Honeypots mailing list archives
Spanish Forensic Challenge
From: David Barroso <tomac () somoslopeor com>
Date: Mon, 17 Nov 2003 23:03:58 +0100
RedIRIS, the Spanish academic R&D network, together with Spanish-speaking companies and security experts, proposes to security managers in Spanish universities, centers affiliated to RedIRIS and to Internet users worldwide a challenge consisting of the forensic analysis of a compromised Linux system. Forensics is one of the information security fields that most has evolved in recent years. Its primary goal is to provide answers to questions that arise when an intrusion attempt is discovered. That is, when an attacker has succeeded in accessing one or more information technology components of an organization: - Who launched the attack? That is, what IP addresses are related to it? What was each attacking system used for? - How was the attack successful? What vulnerability or configuration failure was used by the attacker in order to get access into the system? - What did the attacker do once he got access? What tools did he use? What were his goals? Even if it is best to keep a system up-to-date and well protected against attacks, intrusions are frequent in open environments like universities and R&D centers. Experts formed in procedures to analyze and comprehend an intrusion are needed. These must be trained in using the techniques and tools that are related to this new field called "Computer forensics" One of the problems in order to teach future expers in Computer Forensics in the computer areas the basics is the availability of testing systems (systems which have been previously attacked) that they can use to test and get a hold of current tools for analysis. This challenge tries to help bypass this problem by providing a sample attacked system with a configuration very similar to the one used in a university environment. Thus, it can be used as a "testing lab". However, the challenge still asks for a detailed written report summarizing the analysis results, just like it would be requested for a real attack. Different experts in the security field will review these reports. Based on the information presented and its evaluation a "winner" of the challenge will be selected. More information is available in the following address: http://www.rediris.es/cert/ped/reto List of organizations and companies that help and sponsor this challenge: * Cybex, http://www.cybex.es * Germinus, http://www.germinus.com * Guidance Software, http://www.guidancesoftware.com * LogiCube, http://www.logicube.com * RedIRIS, http://www.rediris.es * Revista Red Seguridad , http://www.borrmart.es * RNP-CAIS http://www.rnp.br/cais * S21Sec, http://www.s21sec.com * Sarenet, http://www.sarenet.es * SANS, http://www.sans.org * UNAM-CERT http://www.seguridad.unam.mx
Current thread:
- Spanish Forensic Challenge David Barroso (Nov 17)