Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Server Break-in Challenge

Posted by CmdrTaco on from the g3t-r3ady-to-p3wn3z0rzasdkja dept.

Sujit writes "Are you an Internet security expert at heart or by profession? Ever thought of trying your skill at a professionally set up server? If you are ready, enter. The Linux Server Break-in challenge. You will have a server available on the Internet 96 hours without interruption starting from 9 March 2005 2 AM IST. However, the server's life on the Net is in your hands."

3 of 327 comments (clear)

  1. Rules by 3770 · · Score: 5, Insightful
    The rules say:

    You need to leave your mark at ``/''. It could be your email address, GPG public key or something else with which we can verify your identity.


    The root partition could be on a read only media such as a CD-ROM, right? In which case nobody could ever win.
    --
    The Internet is full. Go Away!!!
    1. Re:Rules by espo812 · · Score: 5, Insightful

      Physical attacks are just as valid as network attacks. Now where did I put my Dell technician uniform...

      --

      espo
  2. This contest makes no sense. by pclminion · · Score: 5, Insightful
    And neither do any contests of this sort. Break it down by the types of people who might enter the contest:

    1. White hats. Why would they do it? If they're any good, it'll just be a waste of time, and you can always set up your own server to practice with. There's not even any prize!

    2. Black hats (I mean real ones, not script kiddies). They wouldn't bother either. Why expose the contents of your secret toolbox for no good reason? Any hack attempts (and successes) will be fully logged, revealing your secret exploits. That's no good, is it?

    3. Script kiddies. Maybe they'll try, but they won't get in, unless the server is embarrassingly badly configured. If they do manage to crack it, what does that prove? That it's possible to set up a Linux box with terrible security if you happen to be incompetent?

    I'm having a hard time figuring out exactly WHAT this contest is for. The only thing I can imagine (which a few other people have mentioned in this discussion) is that it's meant to enhance the image of Linux as a secure platform. So what -- so you've shown that if you do a good job configuring your box, you can keep out script kiddies. To put it bluntly, no shit.