iCTF是一项分布式的大型安全竞赛,旨在从攻击和防御的角度测试参赛者的安全技能。比赛采取多地点、多队伍的形式,各队伍独立对抗。每支队伍会获得一个虚拟化的网络安装环境,比如Linux或Windows主机,这些主机提供多种服务并包含未知漏洞。参赛队伍的目标是在比赛中保持服务可用且不受损害,同时尝试攻破其他队伍的服务。
The UCSB International Capture The Flag (also known as the iCTF) is a distributed, wide-area security exercise, whose goal is to test the security skills of the participants from both the attack and defense viewpoints.
The Capture The Flag contest is a multi-site, multi-team hacking contest in which a number of teams compete independently against each other.
Each team is given a virtualized network installation (for example, a Linux host and/or a Windows host). The hosts provide a number of services. The services have a number of undisclosed vulnerabilities, which have been included in the servers' software by the contest organizers.
The goal of each team is to maintain the set of services available and uncompromised throughout the contest phase. Each team can (and should) attempt to compromise other teams' services. Since all the teams receive an identical copy of the virtual network, the task of each team is to find vulnerabilities in their copy of the hosts and possibly fix the vulnerabilities without disrupting the services. At the same time, the teams have to leverage their knowledge about the vulnerabilities they found to compromise the servers run by other teams. Compromising a service will allow a team to bypass the service's security mechanisms and to "capture the flag" associated with the service.
During the contest a scoring system keeps track, for each team, of which services are available, and which services have been compromised.
The 2007 iCTF is scheduled Friday, December 7, 2007, from 8am to 5pm, PST.
more at: http://www.cs.ucsb.edu/~vigna/CTF/
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
