|
-
May 21st, 2004, 02:25 PM
#1
AO Wargame Proposition
I think those wargame sites like hackthissite, and the like are good, but I they are more targeted at website hacking, and I don't feel they are very realistic. I think we should set up a different kind of wargame here at AO. It would be something like the following...
--------------------------------------------------------------------------------------------------------------------------------------------
Everybody signs up at the beginning of the round. They are then seperated into two teams, the attackers and the defenders. The attackers are assigned a goal like steal "sensative" (a file made specifically for this game), or take over a computer (maybe not this), etc (more can be added as the game expands). I guess each membe would need to list their IP and all that so it would be a war. There would have to be rules that you agree to like no destruction, no stealing stuff except what is required, no damaging the box, etc... I am not really good at this, but if someone could flush this out a little better I think it could kick a lot of ass and help people learn good security practices.
-Cheers-
-
May 21st, 2004, 02:32 PM
#2
I'm not a lawyer, but I'm pretty sure you'd need one after this would be over 
And if it's posted about on AntiOnline, JUPM could be held responsible...
-
May 22nd, 2004, 10:22 PM
#3
I'm thinking of setting up a wargame one of these days, and of course open it up for AO members. It is only a tentative plan for my GF's box... (I ain't using mine) ...
If I make a final decision, I'll post about it in... probably GCC. Registration will be required, if I find anyone spoofing IP's or any of that sneaky stuff, it's off.
I will post the logs afterwards, of course.
Real security doesn't come with an installer.
-
May 28th, 2004, 09:01 AM
#4
It's a pretty cool idea, but your just asking for trouble with this. There will always be someone that will ruin it for everyone.
-
May 28th, 2004, 10:59 AM
#5
Agreed The Duck..whats to say that some scrippe wont just come and ruin it?Moreover,like Negative said..get them lawyers ready lol..all in all,a great idea..just pretty difficult to implement..I suppose you'd have to allow only 'trusted' users on it for it to have any chance of working
-
May 28th, 2004, 01:09 PM
#6
The only way I see this working out is if everyone meets in person and they do it on a LAN. And using computer's that aren't yours... like the library's computers lol
-
May 30th, 2004, 01:08 AM
#7
Trust me. I can deal with skiddies.
And I'll probably require people to come to me for the IP.
Real security doesn't come with an installer.
-
May 30th, 2004, 02:58 PM
#8
Thats a damned good idea, reading the logs afterwards would be rather ammusing no doubt!
If someone is wiiling put a system online and give people permmision to try and gain access I shouldnt think there would be a legal case. As long as they are prepered for the obvious to happen to their system! 
Like you said you would just have to pm the IP to people you trust and hope someone dont start a " I bet you cant hack this" thread 
-
May 30th, 2004, 05:48 PM
#9
I like the idea. Apart from the legal aspects (i have no idea bout legality in that matter), it can be implemented easily. I would say there is no need for teams, and stuff like that if someone can dedicate a box for it. It would be enough to just put a box online, and let someone try to root it. Once someone has rooted it, he will change the root pass, and mail the new pass to the owner of the box. Every time a box has been rooted, you can set it up again with a different OS, different security implementations. Like, start of easily, with a simple default RH install, without any extra security. Then after its been cracked, set it up again, and patch it, setup security, etc... Once thats been comleted, go for another OS. I would say the only 2 rules that have to be watched out for is:
1 - NO DoS.
2 - Dont use it as a zombie.
Other wise anything is allowed, from reverse engineering, to brute force, to anything. In real life, there are NO rules, so that way it would be more realistic. Forget all those wargame sites where you have challenges, and all the java crap. In addition, make sure the target machine is not on any important network. Just a stand alone box.
Other suggestions????
Cheers.
/edit/addon
In addition, extra credits can be added if the attacker manages to hide his tracks
Ubuntu-: Means in African : "Im too dumb to use Slackware"
-
May 30th, 2004, 08:33 PM
#10
it sure would be a lot more realistic!
I have a box i dont mind putting online if no one else wants to.
However does manage to root it can post how they did it, and we could all learn something!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
