Alright, time to use an idea from Ghost In the Shell
1. Create software that analyzes, buys and sells stocks.
2. Let it run.
3. Profit!
I've always thought something like this would be a good idea, and the fact that I haven't heard of anyone doing it makes me wonder if there are some legal issues with it. Then again, I'm completely new to the stock market.
I also participated in the competition, but due to issues with our Firewall (the stupid scanner the provided with us didn't work and we ended up taking our network down several times for unecessary reasons) we didn't pass the qualifying rounds. However, I went along to one of the later rounds and was allowed to sit in with the hackers. But as Anonymous said, the goal is mainly to fix a machine that already has holes as fast as possible. In my competition, we had two linux boxes (Red Hat 7 for DNS and Fedora 8 for web), a FreeBSD box for sendmail, a Win2k back up DNS, 2003 server for LDAP, and two Windows XP desktops.
While the hackers weren't allowed to use 0 day vulnerabilities, they did have tools like CORE Impact at their disposal and within the first 5 minutes of the competition had owned every windows box. The only time I remember a *nix box getting owned was my groups. We were two busy fixing the LDAP server and forgot to change the default password of the BSD box from "password" because they were on the same machine (we had a virtual machine set up for our competition. This had its annoyances, but we could quickly recover from hacks by doind a revert to snapshot with VM ware. They probably disabled the revert feature in later competitions as in a real business environment, which they were trying to simulate, reverting could cause massive data loss.) Towards the end when things were winding down, one team had gotten owned really hard and wasn't about to recover, so they started doing trick programs on them. At one point, they had a screen cast of one of the competitors computers running on their own so they could see exactly what that school was doing. So they ran a trick program that made it look like it was running the Vista install process. We quick ran over and saw them frantically trying to cancel it with no effect. And then they ran a delete all on that computer.
Even though my team lost, we had lots of fun and I was able to learn a lot. We'll be back next year (Millersville University) and hope to regain our position of at least 2nd place at Nationals, which we had for the 2 previous years.
Slashdot Mirror
Alright, time to use an idea from Ghost In the Shell 1. Create software that analyzes, buys and sells stocks. 2. Let it run. 3. Profit! I've always thought something like this would be a good idea, and the fact that I haven't heard of anyone doing it makes me wonder if there are some legal issues with it. Then again, I'm completely new to the stock market.
I also participated in the competition, but due to issues with our Firewall (the stupid scanner the provided with us didn't work and we ended up taking our network down several times for unecessary reasons) we didn't pass the qualifying rounds. However, I went along to one of the later rounds and was allowed to sit in with the hackers. But as Anonymous said, the goal is mainly to fix a machine that already has holes as fast as possible. In my competition, we had two linux boxes (Red Hat 7 for DNS and Fedora 8 for web), a FreeBSD box for sendmail, a Win2k back up DNS, 2003 server for LDAP, and two Windows XP desktops. While the hackers weren't allowed to use 0 day vulnerabilities, they did have tools like CORE Impact at their disposal and within the first 5 minutes of the competition had owned every windows box. The only time I remember a *nix box getting owned was my groups. We were two busy fixing the LDAP server and forgot to change the default password of the BSD box from "password" because they were on the same machine (we had a virtual machine set up for our competition. This had its annoyances, but we could quickly recover from hacks by doind a revert to snapshot with VM ware. They probably disabled the revert feature in later competitions as in a real business environment, which they were trying to simulate, reverting could cause massive data loss.) Towards the end when things were winding down, one team had gotten owned really hard and wasn't about to recover, so they started doing trick programs on them. At one point, they had a screen cast of one of the competitors computers running on their own so they could see exactly what that school was doing. So they ran a trick program that made it look like it was running the Vista install process. We quick ran over and saw them frantically trying to cancel it with no effect. And then they ran a delete all on that computer. Even though my team lost, we had lots of fun and I was able to learn a lot. We'll be back next year (Millersville University) and hope to regain our position of at least 2nd place at Nationals, which we had for the 2 previous years.