IRISS CERT

Ireland's first CERT (Computer Emergency Response Team)

Irish Honeynet Chapter

As part of IRISSCERT's annual Conference on Cybercrime we run Ireland's premier Cyber Security Challenge. This year's challenge is being run for us by the Irish Honeynet Chapter The goal of the Cyber Security Challenge is to identify Ireland's top cyber security experts.

 

IRISSCERT's Cyber Security Challenge sees teams compete against each other in a controlled environment to determine which one will be the first to exploit weaknesses in a number of systems and declare victory.  The purpose IRISSCERT's Cyber Security Challenge competition is to demonstrate how attackers could gain access to your systems and allow you to learn from the event on how to prevent such attacks from impacting your network.

 

Competition Details

Here is an overview of one of our previous Cyber Security Challenges

 

 

 

 

Entry

If you would like to compete please register here. Entry to IRISSCERT's Cyber Security Challenge is part of the overall entry to IRISSCERT's annual Conference on Cybercrime. Places for the competition will be allocated on a first-come, first-serve basis. 

This year there will be individual and team challenges. Teams will be made up of a maximum of 4 players per team.  If your team does not have 4 players we can arrange to allocate individuals to your team if you so wish.

If you are entering a team please email the details of your team including the team name and those who are on your team to info@iriss.ie.

 

Rules of Engagement

Violation of these rules will lead to immediate expulsion from the exercise.

  • You can exploit any vulnerability you find on the servers, however, you shall not run any penetration test via the Internet.

     

  • Internet Access is not permitted to access the testing network.

     

  • No denial of service attacks.

     

  • Do not try to bring the servers down.

     

  • No arp spoofing of the connection to the target network.

     

  • Be conscious of hogging the system – remember you should treat these systems as if they are in ‘production’.

     

  • You can create new user accounts but do NOT change the passwords of existing accounts.

     

  • Only attack the target subnet as detailed in the scope provided on the day. The following are out-of-scope:
    • Fellow competitors.
    • VMware hosting software.
    • Routers.
    • Switches.
  • If you want to install software on the target servers, that is fine as long as it does not break the existing application or require a reboot.

     

  • Play nicely with team-mates and fellow competitors. Some people will move faster than others – that’s ok.

     

  • You can use any tool you have (for commercial tools, you must have a license).

     

  • If you need to download a new tool, please disconnect from the test network and do so through your own wireless/3G set-up.

     

  • During the challenges DO NOT:
    • attack the hotel network.
    • connect our target networks to the Internet.

Anyone adjudged to be breaking any of the above rules will be dealt with severely, ranging from your access to being restricted for a period of time to being eliminated from the competition.  The decisions of the judges will be final.

 

 

Sponsor

We would like to thank our sponsor for supporting this year's IRISSCON Challenge event.

To be updated soon!

 

ISI TI-Accredited WARP