What is the Pros V Joes CTF?
This event is an opportunity for average users (Joes) to try their hand at both the offensive and defensive side of computer security. For the Pro’s, it’s a chance to hone and show off their skills, helping others to learn and better themselves.
It’s also a lot of fun.
For two days, players will attack and defend in live networks, breaking into each other’s systems to steal flags for fame and glory. Each team is provided with their own network that is full of servers and workstations to defend. All of this gear is housed in a dedicated and isolated network that we affectionately call the Gaming Grid. Players need only bring a laptop to connect to the environment with. (Laptops will not be in the line of fire).
For those who played last year, know that we’re in the process of overhauling and upgrading the Grid, the Scoreboard, and the Scoring Engine to feature some new surprises.
Most importantly, we now have a 100Mbps pipe for our VPN, so the speed and stability of players’ connections to the Grid will not be an issue!
You, the Pro’s, are pivotal for this event to be successful. We need your skills and experience, as well as your help to to train and tutor the Joe’s.
The schedule will be as follows:
Day 1, 1st quarter – prep
- Pro’s meet the Joe’s, give a short briefing of what to expect.
- Joe’s are divided into Blue teams of equal sizes, each team assigned 1 Pro to captain the team
- The remaining Pro’s organize into a Red Team
Day 1, 2nd and 3rd quarters – live fire combat
- Red Team attacks the Blue Teams of Joe’s and their Pro captains
- Break into their systems
- Steal flags and submit for points
- Blue Teams defend
- try to keep out Red Cell
- maintain critical services
- find integrity flags in their own environment to submit for points
Day 1, 4th quarter – post mortem
- Red Team ceases fire
- Red Team and Pro captains discuss with the Joe’s what happened, how the Joe’s can improve
- Blue Team – best defender, a combination of service uptime and least flags stolen
- Red Cell – he who steals the most flags
- Red Team dissolves and is divided amongst the Blue Teams
- Blue Teams attack each other, with the help of the Red Cell Pros
- Each Blue Team is trying to
- Maintain their critical services
- Break into the systems of other Blue Teams
- Steal flags from the other Blue Teams
At the end, a winning team will be announced (a combination of flags stolen, flags protected, and service uptime)
I’d like to ask each Pro to respond to me with a bit of background about yourself. Your background, your level of experience, and your area of expertise.
This information will help tailor the game so that we can make the best use of the talent in the Pro pool.
The environment to host this CTF is currently undergoing active construction and will be laced with various surpises to keep the game interesting. The networks that the Blue Teams must defend will be a mix of Windows and Linux, with the typical Internet services (web, DNS, mail, etc) and a mix of obscure systems and services. The flags will also be more complicated than last year,
In the days and weeks ahead, I’d like to build a dialog amongst the Pro’s. As we get closer to the event, we’ll refine the rules and I’ll work with each of you to provision your VPN access to the CTF Network, so that you can become familiar with it and set up any Red-Cell facilities you may need.
Lastly, if anyone has questions, comments, or suggestions, please don’t hesitate to tweet me @dichotomy1. I’m very open to new ideas, and think a group collaboration can only make this event better.