Anyone interested in the 'Own the box' challenge this year??

HAL:cool:

i'll bring back my two contenders from last time. maybe i'll make a few updates to the "stronger" of the two boxes, but i'll keep the "weak" target the same.

You guys RAWK!

I promise it will be on like Donkey Kong next year as well.

I have alot of ideas about what to do to up the stakes next year.

AWESOME AS FUCK to see interest this early!!!!!1111!!!

See you guys at DC00010000. :biggrin:

People who are interested, send me PMs and I'll get some email traffic going.

Thoughts / ridicule / ideas / plotting / bomb threats welcomed in this thread.

Okay, sounds good, sounds like there will be a good day on the battlefield, er, sorry, 'network'. I'm forming a team right now, preliminarily named 'The Masters of TAO'.

One thought - individual boxes, or would it be of interest to make a make a general network 'lan'dscape resembling an electronic 'ninja warrior' show? i.e., put a somewhat 'interesting' network topology around the boxen?

With respect to the entries, same service list as last year? - i.e., a couple exposed daemons available for interaction, and that have some sort of authentication routine?

Would appreciate the ground rules early, so design and implementation can be done well over spring.

Looking forward to the games.

Best, HAL

Thoughts / ridicule / ideas / plotting / bomb threats welcomed in this thread.my main suggestion would be to keep that large chart showing the machines, connections, etc... but any tweaking that can make it a bit more manageable and viewable would be great.

perhaps in addition to the massive "connected lines" model there could be some simple pie or bar charts showing which machine is getting the most traffic. maybe just a nice table listing columns like "IP, machine name, O/S or other details, submitter, status (ok, owned, bricked)"

hehe, anyone else thinking of...

http://imgs.xkcd.com/comics/network.png

D.O.,

Very funny comic, true to life; wrt the net, agree 100%. Big wall chart, and maybe some realtime visual traffic analysis might be fun to through up on a screen based upon captured traffic... Like silentrunner display or something more modern, to see who's boxes are taking hits, progress, etc. A WUG display of red/yellow/green 'owned, under fire', running fine' display might be fun for contestants... Who knows, maybe the laughing man will show up.

HAL:biggrin:

Okay,

Just a note. It's official, the 'Masters of TAO' will be getting together. MadMatt, Wondyrw00man, and Racer-X are in. Yes, the 'gang of four' is back; it'll be a 'roc around the clock session', from the mids crew..... on defense this time....

One new item. Racer X wants to put out that he had the 'cyber-persona' long before anyone thought of making another Speed Racer episode, and predicts the upcoming issuance will be a cheesy 'reimagining' by west coast wanabees in the movie industry. Please don't tease him at the con, or do, if you like... it's all good until you find other people rkits on your box...

Anyone else coming along with an entry? And are we going to put out any ground rules or minimum set of services to have to stand up on each entry?

Best, HAL

p.s - for you all in the trade.. 'don't mess with Happy Fun Ball'... otherwise you'll invoke Pinhead.....

Skoot (and whomever else is running the event),

Can we get a list agreed upon or started concerning what exactly the services / ports/ protocols / apps etc that might be desired to be stood up are on a per entry basis?

If you'd like to have something more than just a kiddie show, folks need to do some 6P for the con and a slight touch of programming. If you really want 2501 quality.

Something ranked by a nominal value scale of desirability, and the ground values for the network would be nice (where general services are and what is / is not available).

Like to get that prior to June, if possible.

TIA, H

Ok well I would really like to be a part of this contest. I talked it over with the DC group that i belong to last month. I think that dc719 is going to join in on the fun. I have two box's to donate to the cause. :evil:

Okay. I feel you.

I am still working out what to do this year. It seems like there is still a good level of interest so I guess we will keep it going.

I don't know if I really care if it's a "kiddie show" or not. Frankly last year we had a ton of interesting folks doing some crazy things and everyone had a lot of fun. That's all that's really important to me. There are varying levels of CTF-type events already between oCTF and CTF so the serious stuff is pretty well covered as far as I'm concerned.

I do agree though that I'd like to up the stakes and give something that takes some work. I want to make a high bar for defenders so folks will continue to dream up interesting defenses and make things a pain in the ass for attackers.

I will post a thread and a poll and some thoughts on where we should go in just a bit.



Skoot (and whomever else is running the event),

Can we get a list agreed upon or started concerning what exactly the services / ports/ protocols / apps etc that might be desired to be stood up are on a per entry basis?

If you'd like to have something more than just a kiddie show, folks need to do some 6P for the con and a slight touch of programming. If you really want 2501 quality.

Something ranked by a nominal value scale of desirability, and the ground values for the network would be nice (where general services are and what is / is not available).

Like to get that prior to June, if possible.

TIA, H

Okay. I feel you.

I am still working out what to do this year. It seems like there is still a good level of interest so I guess we will keep it going.

I don't know if I really care if it's a "kiddie show" or not. Frankly last year we had a ton of interesting folks doing some crazy things and everyone had a lot of fun. That's all that's really important to me. There are varying levels of CTF-type events already between oCTF and CTF so the serious stuff is pretty well covered as far as I'm concerned.

I do agree though that I'd like to up the stakes and give something that takes some work. I want to make a high bar for defenders so folks will continue to dream up interesting defenses and make things a pain in the ass for attackers.

I will post a thread and a poll and some thoughts on where we should go in just a bit.

The sooner the better, just picked up the case for my entry today and need lead time to get the boards designed and manufactured. Everything is dependent on the rule set and I can't start designing until I know what the details are. Please keep in mind that I need more than a few weeks to build this thing from scratch. Like I probably needed to start last month.

Also:

What is the general feel of the contest? How do you manage the competition? Does the machine need to report any status to the judges, etc? I don't wanna put all this work into a machine that breaks the rules.