The Challenge:
-
What is the operating system of the honeypot, how do you know?
-
What is the name of this attack?
-
What is the attack attempting to accomplish?
-
How does the attack work?
Bonus Question: Is it possible to gain remote control of the system
using this technqiue? If so, how?
The Results:
Writeups from the Honeynet Project members
Writeup from the Security Community
The responses for this month's challenge have been outstanding. We
received almost 30 repsonses, everyone did an excellent job. We truly
hope that those who submitted answers developed their analysis skills.
For others, we hope you benefit from their hard work. The most common
mistake we found in people's analysis was they assumed the attack was
NT RDS (or msdac) attack, that is not the case. Read the results and
learn why.
Selecting the top entry was extremely difficult, as there are so many high
quality analysis. Instead of selecting a single winner for this month, we
have selected the top three entries. Also, we decided to not post submissions
that were incorrect, so as not to confuse people as to which one was the
correct answer. We would love to offer prizes to the top three (and actually
everyone that submitted) but we do not have the resources.
|