[prev in list] [next in list] [prev in thread] [next in thread] 

List:       eurohack
Subject:    [EuroHaCk] FW: [ISN] Hacker attacks welcomed
From:       "Marty" <marty () asgard ! aus ! tm>
Date:       2000-06-27 10:25:49
[Download RAW message or body]




Sent: Tuesday, 27 June 2000 9:10
To: ISN@SECURITYFOCUS.COM
Subject: [ISN] Hacker attacks welcomed


http://www.zdnet.com/eweek/stories/general/0,11011,2593631,00.html

By Henry Baltazar, eWEEK labs, eWEEK
June 25, 2000 9:00 PM PT

Internet security is a process, not a product. eWeek Labs' Openhack
project is designed to help e-businesses make this process work better
in complex, heterogeneous computing environments.

Openhack is an evolution of last year's interactive Hackpcweek.com
test, in which we pitted Linux and the Apache Web server against
Microsoft Corp.'s Windows NT and Internet Information Server 4 to see
how each would fare in a hostile Internet environment.

With Openhack, we'll be taking the concept of interactive testing a
step forward: We invite crackers to take their best shots at the
Openhack.com site. Examining the number, type and targets of these
attacks will allow us to measure the security --and vulnerability --of
a variety of computing platforms in a simulated e-business
environment.

The project's public Web server is www.openhack.com where you can find
a log with the latest updates.

The Openhack equipment is in the IP range from 38.144.162.2 to
38.144.162.15 --anything in that space is fair game. This is an open
challenge to hackers, and we've upped both the difficulty and award
antes. Cracking into Openhack.com will return bounties ranging from
$500 for defacing the Web server to $1,500 for compromising the e-mail
server to $2,500 for cracking into the database server. No prizes will
be given for DDoS (distributed denial-of-service) attacks, which are
often used as diversionary tactics.

The purpose of this project, which begins June 26, is to arm eWeek
readers with as much information as possible to strike the right
balance between tight security and open communications. Therefore, we
must receive details on how successful hacks were carried out
(including any code used) before awarding prize money. These details
and an analysis of project results will be published in a future issue
of eWEEK.

Test evolution

The emergence of technologies and business practices adds complexity
and often vulnerability to state-of-the-art e-business sites. This is
reflected in the significantly more complex Openhack environment,
where we've put the emphasis not on one platform's securability vs.
another's but on testing how well different platforms coexist in a
secure environment.

Openhack.com includes multiple subnets for hosting e-mail and
directory services, an e-commerce application, and a back-end
enterprise-class database. Used heavily in the server farm are Sun
Microsystems Inc.'s hardware and Solaris operating system, as well as
Linux, OpenBSD, NT and Windows 2000. Compaq Computer Corp. and Dell
Computer Corp. also provided servers.

The Openhack site is physically located at PSINet Inc.'s Toronto data
center. We set up the site working with consultants from Guardent
Inc., a pure-play Internet security consulting, assessment and managed
services company based in Waltham, Mass.

In addition, security experts from Sun and Microsoft were on site to
assist in hardening their respective operating systems. Guardent
consultants assisted in hardening the open-source operating systems.

The Openhack site is fortified primarily by Raptor firewalls from
Axent Technologies Inc. running on a pair of Sun Ultra 10 servers. To
ensure that the site will be able to withstand constant attacks, the
firewalls have been clustered using load-balancing hardware from
Radware Ltd.

We will be using Internet Security Systems Inc.'s RealSecure 5
intrusion detection system outside the firewall.

Targets for attack

Behind our formidable firewall cluster are three targets. The first is
the Web server, running MandrakeSoft's Linux Mandrake and the Apache
Web server. We'll be using Axent's NetProwler intrusion detection
system to monitor the activities on the Web server subnet.

The second target is an e-mail subnet hosting the latest build of
Exchange 2000 running on Windows 2000 Advanced Server. (This test will
be a baptism by fire for the soon-to-be-released messaging platform.)
Because Exchange 2000 uses Microsoft's Active Directory as its
directory service, we will have a separate Advanced Server system
hosting an Active Directory tree in the Exchange subnet.

The final target is the Oracle8i database running on a Sun Enterprise
E4500 server. This server is running the Solaris 8 operating system
and has the added protection of an OpenBSD IP filter in front of it. A
Network Flight Recorder intrusion detection appliance will be watching
over this subnet.

The Openhack test will run through July 21, or until all the prize
money is paid out. We are giving away a total of $2,500 for successful
documented intrusions. In the case of multiple submissions for the
same type of crack, the first documented submission sent to us by
e-mail will win.

Senior Analyst Henry Baltazar can be reached at
henry_baltazar@ziffdavis.com.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".

--
For sub/unsub matters talk to majordomo@bofh.kyrnet.kg.
For FAQ please check out http://voltaic.thcnet.net/eurohack/
For flames, nonsense, junk and crap please talk to devnull@bofh.kyrnet.kg

[prev in list] [next in list] [prev in thread] [next in thread]