Honeynet Project -> The Reverse Challenge

From: Lance Spitzner (lanceat_private)
Date: Wed May 01 2002 - 13:11:14 PDT

  • Next message: Matt Zimmerman: "ssh scans using username 'test' or 'oracle'?"

    Last year the Honeynet Project sponsored the Forensic Challenge,
    a competition amongst the security community to study, analyze,
    and report on a computer hacked in the wild.  The result was a
    complete forensic analysis of the hacked system. Both the analysis
    from different individuals and the the images of the hacked
    computer are shared and used to this day.
    This year we are continuing that tradition and are announcing the
    Reverse Challenge.  The goal of this challenge is to develop reverse
    engineering skills amongst the security community.  Your mission, if
    you should choose to accept, is to analyze and report on a binary
    captured in the wild.  Your analysis will then be judged by a panel
    of experts, rated, and shared with the security community.
    This year we actually have prizes.  Top prizes include licensed
    copies of IDA Pro, $200 Amazon gift certificate from DataRescue, and
    free pass to the Black Hat Briefings.  As if that was not enough, the
    top 20 entries get a signed copy of the Honeynet book, Know Your Enemy
    (you know, the book the guy down the hall is using as a door stopper :).
    Judges include:
     - David Dittrich
     - K2
     - Halvar
     - Job de Haas
     - Niels Provos
     - Gera
    The challenge officially begins Monday, 06 May when we release the
    binary.  You have between now and the 6th to get your tools ready,
    form teams if you wish, and stock up on the caffeinated beverage of
    choice.  You will then have four weeks to complete your analysis and
    submit your report no later the 24:00 GMT, Friday, 31 May.  Submissions
    will be judged and then released 01 July.  You can learn more about the
    challenge now, and download the binary on 06 May, at
    All question, concerns, and submissions should be sent to
    We hope that the community has fun with this, with the ultimate goal
    of learning and sharing.  Let the games begin!
     --- The Honeynet Project
    PS, the person who hacked our Honeynet is not eligible to submit an entry,
    you know who you are.  The question is, do we? .... :)
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com

    This archive was generated by hypermail 2b30 : Thu May 02 2002 - 08:25:16 PDT