[kictanet] BELATED HACKBATTLE 2010 (Question that have come up)

Gichuki John Chuksjonia chuksjonia at gmail.com
Thu Apr 14 19:25:15 EAT 2011


Hi Kictanet members, Skunkworks, and Security members, as always,
kindly when replying, do not reply to all, but to your respective
mailist, unless your are registered to all.

Several questions have come up, and its good that i answer them here
so that everyone gets a clear picture of the contest.

Are there going to be prizes?

Yes there will be, but it will mostly depend on the sponsorship we
get. We are currently to struggling to get it.

Will there be vulnerabilities that can be exploited?

We are currently setting up the infrastructure the way Kenyan Banks
do. If you have been involved with most of them like i have, you will
see they favor obscurity over real security. So the answer is several
vulnerabilities will be there, but it will be hard to find them. So
you will have to sweat harder.

How do i hack the network?

Kindly use the same methodology you use when doing any security
pentest except DOS since that will get you banned.

How come you don't want to release the IPs to the public?

I would love to, but we want maintained order during the contest and
also maintain the load since the servers cant handle 60 hackers at the
same time messing up kernels etc.

What do i do if get to a typo during the test?

Here i will just ask you a question. Instead of typing w.x.y.z, and
type mod.go.ke, how long will it last before a black van shows at your
door? We will not defend you if you attack other networks instead of
the contest infrastructure


Can i do the tests from ihub floor?

Yes, you can, i believe the internet there is pretty fast.


Can a Ugandan company sponsor?

Yes, the contest is meant for EAC, which means East African Community
which Uganda is a part of.


For more questions, dont be afraid to ask, publically or privately, i
will still answer them.

With regards,

./Chucks
.


-- 
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
jgichuki at inbox d0t com

{FORUM}http://lists.my.co.ke/pipermail/security/
http://chuksjonia.blogspot.com/




More information about the KICTANet mailing list