[NTLUG:Discuss] [Fwd: Fwd: Perfect network security]

[Kevin McMillan]

Rumor has it, someone has claimed, that they had the MS machine  "Hacked", if not for a quick shutdown of 
the server, the target files would have been grabbed. If this is true, I wonder who would have shutdown that 
server ? MS wouldn't cheat would they ?

At 8/9/99 4:12:00 PM, you wrote:
>Not intended as an MS slam but I did find this interesting, especially the
>Linux challenge.  I wonder how long the Linux box stood up?  I'll have to
>take a look at LinuxPPC tomorrow.
>
>Greg E
>
>-------- Original Message --------
>
>It looks like Microsoft has developed the perfect solution to 
>keep hackers out of your network. Don't let the computer run ;^)
>
>----- Begin Included Message -----
>
>
>Microsoft to Hackers: Crack This!
>
>David Raikow, ZDNet
>
>In an attempt to burnish its tarnished reputation for network security,
>Microsoft issued an open challenge on
>Tuesday to the hacking community. But potential testers barely got a
>chance to attempt to break Windows 2000?s
>security system, as the test server Microsoft offered crashed and stayed
>down for most of the past 24 hours.
>
>Microsoft placed a web server running the latest beta of Windows 2000
>and Internet Information Server (IIS)
>outside its firewalls, and invited the public to go after target files
>and user accounts it placed there. The
>company?s reason for doing so? "We hope that this kind of open testing
>will allow us to ship our most secure OS yet," said a Microsoft
>spokesperson.
>
>The hacking community was and is largely unimpressed, however. In its
>posted coverage, the Hacker News Network called the challenge
>"an obvious ploy to get free publicity...It is hoped that this is not a
>primary testing method."
>
>Members of the Linux-enthusiast site Slashdot for the most part
>concurred, accusing Microsoft of using anti-Microsoft sentiment for
>free auditing.
>
>Meanwhile, the Linux community created a counter-challenge of its own.
>Tuesday afternoon, LinuxPPC, the developers and distributors
>of a PowerPC-native version of Linux, challenged hackers to crack one of
>its servers. Unlike Microsoft, which did not offer any kind of
>incentive or award to hackers, LinuxPPC is giving the machine to the
>first person to break in.
>
>Whoops!
>
>If it was meant as a publicity stunt, the Microsoft security challenge
>may have backfired. As soon as the site went online, Microsoft ran
>into technical difficulties with the test server. Early visitors
>reported problems with the home-page HTML and Javascript, some serious
>enough to prevent them accessing the page at all. Posted status logs
>indicate that the server had to be rebooted at least once because
>the system log was full, and some services were unavailable at reboot.
>
>Most significantly, the server was offline for most of Tuesday due to
>what Microsoft described as "router problems". Though
>intermittently available Wednesday morning, the site was down at press
>time, and appears to have been pulled from DNS servers
>entirely; ping tests indicated the MS router was functional. Some
>Slashdot contributors reported seeing a notice that the site had been
>withdrawn, but no such notice is currently posted on any publicly
>accessible MS server.
>
>A Microsoft spokesperson attributed some of the difficulties to
>thunderstorms in Seattle on Tuesday, but had no comment on the site's
>status at press time.
>
>
>----- End Included Message -----
>
>_______________________________________________
>Discuss at ntlug.org
>http://ntlug.org/mailman/listinfo/discuss
>http://ntlug.org/pipermail/discuss <Archive>
>
>