just pretty difficult to implement..I suppose you'd have to allow only 'trusted' users on it for it to have any chance of working

  6. #6
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,066
    The only way I see this working out is if everyone meets in person and they do it on a LAN. And using computer's that aren't yours... like the library's computers lol
    I am the uber duck!!1
    Proxy Tools

  7. #7
    @ΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,696
    Trust me. I can deal with skiddies.


    And I'll probably require people to come to me for the IP.
    Real security doesn't come with an installer.

  8. #8
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    Thats a damned good idea, reading the logs afterwards would be rather ammusing no doubt!

    If someone is wiiling put a system online and give people permmision to try and gain access I shouldnt think there would be a legal case. As long as they are prepered for the obvious to happen to their system!

    Like you said you would just have to pm the IP to people you trust and hope someone dont start a " I bet you cant hack this" thread
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  9. #9
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    I like the idea. Apart from the legal aspects (i have no idea bout legality in that matter), it can be implemented easily. I would say there is no need for teams, and stuff like that if someone can dedicate a box for it. It would be enough to just put a box online, and let someone try to root it. Once someone has rooted it, he will change the root pass, and mail the new pass to the owner of the box. Every time a box has been rooted, you can set it up again with a different OS, different security implementations. Like, start of easily, with a simple default RH install, without any extra security. Then after its been cracked, set it up again, and patch it, setup security, etc... Once thats been comleted, go for another OS. I would say the only 2 rules that have to be watched out for is:

    1 - NO DoS.
    2 - Dont use it as a zombie.

    Other wise anything is allowed, from reverse engineering, to brute force, to anything. In real life, there are NO rules, so that way it would be more realistic. Forget all those wargame sites where you have challenges, and all the java crap. In addition, make sure the target machine is not on any important network. Just a stand alone box.

    Other suggestions????

    Cheers.


    /edit/addon
    In addition, extra credits can be added if the attacker manages to hide his tracks
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

  10. #10
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    it sure would be a lot more realistic!
    I have a box i dont mind putting online if no one else wants to.

    However does manage to root it can post how they did it, and we could all learn something!
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •