For newbies (such as myself) long on caffeinated beverages but short on experience, these resources may be helpful in putting together an analysis environment: Reverse Engineering Malware http://www.zeltser.com/sans/gcih-practical/revmalw.html An Environment for Controlled Worm Replication and Analysis or: Internet-inna-Box http://www.research.ibm.com/antivirus/SciPapers/VB2000INW.htm If there are other resources of similar depth that target the ad hoc investigator I'd love to know more. --Jeff -----Original Message----- From: Lance Spitzner [mailto:lanceat_private] Sent: Wednesday, May 01, 2002 4:11 PM To: bugtraqat_private Subject: Honeynet Project -> The Reverse Challenge Last year the Honeynet Project sponsored the Forensic Challenge, a competition amongst the security community to study, analyze, and report on a computer hacked in the wild. The result was a complete forensic analysis of the hacked system. Both the analysis from different individuals and the the images of the hacked computer are shared and used to this day. This year we are continuing that tradition and are announcing the Reverse Challenge. The goal of this challenge is to develop reverse engineering skills amongst the security community. Your mission, if you should choose to accept, is to analyze and report on a binary captured in the wild. Your analysis will then be judged by a panel of experts, rated, and shared with the security community. This year we actually have prizes. Top prizes include licensed copies of IDA Pro, $200 Amazon gift certificate from DataRescue, and free pass to the Black Hat Briefings. As if that was not enough, the top 20 entries get a signed copy of the Honeynet book, Know Your Enemy (you know, the book the guy down the hall is using as a door stopper :). Judges include: - David Dittrich - K2 - Halvar - Job de Haas - Niels Provos - Gera The challenge officially begins Monday, 06 May when we release the binary. You have between now and the 6th to get your tools ready, form teams if you wish, and stock up on the caffeinated beverage of choice. You will then have four weeks to complete your analysis and submit your report no later the 24:00 GMT, Friday, 31 May. Submissions will be judged and then released 01 July. You can learn more about the challenge now, and download the binary on 06 May, at http://project.honeynet.org/reverse/ All question, concerns, and submissions should be sent to <challengeat_private> We hope that the community has fun with this, with the ultimate goal of learning and sharing. Let the games begin! --- The Honeynet Project PS, the person who hacked our Honeynet is not eligible to submit an entry, you know who you are. The question is, do we? .... :)
This archive was generated by hypermail 2b30 : Thu May 02 2002 - 15:18:32 PDT