Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Kill the DOG and win 100 000 DM

From: Ken Pfeil <kpfeil () MIRADIANT COM>
Date: Mon, 6 Nov 2000 08:16:29 -0500
-----Original Message-----
From: Lincoln Yeoh [mailto:lyeoh () POP JARING MY]
Sent: Sunday, November 05, 2000 12:51 PM
To: VULN-DEV () SECURITYFOCUS COM
Subject: Re: Kill the DOG and win 100 000 DM



Snipped:



As a comparison: what was the result of the Win 2K hack contest anyway?

Cheerio,
Link.




It was never a contest to begin with. It was a test system setup to find
vulns BEFORE the product shipped. As I remember, quite a few fixes to the IP
stack came about as a direct result. And alas, stupid people did stupid
things to cause unavailability for a lot of the testing. Most of what was
done to secure the box is available at
http://www.microsoft.com/technet/security/iis5chk.asp (Thanks Mike:) and
last I heard, specific steps/documentation were still forthcoming in
whitepaper format (If Rich Harrington or Scott Culp is on this list, they
might better answer when).
To my recollection, the box was never "owned" although the guest book did
take a beating.

Regards,
Ken

Ken Pfeil
Director, Information Security
Miradiant Global Network, Inc
kpfeil@no_spam.miradiant.com
http://www.miradiant.com
15 Broad Street, 17th Fl.
New York, NY 10005
PGP Lookup:
http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=0x3011C88A
"Of course my password is the same as my pet's name.
My dog's name was Q47pY!3$H9x, but I change it every 90 days."
Previous By Date Next
Previous By Thread Next

Current thread: