Re: Hacking Contest ?

[Christopher Pettit]

At 06:59 PM 3/30/99 -0800, Joshua Chamas wrote:
>Hi,
>
>I have been spending a lot of time on system security
>prior to going live with a www service, and I was interested
>in the prospect of running a hacking contest with a
>cash reward for breaking in, and visibly modifying
>the www site.
>
>I believe the conditions of winning the prize would be:
>
>) documenting the hack
>) forbidding hacking systems of upstream ISPs
>) proposals for fixing the found security holes
>) a finite timeline for the hack to occur in, say a week
>) preservation of the system logs, so I can observe and learn
> from hacking strategies
>
>The upside of course is seeing what system vulnerabilities
>that I may have overlooked by having a hacker uncover them.
>I fear the potential downside of drawing too much unwanted
>attention in the future to the site from would be hackers,
>after the contest is over.
>
>What do you all think about this?
>
>If I should choose to proceed, how should I best advertise
>this contest?

Funny you should ask Josh. This is exactly what is being done. More details can be found on the SANS Institute web page: http://www.sans.org

Look under "ID'Net Demonstration". This is not commercial advertisement cause it's all FREE....

Webcast Announcement Comparing Intrusion Detection Systems, ID'Net 99
Time: April 06, 1999 1300 EST
Cost: Free, and it has value!

One of the questions we received from the March 02 web broadcast, ( the topic was an advanced network scanning tool called nmap), was "what is the best intrusion detection software?" Was this a na�ve question? Three weeks ago I was part of a working group to help frame the research agenda for the President's Decision Directive 63, which deals with intrusion detection. On the last day there was a discussion period, the hot topic? It was how to compare intrusion detection systems. This webcast will focus on one approach to this problem, SAN's Intrusion Detection Network ID'Net which was operational at the ID'99 conference and will run again at the SANS Conference May 7 - 14 in Baltimore MD. We will discuss the history and challenges of comparing intrusion detection systems and some of the results of this first effort. My guests on the broadcast will be Simson Garfinkle, co-author of Practical Unix Security who demonstrated Sandstorm's TCP Demux network forensic tool and was able to capture and analyze the attacks. Paul Proctor is the Chief Technology Officer at Centrax who showed their new network intrusion detection capability on ID'Net and he will discuss his experiences. Finally we have Chris Pettit, a senior network engineer for NCI, who is the chair of the next ID'Net in May.

Should be a great show, hope to see you there!

Rob Kolstad and Stephen Northcutt - SANS Institute

**********************************************************************************
How to register for the broadcast. http://www.sans.org/XXX
They will send you a password and account by email. Also, comments from past webcasts teach us that detailed slides do not show up well on the broadcast players. If you have powerpoint, or a powerpoint viewer the slides will be available from the sans web page at least three days before the broadcast.

Special note: The nmap/nlog and other previous web broadcasts are still available from broadcast.com
http://www.sans.org/webarchives.htm

***********************************************************************************



<><><><><><><><><><><><><><><><><><><><><><><>
Christopher Pettit [EMAIL PROTECTED]
Sr. Network Engineer/Systems Admin/ISSO
NCI Information Systems, Inc
Naval Surface Warfare Center - Dahlgren Div.
17320 Dahlgren Road
Dahlgren, Virginia 22448-5100
(540) 653-7463 [EMAIL PROTECTED]
<><><><><><><><><><><><><><><><><><><><><><><> - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]