I invite you to the hack quest CRC - information security tournament

"Ethical hacker" breaks the network

I’ll say right away that by the term “hacker” we mean “for IT specialists”. Simply put, you do not have to have the skills to attack computer systems, but you must understand how security and network technologies work. And, the main thing is to have IT-thinking, which allows solving non-standard tasks.

As part of the tournament, each of the participants immerses themselves in an imitation of a real environment (you will be someone like one of the system administrators or IT consultants of a large corporation) and starts working on the emerging tasks. Most of the tasks are sharpened not only under the knowledge of the server OS and practical situations with them, but also under the ability to think and quickly make decisions. The fact is that the ability to think like a safe person can only come with experience.
')
It is this experience that we will try to give. If you are engaged in information security, server administration or a system administrator on the network with a bunch of users - come in, this is for sure about you .

Why we hold a tournament

Perhaps you have a simple question: why do we need such a tournament? This is a rather expensive event, which is held by two rather big companies: the very well-known worldwide Symantec Corporation and we, CROC, the Russian IT company TOP-5.

The reason is very simple: it is one of the few ways to give education in the field of information security. Each participant will be able to test their abilities in a unique imitation of the real environment, hone their skills and, of course, gain additional knowledge in the field of computer security.

The Symantec Cyber ​​Readiness Challenge may not bring together real hackers (at least in the second, offline part), but it will give everyone the opportunity to try their hand. For example, to participate in the online part, it will be easy to pass the entry threshold in terms of minimal knowledge of security and put a basic set of open source software for what we call “ethical hacking” and security.

This is all experience. And the opportunity to practice to touch what previously seemed unfamiliar.

Moreover, it became clear to the tournament in London at the Infosecurity conference (after similar events in Barcelona, ​​Irving, Mountain View, Chicago, Toronto, New York, etc.) that this is not only a training simulator, but also just great entertainment.

What and how will it be?

We expect some core of experienced security experts, plus practicing sysadmins, plus just advanced IT specialists - including students and graduates of IT specialties.

An online tournament is a big game within a virtual ecosystem that simulates a network of two corporations. To participate you will need to register, plus put a basic set of Cisco software to access the system. We recommend deploying a virtual machine and giving all instructions on how best to prepare software for the tournament. You can use any of your tools, you can use a ready-made set, where there are, for example, such things as Metasploit and BackTrack. If information security is not your profile, then the instructions and basic set will be enough to figure it all out and start playing fully.

In each problem-question there are three tips. If you are an expert - do not open any. If you feel that knowledge is not enough - you can open them in turn. In the third - almost chewed answer (do not forget, the ecosystem is also a training simulator), but opening each hint reduces your points for the task. If you open all three - there will be no points at all.

The second event is an offline game . In parallel with it, the security conference will go: various serious guys will come there, who always have all these tasks in practice, plus business representatives who are interested in hearing these comrades.

Offline is more interesting, and it will already be covered by the press. Here is a quote describing the game:

“We are trying to acquaint people who are already involved in the field of security with how the hacker really works and how the system is tested to protect against unauthorized access. If you are a techie, sit down and try to play "

Sian Jones, Symantec Representative, London Tournament.


That's how it went offline before.

How to understand if my qualification is enough to participate?

If you are on Habré - most likely, yes. As I have already said, specialization is not required, the main thing is the general technical background and IT-thinking. Plus a bit of paranoia, but I think this is fine with you. If you are not on Habré - try to see this fun RAR-quest in the universe of the game. In the topic there is a complete passage, so let's agree as follows: if you master with just one hint, it means that you are suitable. It is also important to know how modern networks work.

Who can participate?

All who are over 18 years old and who live in Russia. It's free, but the number of participants is limited.

What will the winner get?

Online game - this is such a test of knowledge and the opportunity to practice. The main prize of the online competition is a trip to the championship in Moscow. If the winner is from Moscow, then he gets to the offline tournament. The main prize of offline is a trip to Europe for the final tournament among the winners in the EMEA region. The prize for II place - iPad Mini tablet. The prize for III place - Norton 360 Multi-Device antivirus from Symantec for 1 year for 3 mobile and personal devices.

Where can I register?

Here on the CRC-online , and here on the CRC-offline .

The first tournament will begin on July 15th. Places still have.
UPD: places on the online part is already over.

_{Photo to Kata - from here this report of the participant.}