Title: Introduction

Welcome to Capture The Flag.


What This Is
============

* A hacking contest
* A chance to experience the nature of cyber incident response
* An environment to safely experiment with offensive techniques


What This Is Not
================

* An arena for purely malicious attacks
* A rave


Rules
=====

Important Rules
---------------

* The contest network is 10.<i>x</i>.<i>x</i>.<i>x</i>.  **Do
  not attack machines outside the contest network**.  All
  federal, state, and school laws still apply to the outside
  network.
* If the "outside network" requires you to plug into a different
  switch, do not connect any machine that has been on the contest
  network.
* Consider this network hostile: your machine may be
  compromised.
* We expect you to be disruptive within the framework of the
  game (malicious code, network scanning, social engineering,
  etc.).  Disruptive behavior outside the game will result in a
  public and humiliating ejection from the contest area.
* No ARP attacks.  While cute, they are not particularly clever
  given our network topology, and would require expensive and
  bulky equipment to prevent.  Find something else to do.

Less-Important Rules
--------------------

* If IRC is up, you should use it to communicate with the
  contest staff.  Staff will have operator status in #ctf.
* If you think something is wrong with the game, you are
  expected to demonstrate the problem and explain what you think
  is the correct behavior.


Scoring
=======

The contest is made up of multiple categories.  Each category is worth
one point toward the total score; the percentage of the total points
held by your team is the percentage of one point your team has for that
category.  The team that has 30% of the points in each of five
categories has 1.5 points, whereas the team that has 80% of the points
in only one category has 0.8 points.  It is typically better to have a
few points in many categories, than many points in a few categories.

There are two kinds of categories: *flags* and *puzzles*.


Flags
-----

Flag categories are challenges with a notion of a *winner* or *service
availability*.  In these categories, the flag-holder (the winner, or
each team with a running service) makes 1 point per minute for as long
as they hold the flag.  If there is a single flag-holder, and the flag
changes hands, a point is awarded to the new winner at the moment the
flag moves.


Puzzles
-------

Most of the categories come in the form of multiple *puzzles*: for each
puzzle presented, a key (answer) must be found to recieve the amount of
points that puzzle is worth.  Any team may answer any puzzle question at
any time.  A new puzzle is revealed when a team correctly answers the
highest-valued puzzle in that category.


Hints
=====

If you are really stuck, you can ask for a hint.  It will cost you
points, though.  For puzzles, you will lose ¼ of the points for that
puzzle <em>even if you never solve the puzzle</em>.  For other events,
the staff member will decide how many points it will cost.  You can try
to bribe or otherwise fanagle information out of us or other
contestants.  *It's a hacking contest.*

About Us
========

We are the <a href="http://dirtbags.net/">dirtbags</a>.  People pay us
money to do the sorts of things you'll be doing in this contest.