How to prepare for the hacker tournament

Hello!
I was asked several times how best to prepare for the upcoming first information security tournament . I interviewed our guards and admins, including those who tested the game, and made a small list below. I think this will already be useful for those who are just taking the first steps in information security.

Well, plus at the end of the topic there is a small task that can clearly demonstrate different approaches to hacking.

In short, the plot of the future tournament: you have to prove whether or not anyone can penetrate the corporate network from the outside and get information without being noticed.
')
Symantec Cyber ​​Readiness Challenge is a tournament for IT specialists. The task is to teach you to think like a hacker so that you can counter the security threats hanging over your company (in a tournament it was invented, but then knowledge will be useful in real life). For starters, this is an opportunity to figure out how things work, for experienced ones, great fun. The main goal of the event is educational.

Subject area

So, first we need to deal with the fact that this is a tournament for technical experts, not for senior staff exactly. Well, and not for those who are engaged in things far from networks, web sites, for example. System administrators and system programmers will find a lot of interesting things for themselves.

The range of knowledge (if you know - you will be comfortable and fun to play, if you do not fully understand - you can learn in the simulator):

• General knowledge of networking (TCP / IP, network applications).
• Unix-like systems are worth knowing (we can play on a computer with Windows, though it will be a bit more complicated).
• Technical English will be helpful.
• Understanding of applications for working with DNS, FTP, SMTP and in general the principles of operation of these technologies.
• If you have ever raised Apache - it will greatly help.
• Often come across tasks on popular CMS, such as WordPress. Bookmark forums about them.

Usually there are a lot of tasks on social engineering: it’s worth running and repeating this topic if you don’t feel the power of the Jedi in you.

Please note that the list of knowledge for participation in the tournament strongly overlaps with the list of knowledge necessary for the future information security specialist. If you are already working in the field of information security, please note in the comments what other areas of knowledge you are very useful.

Tips on tournament software

To participate, it is good to know basic things about network settings, to be able to use utilities like Metasploit and BackTrack (they are in the recommended set of software for the game, plus instructions there, but better to look in advance) or with their counterparts. Software can bring any. A detailed guide is here (PDF).

Almost always there are tasks for working with nmap, it will be useful to repeat this topic. The utility itself is also included in the recommended set of tools. In one of the parts of the tournament often come across tasks to scan the ports. Real welders are still at home thinking how to optimize this rather long process, and it’s just a pity to lose time in the tournament.

During the tournament, you can use the Internet. A lot of valuable information lies on various forums of system administrators, so we recommend finding a couple of these and registering so as not to fill out the password login form at the tournament, and immediately know where and how to search. It will take 15-20 minutes, but it will bring you a lot of experience (I would not believe that you will not read a couple of topics there) and will save 2-3 minutes on a tournament.

Final tasks are designed for network security engineers. For the most difficult levels, it is better to go over the UNIX configs, it happens that there are tasks with rather rare modes of operation.

Also, as usual, I recommend to sleep before the game and stock up on various tasty things so as not to run to the fridge while online.

Small task

Imagine that you came to the office of the corporation RKI (in a simulated world there is one). At the reception you are greeted by a secretary who is suddenly called by the chef. She leaves. Her computer is on, Outlook is open with corporate email. On the wall you see a bunch of stickers with department phones and names, but there seems to be no passwords. On the table is a standard office organizer and a pair of documents with stamps. No one sees you. Cameras, it seems, no. You have about 30 seconds until it comes back to do something that will make it easier to further penetrate the corporate network. What would you do?