A New Challenge from Honeynet

cjpez writes: "The people at the Honeynet have issued another challenge on the Bugtraq mailing list. Instead of hacking into a box, though, this time your goal is to submit the best analysis of a binary file they'll post on Monday, May 6th. Think you're good at reverse engineering? Then try it out! They're even offering actual prizes, so you can get something besides the feeling of personal fulfillment for your trouble. The post hasn't quite made it to SecurityFocus' Bugtraq Archive yet, but I did find it at another Bugtraq archive in Germany (slashdottings abound!). The URL included in the email, http://project.honeynet.org/reverse/, doesn't seem to be active yet, so presumably we can assume it'll go up on Monday. The post fails to address other concerns, though: will the winner be in violation of the DMCA? :P The challenge was also issued, obviously enough, on SecurityFocus' Honeypot mailing list."" In a later note, he points out that the announcement has finally made it to the Bugtraq archive page." (And that URL is active now.)

Re:Binary files

[fizbin]

Why bother?

I mean, the people from the honeynet project are going to post the complete entries of the top 20 anyway, and one of the criteria they're going to use is how well documented (i.e. "good for learning") the entry is. 'Tis better to learn that way than to stumble through hundreds of "I got this far and then quit" entries on some quickly pieced together slash site.

I for one hope that I'll actually get off my ass and enter this one; I've analyzed a few of their forensics "scan of the month" but have never gotten around to submitting a writeup. (Expository writing always seems so draining)