We are tentatively planning a two day (registration only) Participation Open Hackfest in Mid March/early April. This is not a monthly presentation. It is a complete open encroachment competitive event with a certain number of engineered weaknesses on a controlled network with flags that are service based that are similar to real world scenarios. In this event, others are considered fair game and will count as a pwnd target, although with very low points. Larger flags will have large points, and we will have some small prizes in addition to each target: Best Forensics Best "real world" Flag (submitted) Greatest Flags We are building a complete network for the event therefore we will need some resources, volunteers, and flags. For the Spring Event, we want: 1) Networking Equipment - switches/cabling 2) Volunteers during the event to note flags and verify each. 3) Servers or targets of whatever type. Physical access encroachment is not going to be allowed. This is a network event. NOTE: If you submit a Flag, you cannot compete to take it, nor can you use your Flag in any of your attacks or information gathering. We will be setting up our own DNS and other services through a tethered EDVO/CDMA network, bridged to a local switched network, so we can access external resources during the two day event, and using Wireless as a resource, however we will not be hacking wireless. Any server setup that you have that you could like to bring in and setup as a flag would be fun - even Media Servers, TIVO, OpenWRT, whatever you have that you can see a known flag for access, and verify it's proof, once taken. Challenges should include a good deal of OSI Layer Up (outside of simple arp cache poisoning) UPNP, fuzzing, side jacking, brute forcing, decryption exploits, in addition to some web systems/mail systems. This HackFest will be a "mock-up" of a standard web provider, internal business network and include Microsoft targets and services, CIFS/SAMBA, DNS and linux targets. Solaris might be included also. We will mostly use Linux based security distros as our encroachment tools during the fest, however if you use a CPM Kaypro for instance, we are not going to quiver, just as long as you can prove your flags. We therefore would love any submissions you want to bring to setup on the network. We will be tentatively using UAT for this event because we can have access to secure our old equipment in one of their security guarded rooms over the two days without tearing down equipment. Interested? Watch for the registration site announcement in the next two weeks! Each person will be required to sign a waiver to verify that they understand that their equipment will be under threat on our HackFest network. We need focus for forensics, IDS, discovery, monitoring if you would like to show up and just watch network packet traffic. The second half of the event will include heavy forensics. You can come and go over two days of the event. Prices and flags are announced and promoted to your name only if you agree, so you can show up, take over everything and leave anonymously. Sound fun? -- Skype: (623)239-3392 AT&T: (503)754-4452 http://obnosis.110mb.com/nuke/index.php http://uncyclopedia.wikia.com/wiki/Arizona --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss