Honeynet Project -> The Reverse Challenge

From: Lance Spitzner (lanceat_private)
Date: Wed May 01 2002 - 13:11:14 PDT

Next message: Matt Zimmerman: "ssh scans using username 'test' or 'oracle'?"

Previous message: William N. Zanatta: "Re: A friend's cable modem Linux machine just got compromised"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Last year the Honeynet Project sponsored the Forensic Challenge,
a competition amongst the security community to study, analyze,
and report on a computer hacked in the wild.  The result was a
complete forensic analysis of the hacked system. Both the analysis
from different individuals and the the images of the hacked
computer are shared and used to this day.

This year we are continuing that tradition and are announcing the
Reverse Challenge.  The goal of this challenge is to develop reverse
engineering skills amongst the security community.  Your mission, if
you should choose to accept, is to analyze and report on a binary
captured in the wild.  Your analysis will then be judged by a panel
of experts, rated, and shared with the security community.

This year we actually have prizes.  Top prizes include licensed
copies of IDA Pro, $200 Amazon gift certificate from DataRescue, and
free pass to the Black Hat Briefings.  As if that was not enough, the
top 20 entries get a signed copy of the Honeynet book, Know Your Enemy
(you know, the book the guy down the hall is using as a door stopper :).
Judges include:

 - David Dittrich
 - K2
 - Halvar
 - Job de Haas
 - Niels Provos
 - Gera

The challenge officially begins Monday, 06 May when we release the
binary.  You have between now and the 6th to get your tools ready,
form teams if you wish, and stock up on the caffeinated beverage of
choice.  You will then have four weeks to complete your analysis and
submit your report no later the 24:00 GMT, Friday, 31 May.  Submissions
will be judged and then released 01 July.  You can learn more about the
challenge now, and download the binary on 06 May, at

            http://project.honeynet.org/reverse/

All question, concerns, and submissions should be sent to

                 <challengeat_private>

We hope that the community has fun with this, with the ultimate goal
of learning and sharing.  Let the games begin!


 --- The Honeynet Project


PS, the person who hacked our Honeynet is not eligible to submit an entry,
you know who you are.  The question is, do we? .... :)






----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Matt Zimmerman: "ssh scans using username 'test' or 'oracle'?"
Previous message: William N. Zanatta: "Re: A friend's cable modem Linux machine just got compromised"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu May 02 2002 - 08:25:16 PDT