moth/mdwn/src/intro.mdwn

104 lines
3.3 KiB
Markdown

Title: Introduction
Welcome to Capture The Flag.
What This Is
============
* A hacking contest
* A chance to experience the nature of cyber incident response
* An environment to safely experiment with offensive techniques
What This Is Not
================
* An arena for purely malicious attacks
* A rave
Rules
=====
Important Rules
---------------
* The contest network is 10.<i>x</i>.<i>x</i>.<i>x</i>. **Do
not attack machines outside the contest network**. All
federal, state, and school laws still apply to the outside
network.
* If the "outside network" requires you to plug into a different
switch, do not connect any machine that has been on the contest
network.
* Consider this network hostile: your machine may be
compromised.
* We expect you to be disruptive within the framework of the
game (malicious code, network scanning, social engineering,
etc.). Disruptive behavior outside the game will result in a
public and humiliating ejection from the contest area.
* No ARP attacks. While cute, they are not particularly clever
given our network topology, and would require expensive and
bulky equipment to prevent. Find something else to do.
Less-Important Rules
--------------------
* If IRC is up, you should use it to communicate with the
contest staff. Staff will have operator status in #ctf.
* If you think something is wrong with the game, you are
expected to demonstrate the problem and explain what you think
is the correct behavior.
Scoring
=======
The contest is made up of multiple categories. Each category is worth
one point toward the total score; the percentage of the total points
held by your team is the percentage of one point your team has for that
category. The team that has 30% of the points in each of five
categories has 1.5 points, whereas the team that has 80% of the points
in only one category has 0.8 points. It is typically better to have a
few points in many categories, than many points in a few categories.
There are two kinds of categories: *flags* and *puzzles*.
Flags
-----
Flag categories are challenges with a notion of a *winner* or *service
availability*. In these categories, the flag-holder (the winner, or
each team with a running service) makes 1 point per minute for as long
as they hold the flag. If there is a single flag-holder, and the flag
changes hands, a point is awarded to the new winner at the moment the
flag moves.
Puzzles
-------
Most of the categories come in the form of multiple *puzzles*: for each
puzzle presented, a key (answer) must be found to recieve the amount of
points that puzzle is worth. Any team may answer any puzzle question at
any time. A new puzzle is revealed when a team correctly answers the
highest-valued puzzle in that category.
Hints
=====
If you are really stuck, you can ask for a hint. It will cost you
points, though. For puzzles, you will lose ¼ of the points for that
puzzle <em>even if you never solve the puzzle</em>. For other events,
the staff member will decide how many points it will cost. You can try
to bribe or otherwise fanagle information out of us or other
contestants. *It's a hacking contest.*
About Us
========
We are the <a href="http://dirtbags.net/">dirtbags</a>. People pay us
money to do the sorts of things you'll be doing in this contest.