LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 21st, 2014
Linux Security Week: April 7th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Honeynet Project Forensic Challenge Results Print E-mail
User Rating:      How can I rate this item?
Source: Dave Dittrich - Posted by Ryan W. Maple   
Security Projects Today Dave Dittrich of the Honeynet Project announced the results of the "Honeynet Fornesic Challenge". The results of all submitted reports are available on the page. Dave also talks about how the Honeynet Project is going to continue using . . . Today Dave Dittrich of the Honeynet Project announced the results of the "Honeynet Fornesic Challenge". The results of all submitted reports are available on the page. Dave also talks about how the Honeynet Project is going to continue using this example to "develop examples and best practices that fit the needs of local, state and federal law enforcement agencies in understanding and assessing computer crime cases and pursuing suspects."

Below is the text of the email Dave sent to the FORENSICS mailing list:

 Date: Mon, 19 Mar 2001 21:38:39 -0800 From: challenge@HONEYNET.ORG To: FORENSICS@SECURITYFOCUS.COM Subject: Honeynet Project Forensic Challenge results  I'm happy to announce the winners of the Honeynet Project Forensic Challenge.  We received 13 submissions from around the world, with one team spending a total of 104 hours on their analysis.  We have decided to award the top three submissions with prestigious Honeynet Project shirts, and all of the entrants will receive a copy of "Hacking Exposed" (Second Edition).  The Top Three are (the envelope please...)          Thomas Roessler          Brian Carrier          Peter Kosinar   The full results and all submissions (including the Honeynet Project analysis and IDS logs) are available at:          http://project.honeynet.org/challenge/results/  More details about the lessons learned in running the Forensic Challenge, who may have done the intrusion, tools developed by one of the top three entrants, and the best techniques used by all, will come out in the following weeks (including in a talk which will be presented at CanSecWest '01 at the end of this month.)  We are also working with members of the United States Department of Justice and the King County Prosecutor's Office to develop examples and best practices that fit the needs of local, state and federal law enforcement agencies in understanding and assessing computer crime cases and pursuing suspects.  Detailed technical analyses are great for geeks, but hard for judges, prosecutors, and criminal investigators to digest and understand quickly. This is the first time a learning situation like this has existed, where members of law enforcement can speak openly about the analyses of a real intrusion without fear of compromising an actual -- and quite costly -- criminal case. Hopefully this will help bridge some gaps and smooth the road between computer security professionals and the law enforcement community.  (Note that *there will be no prosecutions of anyone involved in this intrusion*.  This is not about catching the person who did this intrusion, but rather about what can be learned from it.  Whoever did this is *verrrrrry* lucky its working out this way. *This* time. ;)  I would like to thank everyone who has assisted or participated in the challenge including all those who submitted entries, Lance Spitzner, Dan Farmer, Wietse Venema, Tan, Kevin Mandia, T Elam, Rik Farrow, Kevin Manson, Steve Schroeder, Floyd Short, Richard Murray, Ivan Orton, and Alisha Ritter (if I left anyone out, I apologize - blame it on lack of sleep.)  This never would have been possible without everyone's help.  -- Dave Dittrich dittrich@speakeasy.net 

Read this full article at Dave Dittrich

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Fixing OpenSSL's Heartbleed flaw will take MONTHS, warns Secunia
Even the most secure cloud storage may not be so secure, study finds
Targeted Attack Uses Heartbleed to Hijack VPN Sessions
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.