Hi. Long time listener, first time caller. Some friends and I are working on a new contest for DefCon this year, and thought OBSD folk might be interested: 0wn the box? Own the box!
The concept is shamelessly liberated from Dragos' Ruiu's "pwn to own" at CanSec this year, so much thanks to him for the idea. We're branching a bit beyond things, though, and asking for entrants (defenders) to schlep a broad range of boxes on to the DefCon LAN, with the understanding that an attacker (anyone at the con) can walk away with the machine if they successfully compromise it and can provide a hash value stored somewhere on the filesystem. For their efforts, we're giving out a number of prizes for defender entries. We hope this will be fun, and funny. We would very much love to see some entrants from the OpenBSD camp. The rules are simply that the machine have 2 functioning services, from a list provided beforehand, on the first day of the contest, and that on the second day, some level of nonprivileged user access be granted as well, the point being that both local and remote threats need to be considered. The idea is both to provide something more casual than the traditional CTF/aCTF events, and to get some interesting entries like at DefCons past when folks brought things like Vaxes, etc, for the CTF "defenders" category. Anyhoo, the info is up on the DefCon contest site: http://www.defcon.org/html/defcon-15/dc-15-contests.html#own There's a poll, just for Theo, on the forums, under CFB. Bit of good fun to drum up interest. :) Thanks all. -- sk00t
