Security Workshop:Rules

This is supposed to be a realistic exercise (well, except the galactic setting). You are root on your site, and may basically do what you like with your systems. However, as in real life, there are certain rules that limit what actions you are allowed to take.

• You are playing defensive. You are not allowed to take any actions that would be illegal in real life. In particular, you are not allowed to perform any kind of attacks on other systems, neither malicious machines, other teams' machines nor the game servers.

• You must strive to keep the services monitored on the dashboard running at all times, with only minimal outages. You can restart the services and reboot your systems if necessary, but avoid any downtime longer than that.

• Your users can be expected to connect from anywhere, so all services must be universally reachable. In particular, they must be reachable from gks-050, where the game monitor runs. (Some of the services are preconfigured to only allow connections from certain hosts. This is of course OK - you do not need to loosen the security settings from the default configuration.)

• The authorized_keys files of root and some users are pre-populated with public ssh keys. Please don't tamper with these; they are necessary for the game machinery. If you want to deactivate any user keys or change user passwords, please contact Starfleet Command first.

Breaking these rules may result in a point penalty.