Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[infowar.de] Intrusion Detection-Daten von der DefCon



Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
Liebe Liste,

das dürfte die IT-Sicherheitspraktiker hier auf der Liste interessieren:
Es gibt die genauen Daten des Hack-Wettbewebs "Capture the Flag" der
letzten DefCon jetzt kostenlos zum Download - "das ultimative
IDS-Testbed". Viel Spaß bei der Analyse.

Ralf <- muss sich als Politikwissenschaftler zum Glück nicht damit
rumschlagen ;-)


Hacker intrusion collusion creates 'perfect IDS' 
By James Middleton, vnunet.com, 10/30/2001
http://www.vnunet.com/News/1126543

Three months after the infamous Def Con hacker fest back in July, a
group of geeks have published data which they claim may prove to be the
ultimate Intrusion Detection System (IDS) test bed.  Each year the Def
Con meeting in Las Vegas hosts a 'Capture the Flag' contest. In this
event some of the best hackers from around the world duke it out over a
specially constructed network for 72 hours, hacking for the title. To
'capture the flag' a hacker must get root access on a well-secured
central server.  But geek organisation the Shmoo Group diligently
sniffed and logged every packet sent over the network for posterity,
effectively recording in blow-by-blow detail how the best hackers on the
underground get into secure networks.  This week after "numerous
technical difficulties" the Shmoo Group has made the aptly named
'Capture the Capture the Flag' data publicly available for free.  "Since
Def Con brings the best and brightest in the security community
together, and Capture the Flag is the cutting edge of the underground,
we figured there is great value in saving the packets for posterity,"
the group said. But Shmoo explained that the idea wasn't to help
security companies sell more IDS based on these signatures. "The end
result is not better IDS and such," it said. "The end result should be a
wakeup call for application developers to write more secure apps that
don't need IDS in front of them." So now is your chance to download "by
far the most interesting, exploit ridden, 5.8Gb of intrusion collusion
ever published. Free for the bandwidth endowed, this is the ultimate IDS
test bed."



---------------------------------------------------------------
Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.