From: Berndt WULF <Bwulf@quiktrak.com.au> To: rbettle@criterion-group.com, jhorn1@desperate.ci.tucson.az.us Cc: freebsd-questions@FreeBSD.ORG, misc@openbsd.org Subject: Re: Microsoft ask users to crack win2000 site (fwd) Message-ID: <s7b1632a.054@quiktrak.com.au>
next in thread | raw e-mail | index | archive | help
Worse still, do we want to debug their operating sytem for them free of = charge? After all, this is a task for MS=27 software test engineers - right?=20 cheerio Berndt >>> Roy Bettle <rbettle=40criterion-group.com> 11/08/99 2:45:18 >>> Two issues to bear in mind: 1) M=24 is having a hard enough time just getting the Win2K computer to = stay running. The first time they turned it on and placed it =22in the line of = fire=22 for this challenge, it crashed within 4 hours and was subsequently down = for over 24 hours. Summary: Do any of us in the *BSD community want to be associated with something so ridiculously unstable? 2) This is obviously an attempt by M=24 to have those of us in the Open = Source community help them learn how to write a decent OS. Summary: After all the crap we=27ve had to put up with from M=24 - from = the media to the products we may have had to support in our =22day jobs=22 - do we = really want to help these =24%=21=5E*()& at all? Just my =240.02. RAB John Horn wrote: > This came through on BUGTRAQ last week. A new posting on BUGTRAQ = indicates > that LinuxPPC has issued a similar challenge with similar or identical > rules. I=27m wondering if there may be some fame or notoriety to be = gained > for OBSD by joining in this challenge. It probably won=27t be difficult, > or long, before someone breaks in to the NT2K challenge site so there = may > not be much time. > > Just an idea. > > Regards: > > John Horn > City of Tucson, IT Dept. > jhorn1=40desperate.ci.tucson.az.us=20 > > ---------- Forwarded message ---------- > Date: Tue, 3 Aug 1999 19:05:33 +0200 > From: Peter Lowe <pgl=40ti.cz> > To: BUGTRAQ=40SECURITYFOCUS.COM=20 > Subject: Microsoft ask users to crack win2000 site > > =5B executive summary: Microsoft are asking you to crack their > machine running on win2k and iis. =5D > > I haven=27t seen anything about this on bugtraq before, and I=27m not > entirely sure if it=27s appropriate, but this is from > http://www.windows2000test.com/ground_rules.htm:=20 > > Microsoft Internet Explorer > Microsoft Windows 2000 Server with Internet Information Server. > > Ground Rules > > 1. Make it Interesting > > Good safe computing practices on the Internet involve placing > critical systems behind firewall-type devices. For this > testing, we are intentionally not putting these machines behind > a firewall. This mean that you could slow these machines down > by tossing millions of random packets at them if you have > enough bandwidth on your end. If that happens, we will simply > start filtering traffic. Instead, find the interesting =22magic > bullet=22 that will bring the machine down. > > 2. Compromise an account > > Windows 2000 computers can have multiple user accounts and > groups. See if you can find a way to logon with one of these > accounts. > > 3. Change something you shouldn=27t have access to > > See if you can change any files or content on the server. If > you manage, no foul or rude statements please. > > 4. Get something you shouldn=27t have > > There are hidden messages sprinkled around the computer. See if > you can find them. > > 5. Our goal is to configure the system to thwart your attempts > > The goal is to see how a properly secured machine will stand up > to attack. These machines are configured to prevent known > attacks. > > 6. This is a test site > > You are welcome to attempt to compromise this site, and this > site only. This is your chance to do a practical test of > Microsoft Windows 2000=27s security. > > 7. Tell us about your exploits > > If you find something, send us some email at > w2000its=40microsoft.com. > =A9 1999 Microsoft Corporation. All rights reserved. Terms of > Use. > > -- > Peter Lowe -- System Administrator, Telenor Internet > http://www.ti.cz/ -- pgl=40ti.cz=20 > > Everything I know in life I learnt from .sigs. = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?s7b1632a.054>