CanSecWest PWN2OWN 2008

Tuesday, March 18. 2008
Announcing CanSecWest PWN2OWN 2008.
===================================

Three targets, all patched. All in typical client configurations with typical user configurations. You hack it, you get to keep it.

Each has a file on them and it contains the instructions and how to claim the prize.

Targets (typical road-warrior clients):
  • VAIO VGN-TZ37CN running Ubuntu 7.10
  • Fujitsu U810 running Vista Ultimate SP1
  • MacBook Air running OSX 10.5.2

This year's contest will begin on March 26th, and go during the presentation hours and breaks of the conference until March 28th. The main purpose of this contest is to present new vulnerabilities in these systems so that the affected vendor(s) can address them. Participation is open to any registered attendee of CanSecWest 2008.
Posted by Thorsten Holz in administrativa at 09:18 | Comments (0) | Trackbacks (0)

Program for LEET'08 & Storm Paper

Tuesday, March 18. 2008
The tentative program for the First USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET'08) is now available.

We also have a paper accepted: "Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm"
We still need to revise the paper based on the reviewer's feedback, as a teaser the preliminary abstract:

"Botnets, i.e., networks of compromised machines under a common control infrastructure, are commonly controlled by an attacker with the help of a central server: all compromised machines connect to the central server and wait for commands.
However, the first botnets that use peer-to-peer (P2P) networks for remote control of the compromised machines appeared in the wild recently. In this paper, we introduce a methodology to analyze and mitigate P2P botnets. In a case study, we examine in detail the Storm Worm botnet, the most wide-spread P2P botnet currently propagating in the wild. We were able to infiltrate and analyze in-depth the botnet, which allows us to estimate the total number of compromised machines. Furthermore, we present two different ways to disrupt the communication channel between controller and compromised machines in order to mitigate the botnet and evaluate the effectiveness of these mechanisms."
Posted by Thorsten Holz in administrativa at 01:29 | Comments (0) | Trackbacks (0)
(Page 1 of 1, totaling 2 entries)