Mistakes are important
Everybody is here to learn, and we want people to try things outside their comfort zone. This means there are going to be a lot of mistakes made. You are expected to handle your own mistakes, and those of other participants, as positive and inevitable.
As a computer security analyst, you must think like a "bad guy" in order to better understand your attack surface. We want you to be creative in your approach to solving puzzles, but we do have a few ground rules that are mostly related to our being able to keep costs down:
No network-level attacks
SYN flooding, ARP cache poisoning, WiFi deauthentication, and other network-level attacks are not allowed. We are all very proud of your ability to run scripts that mess things up, but this isn't the place for it.
No attacking other participants' computers
We have put a lot of effort into making puzzles that are fun to attack, go after those instead.