2009/7/29 Bradley McMahon <[email protected]> > I wonder if there has ever been a case where someone from the blue team > went after the red teams machines. > > I am not sure of the rules of the CTF but being a linux admin I would try > to find the MACs and IPs of the attackers as soon as possible and just write > a iptables rule to drop all their connections or maybe route them to VM so > they won't get suspicious. > -Brad >
Actively attacking red team machine would most likely be against the rules, and if not against the spirit of the exercise. I'm not so certain about blocking the red teams network addresses. A good firewall is a reasonable security measure, so I think in principle it's fair. However if the rules dictate that the services on the blue team's server need to remain accessible for the duration of the games then perhaps blocking red team breaks this requirement since the bad addresses cannot access the legitimate services. YMMV. You would have to check with the referees as to their interpretation of the rules. I like to think this raises the bar for the red team but does this go too far? Jim
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
