I invite you to the CRC hack quest - information security tournament
"Ethical hacker" breaks the network
I must say that by the term "hacker" we mean "for IT professionals." Simply put, you do not have to have the skills to attack computer systems, but you must understand how protection and network technologies work. And, most importantly - to have IT-thinking, allowing to solve non-standard tasks.
Within the framework of the tournament, each of the participants plunges into an imitation of the real environment (you will be someone like one of the system administrators or IT consultants of a large corporation) and begins to work on emerging tasks. Most of the tasks are sharpened not only for the knowledge of server OS and practical situations with them, but also for the ability to think and make decisions quickly. The fact is that the ability to think as a security guard can only come with experience.
It is this experience that we will try to give. If you are engaged in IS, server administration or a system administrator in a network with a bunch of users - come on in, this is exactly about you .
Why do we have a tournament?
Perhaps you have a simple question: why do you need such a tournament? This is a rather expensive event, which is held by two rather large companies: Symantec Corporation, very famous all over the world, and we, CROC, the Russian IT company TOP-5.
The reason is very simple: this is one of the few ways to educate in the field of information security. Each participant will be able to test their abilities in a unique simulation of a real environment, hone their skills and, of course, gain additional knowledge in the field of computer security.
Symantec Cyber Readiness Challenge may not collect real hackers (at least in the second, offline part), but it will give everyone the opportunity to try their hand. For example, to participate in the online part, it will be easy to pass the entry threshold in terms of minimum security knowledge and put a basic set of open source software for what we call “ethical hacking” and security.
This is all an experience. And the opportunity in practice to touch what used to seem unfamiliar.
And also for the tournament in London at the Infosecurity conference (after similar events in Barcelona, Irving, Mountain View, Chicago, Toronto, New York and so on) it became clear that this is not only a training simulator, but also just great entertainment.
What and how will it be?
We expect a certain core of experienced security experts, plus practicing system administrators, plus simply advanced IT specialists - including students and graduates of IT specialties.
An online tournament is a big game within a virtual ecosystem that simulates the networks of two corporations. To participate, you will need to register, plus put the basic set of Cisco software for access to the system. We recommend deploying a virtual machine and give all the instructions on how best to prepare software for the tournament. You can use any of your tools, you can use a ready-made set, where there are, for example, such things as Metasploit and BackTrack. If information security is not your profile, then instructions and a basic set will be enough to figure it out and start playing fully.
There are three hints in each task. If you are an expert - do not open any. If you feel that there is not enough knowledge, you can open them in turn. In the third - an almost chewed answer (do not forget, the ecosystem is also a training simulator), but opening each tip reduces your points for the task. If you open all three - there will be no points at all.
The second event is an offline game . A security conference will be held in parallel with her: various serious uncles will come there who already have all these tasks in practice, plus business representatives who are interested in listening to these comrades.
Offline is more interesting, and it will already be covered by the press. Here is a quote describing the game:
“We are trying to introduce people already involved in the security field to how the hacker really works and how the system's testing for protection against unauthorized access works. If you are a techie, sit down and try to play "Sian Jones, representative of Symantec, tournament in London.
That's how it used to be offline
How do I know if my qualifications are enough to participate?
If you are on Habré - most likely, yes. As I said, specialization is not required, the main thing is a common technical background and IT-thinking. Plus, a little paranoia, but I think that is exactly what you are doing with. If you are not on Habré - try to see this fun RAR quest in the game’s universe. There is a complete passage in the topic, so let's agree as follows: if you master with just one hint, then come. It’s also important to know how modern networks work.
Who can participate?
Everyone who is over 18 years old and who lives in Russia. It is free, but the number of participants is limited.
What will the winner get?
An online game is such a test of knowledge and an opportunity to practice. The main prize of the online competition is a trip to the championship in Moscow. If the winner is from Moscow, then he gets to an offline tournament. Offline's main prize is a trip to Europe for the final tournament among the winners in the EMEA region. Prize for II place - iPad Mini tablet. The prize for the third place is the Norton 360 Multi-Device antivirus from Symantec for 1 year for 3 mobile and personal devices.
Where can I register?
Here on CRC-online , and here on CRC-offline .
The first tournament will begin on July 15th. There is still room.
UPD: places on the online part have already run out.
Photo before kat - from this participant’s report .