[NTLUG:Discuss] [Fwd: Fwd: Perfect network security]

[Greg E]

Not intended as an MS slam but I did find this interesting, especially the
Linux challenge.  I wonder how long the Linux box stood up?  I'll have to
take a look at LinuxPPC tomorrow.

Greg E

-------- Original Message --------

It looks like Microsoft has developed the perfect solution to 
keep hackers out of your network. Don't let the computer run ;^)

----- Begin Included Message -----


Microsoft to Hackers: Crack This!

David Raikow, ZDNet

In an attempt to burnish its tarnished reputation for network security,
Microsoft issued an open challenge on
Tuesday to the hacking community. But potential testers barely got a
chance to attempt to break Windows 2000?s
security system, as the test server Microsoft offered crashed and stayed
down for most of the past 24 hours.

Microsoft placed a web server running the latest beta of Windows 2000
and Internet Information Server (IIS)
outside its firewalls, and invited the public to go after target files
and user accounts it placed there. The
company?s reason for doing so? "We hope that this kind of open testing
will allow us to ship our most secure OS yet," said a Microsoft
spokesperson.

The hacking community was and is largely unimpressed, however. In its
posted coverage, the Hacker News Network called the challenge
"an obvious ploy to get free publicity...It is hoped that this is not a
primary testing method."

Members of the Linux-enthusiast site Slashdot for the most part
concurred, accusing Microsoft of using anti-Microsoft sentiment for
free auditing.

Meanwhile, the Linux community created a counter-challenge of its own.
Tuesday afternoon, LinuxPPC, the developers and distributors
of a PowerPC-native version of Linux, challenged hackers to crack one of
its servers. Unlike Microsoft, which did not offer any kind of
incentive or award to hackers, LinuxPPC is giving the machine to the
first person to break in.

Whoops!

If it was meant as a publicity stunt, the Microsoft security challenge
may have backfired. As soon as the site went online, Microsoft ran
into technical difficulties with the test server. Early visitors
reported problems with the home-page HTML and Javascript, some serious
enough to prevent them accessing the page at all. Posted status logs
indicate that the server had to be rebooted at least once because
the system log was full, and some services were unavailable at reboot.

Most significantly, the server was offline for most of Tuesday due to
what Microsoft described as "router problems". Though
intermittently available Wednesday morning, the site was down at press
time, and appears to have been pulled from DNS servers
entirely; ping tests indicated the MS router was functional. Some
Slashdot contributors reported seeing a notice that the site had been
withdrawn, but no such notice is currently posted on any publicly
accessible MS server.

A Microsoft spokesperson attributed some of the difficulties to
thunderstorms in Seattle on Tuesday, but had no comment on the site's
status at press time.


----- End Included Message -----