Whereas the jungles and deserts of Africa provided the backdrop for Dr Livingstone's exploits, Michael Clark searches the wilds of the Internet for elusive and potentially catastrophic binary.

Clark uses his discoveries to instruct would-be Internet adventurers in the art of capturing and disabling binary before it fulfils its capacity for destruction.

Together with an international panel of judges, and under the auspices of the Honeynet Project, Clark has provided the binary to conduct the Reverse Challenge. Systems administrators, programmers, developers, hackers, crackers and everyone in between are welcome to participate.

According to the event's coordinator, Lance Spitzner, the Reverse Challenge is based on the Forensic Challenge held in 2001 via the Honeynet Project.

"When we did the Forensic Challenge last year, no one had ever done anything like that, so no one knew what to expect," Spitzner explained, pointing out that the Reverse Challenge was created in response to the unprecedented interest in the original contest. "We would like to sponsor more such challenges, but they are extremely time consuming and expensive for us, and all of our members are volunteers."

Faced with the mammoth task of reviewing all entries are the international panel of judges including Canadian K2, Argentine Gera, Niels Provos and Halvar from Germany, Job de Haas from the Netherlands, and US-based David Dittrich. Also on board to help with the official write-ups, is enterprise security threat management systems vendor SecurityFocus.com.

"As for who the contestants are, we simply have no idea," said Spitzner. "The contest is open to the entire world and it appears extremely popular, in the 13 hours since the binary has been released, it has already been downloaded over 1,100 times."

Facing the challenge
One of these downloads was directed into the computer of Nishad Herath, a Sydney-based IT security developer. Like most IT security chiefs he got involved out of blatant disregard for his free time over the next month, and is still not sure he will have the time to fulfil the documentation requirements. He is, however, willing to give it a go.

"The whole Honeynet philosophy is understand thy enemy," Herath said. "And the purpose of the challenge is to become more familiar with what should be done if you do find a binary in your system. It is a learning process."

Herath believes the Honeynet Project, and challenges of this nature, are core to developing skills in an industry where most of the available training is commercialised and expensive.

"Challenges like this improve the level of knowledge in the industry as a whole," Herath said.

However, you certainly don't need a security hat to enter the challenge. After a couple of decades working in the IT arena, Melbourne-based systems administrator Geoffrey Marshall is attempting to make the challenge more challenging still.

"Before I downloaded it I asked myself -- what would a standard systems administrator be able to do without the fancy tools and specialist security training," Marshall said. "I believe there is even a way of stopping it dead without even examining the source code, people might be making it too difficult for themselves by going straight to the advanced tools."

For many participation in the challenge is simply a matter of extending their skills. Director of Sydney-based ISP Triode Internet, Paul Black, is slotting participation into a busy schedule, but hopes to at least partially finish the challenge by the end of the competition.

"I put in a hour or two a night," Black explained. "From what I have seen so far it is really quite clever, there is a bit of originality in there, and in the process of finding it I have learnt a few things."

As for participating in one of the few truly global challenges, Black described it as an opportunity to learn skills that aren't easy to come by.

"It is more a personal best thing for me, an honourable mention would be all well and good, but at the very least I will be able to say I benefited from participating," he said.

Related Links Honeynet Project sweetens hacker bait

	Search for similar stories
	Email this story to a friend
	Printer friendly version