Latest news
PacketWars: A cyber security sport for a cyber age
by Zeljka Zorz - Tuesday, 23 November 2010.
The first one is a straight up reconnaissance assignment - individuals or teams have a limited amount of time, normally 30 to 60 minutes, to "visit" numerous targets in a specified address space. They must record as many attributes about them as they can: OS, running services, versions, known vulnerabilities, etc. Whoever identifies the most accurate attributes in the shortest period of time wins the battle.
"'King of the Hill' is pure carnage!" recounts Fite. "Battles normally last 2 to 4 hours and create a 'Battle Space' within a specified address space (kill zone). The external attack surface is usually based on difficulty level of the battle and experience and skill level of the combatants. However, once the outer layer of security has been breached, combatants can leverage compromised assets inside of the Battle Space to attack internal assets or even other combatants - just like in the real world."
Apart from being the developer, Fite is also "The Packet Master". He facilitates the battles and serves as a commentator by explaining the attacks to the spectators. "It's a throw back to old RPGs, when I played the role of Dungeon Master," he says with a smile.
To participate in a public PacketWars battle all you need is a computer of your own. The organizers sanction players and teams at their discretion, but there are currently no extra fees to pay other than admission to the hosting event - typically hacker and security conventions. Event sponsors pay for the operational costs of the battles and provide prizes.
Battles can be played by individuals and teams. It is assumed all players are law-abiding citizens, and illegal activity of any kind is not tolerated. "That mainly refers to physical attacks on others or on their equipment," he says. "In the real world, physical attacks are certainly an option, but in our simulations they are prohibited. Other than that, the battle unfolds on an isolated network, so pretty much everything else goes."
Typical PacketWars players are security and IT professionals, students, hobbyists, and the occasional hacker. "This is a very accessible sport for beginners. In the past I would say you had to have much more experience. When it comes to organizing teams, we suggest the players to think about covering a varied skill-set," explains Fite.
"TCP/IP and basic networking is probably the only real technological requirement. But you won't get far without good application and OS skills," he says. "We have introduced a player rating system. The more you play - earning league points - the better we are at rating your skill levels. Registered players can accumulate league status and be eligible for special Battle opportunities, including invitational events not open to the public."
The basic idea is to get as many players possible involved, so that a lot of games can be played. Sometimes qualifying events are run or participation is limited due to physical constraints based on the battle venues, but other than that - everyone who intends to follow the rules is welcome.
"'King of the Hill' is pure carnage!" recounts Fite. "Battles normally last 2 to 4 hours and create a 'Battle Space' within a specified address space (kill zone). The external attack surface is usually based on difficulty level of the battle and experience and skill level of the combatants. However, once the outer layer of security has been breached, combatants can leverage compromised assets inside of the Battle Space to attack internal assets or even other combatants - just like in the real world."
Apart from being the developer, Fite is also "The Packet Master". He facilitates the battles and serves as a commentator by explaining the attacks to the spectators. "It's a throw back to old RPGs, when I played the role of Dungeon Master," he says with a smile.
To participate in a public PacketWars battle all you need is a computer of your own. The organizers sanction players and teams at their discretion, but there are currently no extra fees to pay other than admission to the hosting event - typically hacker and security conventions. Event sponsors pay for the operational costs of the battles and provide prizes.
Battles can be played by individuals and teams. It is assumed all players are law-abiding citizens, and illegal activity of any kind is not tolerated. "That mainly refers to physical attacks on others or on their equipment," he says. "In the real world, physical attacks are certainly an option, but in our simulations they are prohibited. Other than that, the battle unfolds on an isolated network, so pretty much everything else goes."
Typical PacketWars players are security and IT professionals, students, hobbyists, and the occasional hacker. "This is a very accessible sport for beginners. In the past I would say you had to have much more experience. When it comes to organizing teams, we suggest the players to think about covering a varied skill-set," explains Fite.
"TCP/IP and basic networking is probably the only real technological requirement. But you won't get far without good application and OS skills," he says. "We have introduced a player rating system. The more you play - earning league points - the better we are at rating your skill levels. Registered players can accumulate league status and be eligible for special Battle opportunities, including invitational events not open to the public."
The basic idea is to get as many players possible involved, so that a lot of games can be played. Sometimes qualifying events are run or participation is limited due to physical constraints based on the battle venues, but other than that - everyone who intends to follow the rules is welcome.
Spotlight
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Daily digest
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
Weekly newsletter
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
