--
Lance Spitzner
http://project.honeynet.org
---------- Forwarded message ----------
Date: Mon, 19 Mar 2001 21:37:54 -0800
From: challenge@honeynet.org
To: INCIDENTS@SECURITYFOCUS.COM
Subject: Honeynet Project Forensic Challenge results
I'm happy to announce the winners of the Honeynet Project Forensic
Challenge. We received 13 submissions from around the world,
with one team spending a total of 104 hours on their analysis.
We have decided to award the top three submissions with prestigious
Honeynet Project shirts, and all of the entrants will receive a copy
of "Hacking Exposed" (Second Edition).
The Top Three are (the envelope please...)
Thomas Roessler <roessler@does-not-exist.org>
Brian Carrier <carrier@cerias.purdue.edu>
Peter Kosinar <goober@ksp.sk>
The full results and all submissions (including the Honeynet Project
analysis and IDS logs) are available at:
http://project.honeynet.org/challenge/results/
More details about the lessons learned in running the Forensic
Challenge, who may have done the intrusion, tools developed by one of
the top three entrants, and the best techniques used by all, will come
out in the following weeks (including in a talk which will be
presented at CanSecWest '01 at the end of this month.)
We are also working with members of the United States Department of
Justice and the King County Prosecutor's Office to develop examples
and best practices that fit the needs of local, state and federal law
enforcement agencies in understanding and assessing computer crime
cases and pursuing suspects. Detailed technical analyses are great
for geeks, but hard for judges, prosecutors, and criminal
investigators to digest and understand quickly. This is the first time
a learning situation like this has existed, where members of law
enforcement can speak openly about the analyses of a real intrusion
without fear of compromising an actual -- and quite costly -- criminal
case. Hopefully this will help bridge some gaps and smooth the road
between computer security professionals and the law enforcement
community.
(Note that *there will be no prosecutions of anyone involved in this
intrusion*. This is not about catching the person who did this
intrusion, but rather about what can be learned from it. Whoever did
this is *verrrrrry* lucky its working out this way. *This* time. ;)
I would like to thank everyone who has assisted or participated in the
challenge including all those who submitted entries, Lance Spitzner,
Dan Farmer, Wietse Venema, Tan, Kevin Mandia, T Elam, Rik Farrow,
Kevin Manson, Steve Schroeder, Floyd Short, Richard Murray, Ivan
Orton, and Alisha Ritter (if I left anyone out, I apologize - blame it
on lack of sleep.) This never would have been possible without
everyone's help.
--
Dave Dittrich
dittrich@speakeasy.net
-=-
Linux Users Of Northern Illinois: General Discussion Mailing list.
For unsubscription, archives, and announcements only see http://luni.org