Fachgruppe SIDAR der Gesellschaft für Informatik e.V.
 
Fachgruppe SIDAR
Zielgruppe
Mitglied werden
Mailingliste
Aktuelles
 
Themen
Verwundbarkeitsanalyse
Intrusion Detection
Malware
Incident Management
Forensik
 
Veranstaltungen
SPRING
CIPHER
DIMVA 2007
IMF 2007
 
Archiv
 
Organisatorisches
Fachgruppen-Leitung
Fachbereich Sicherheit
Gesellschaft für Informatik e.V.
Impressum
 
Verantwortlich für diese Webseite ist die GI-Fachgruppe SIDAR.
Wir sind nicht verantwortlich für die Inhalte externer Internetseiten.
Copyright © 2004 Fachgruppe SIDAR der GI e.V. - Alle Rechte vorbehalten.
Webmaster: <webmaster-/at/-gi-fg-sidar.de>
CIPHER 3  

Wettbewerb CIPHER 3
Challenges in Informatics: Programming, Hosting and Exploring
12.07. 2007 in Luzern/Schweiz


Link zur Webseite: CIPHER2
http://www.cipher-ctf.org


CIPHER is a Capture The Flag-style exercise in IT security for teams of students from universities. The task is to maintain a server running multiple services, while simultaneously trying to get unauthorized access to the other team's servers. Each successful penetration gains points, as well as keeping the own services up and functional during the course of the game.

The exercise is co-arranged by the Special Interest Group SIDAR (Security - Intrusion Detection and Response) of the German Informatics Society (GI) and the Security and Privacy Research Group of the RWTH Aachen. Technical organization and hosting is provided by the Security and Privacy Research Group and is coordinated by Lexi Pimenidis. CIPHER 3 co-executes with the international Conference on Detection of Intrusions and Malware & Vulnerability Assessment - DIMVA 2007 (July 12-13). On-site participation of conference attendees is possible.

Description

The exercise consists of multiple teams, each hosting a server that has multiple services running, like e.g. a webserver, a mail server, or customized services. The services contain typical security vulnerabilities that allow to compromise the server to a certain extend.

The goal is to maintain the services up, functional and uncompromised for the duration of the game. Additional scores can be gained by patching the vulnerabilities of the services and exploiting the knowledge of the found weaknesses at the other team's servers.

The focus of the exercise is on application layer security.

DIMVA
(Banner source code: www.dimva.org/banner.html)