The project's public Web server is www.openhack.com, where you can find a log with the latest updates.

The Openhack equipment is in the IP range from 38.144.162.2 to 38.144.162.15 --anything in that space is fair game. This is an open challenge to hackers, and we've upped both the difficulty and award antes. Cracking into Openhack.com will return bounties ranging from $500 for defacing the Web server to $1,500 for compromising the e-mail server to $2,500 for cracking into the database server. No prizes will be given for DDoS (distributed denial-of-service) attacks, which are often used as diversionary tactics.

The purpose of this project, which begins June 26, is to arm eWEEK readers with as much information as possible to strike the right balance between tight security and open communications. Therefore, we must receive details on how successful hacks were carried out (including any code used) before awarding prize money. These details and an analysis of project results will be published in a future issue of eWEEK.

Know the environment

Openhack.com includes multiple subnets for hosting e-mail and directory services, an e-commerce application, and a back-end enterprise-class database. Used heavily in the server farm are Sun Microsystems Inc.'s hardware and Solaris operating system, as well as Linux, OpenBSD, NT and Windows 2000. Compaq Computer Corp. and Dell Computer Corp. also provided servers.

The Openhack site is physically located at PSINet Inc.'s Toronto data center. We set up the site working with consultants from Guardent Inc., a pure-play Internet security consulting, assessment and managed services company based in Waltham, Mass.

In addition, security experts from Sun and Microsoft were on site to assist in hardening their respective operating systems. Guardent consultants assisted in hardening the open-source operating systems.

The Openhack site is fortified primarily by Raptor firewalls from Axent Technologies Inc. running on a pair of Sun Ultra 10 servers. To ensure that the site will be able to withstand constant attacks, the firewalls have been clustered using load-balancing hardware from Radware Ltd.

We will be using Internet Security Systems Inc.'s RealSecure 5 intrusion detection system outside the firewall.

Behind our formidable firewall cluster are three targets. The first is the Web server, running MandrakeSoft's Linux Mandrake and the Apache Web server. We'll be using Axent's NetProwler intrusion detection system to monitor the activities on the Web server subnet.

The second target is an e-mail subnet hosting the latest build of Exchange 2000 running on Windows 2000 Advanced Server. (This test will be a baptism by fire for the soon-to-be- released messaging platform.) Because Exchange 2000 uses Microsoft's Active Directory as its directory service, we will have a separate Advanced Server system hosting an Active Directory tree in the Exchange subnet.

The final target is the Oracle8i database running on a Sun Enterprise E4500 server. This server is running the Solaris 8 operating system and has the added protection of an OpenBSD IP filter in front of it. A Network Flight Recorder intrusion detection appliance will be watching over this subnet.

Some additional information

www.openhack.com    38.144.162.2

Tracing route to www.openhack.com [38.144.162.2]
over a maximum of 30 hops:

1 <10 ms * <10 ms tla07 [194.191.78.7] 
2 10 ms <10 ms 10 ms tla36 [194.191.78.36] 
3 50 ms 50 ms 50 ms arc-tc1-arc1.petrel.fr [144.85.16.225] 
4 50 ms 50 ms 50 ms fe1-0-1.arc-eu2-er-36-01.cwspan.net [144.85.16.254] 
5 50 ms 50 ms 60 ms gve-gix-br-36-01.cwspan.net [144.85.0.3] 
6 60 ms 60 ms 80 ms fe0-0-1.gve-icc-br-72-01.cwspan.net [144.85.9.254] 
7 60 ms 50 ms 60 ms fe0-0-1.gve-icc-br-72-02.cwspan.net [144.85.9.244] 
8 60 ms 61 ms 60 ms e1-r1-cixp.cweurope.net [192.65.185.156] 
9 60 ms 60 ms 60 ms s0-1-0-r1-GVA.cweurope.net [212.80.163.221] 
10 80 ms 80 ms 90 ms atm0-0-0-5-r1-FRA.cweurope.net [212.80.160.17] 
11 80 ms 91 ms 90 ms bcr2-serial6-1-0-0.Frankfurt.cw.net [166.63.193.165] 
12 90 ms 90 ms 100 ms bcr1.Frankfurt.cw.net [166.63.194.61] 
13 180 ms 210 ms 181 ms 206.24.227.169 
14 181 ms 180 ms 180 ms corerouter1.WashingtonEast.cw.net [204.70.9.133] 
15 180 ms 181 ms 180 ms core6.Washington.cw.net [204.70.4.113] 
16 180 ms 181 ms 180 ms cw-ip-eng-interconnects.Washington.cw.net [206.157.77.170] 
17 251 ms 260 ms 260 ms nw3.esc.psi.net [38.1.10.13] 
18 461 ms 461 ms 410 ms 204.6.140.177 
19 250 ms 260 ms 261 ms 204.6.134.254 
20 261 ms 260 ms 250 ms 38.144.160.2 
21 * * * Request timed out.
22 260 ms 261 ms 260 ms 38.144.162.2 

Trace complete.

Whois extract

Registrant: EWEEK (OPENHACK-DOM) 320 B Lakeside Drive FOSTER CITY, CA 94404 US Domain Name: OPENHACK.COM Administrative Contact, Technical Contact, Zone Contact, Billing Contact: EWEEK (EW534-ORG) no.valid.email@WORLDNIC.NET">no.valid.email@WORLDNIC.NET EWEEK 320 B Lakeside Drive FOSTER CITY, CA 94404 US 650 513 8124 Fax- 123 123 1234 Record last updated on 22-Jun-2000. Record expires on 20-Jun-2001. Record created on 22-Jun-2000. Database last updated on 27-Jun-2000 20:38:21 EDT. Domain servers in listed order: DNS1.OPENHACK.COM 38.144.162.2 DNS2.OPENHACK.COM 38.144.162.3

> server 38.144.162.2
Default Server: [38.144.162.2]
Address: 38.144.162.2

> ls -d openhack.com.
ls: connect: No error
*** Can't list domain openhack.com.: Unspecified error
>

Author information. Copyright © [Telecom and Logistics Associates Sàrl]. All rights reserved. Revised: juin 28, 2000 .

All information provided is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the facts of the particular situation.