|
|
(29 intermediate revisions by 24 users not shown) |
Line 1: |
Line 1: |
− | A team of hackers (known as "0ld Eur0pe"), mainly consisting of the [[Summerschool Aachen 2004]], members of the [[Chaos Computer Club Cologne]] and some students of the RWTH[http://www.rwth-aachen.de], participated in the UCSB Capture The Flag 2004 game and were quite successful (see the scoreboard[http://kurosawa.cs.ucsb.edu/cgi-bin/scoreboard.py], second line).
| |
− |
| |
− | This page serves as a whiteboard to document the setup we used this year and to collect ideas about what we can do better next time.
| |
− |
| |
| == Setup == | | == Setup == |
| [[Image:NetworkSetup.jpg|Image:NetworkSetup.jpg|Network Setup]] | | [[Image:NetworkSetup.jpg|Image:NetworkSetup.jpg|Network Setup]] |
| | | |
− | == What To Do Better ==
| + | The image is missing our loghost, which we added later with a hub in front of styx. |
− | === General ===
| |
− | * don't put such a strong focus on host and network security again, this game was about application security ...
| |
− | * use some means of internal communication (wiki?)
| |
− | * split teams into research/abuse instead of attack/defense (?)
| |
− | Research would read code, produce new exploit and fix bugs.
| |
− | Abuse would automate and use exploits.
| |
− | | |
− | === VMWare Game Image Security ===
| |
− | Check for
| |
− | * ssh pubkeys
| |
− | * sshd configuration:
| |
− | ** PubKeyAuthentication
| |
− | ** PermitRootLogin
| |
− | * nfs exports
| |
− | * user passwords
| |
− | ** PHP Safe Mode?
| |
| | | |
− | == Pics! ==
| + | [[Category:Events]] |
Latest revision as of 01:03, 17 June 2006
Setup
The image is missing our loghost, which we added later with a hub in front of styx.