TLAnews Information for security concerned people

*Telecom and Logistics Associates*	TLAalert *Security Service*
Translate this page from:	publication: Christian ALT

Save Time and Money

TLAnews: Security NEWs Service

27.7.2000 Security: Contest get $10000 by hacking
Secure invites you to test your hacking skills on their e-Security Challenge site. During a holiday period such amount of money is welcome.

French Concours10000$ à prendre en piratant
En cette période de vacances une telle somme est toujours bonne à prendre Secure vous invite à participer à un concours de piratage

Home

TLAnews

TLAnews.com
Information for security concerned people

English version

The Challenge is to break into Secure's e-Security Challenge and retrieve a file called "secret.txt" from one of the Challenge Site's internal servers. The first person to penetrate the firewall and mail the contents of this file, and the steps taken to retrieve it, to challenge@securecomputing.com wins the challenge and a reward of $10,000 U.S. dollars -- plus "bragging rights" and a much coveted Sidewinder(TM) leather jacket.

Everyone knows that Denial-of-Service attacks take little or no skill, so performing such attacks will only serve to annoy your fellow attackers.

But it seems to us that an E-business site should resist to DOS attacks.

Ready with your tools go ...

http://www.challenge.securecomputing.com

Résumé en français

En cette période de vacance 10000$ à prendre c'est toujours bon. Le challenge consiste à penetrer le site et à récupèrer un fichier appelé "secret.txt". La première personne qui pourra accèder à ce fichier et faire connaître la méthode utilisée sera recompensé.

Le site semble ne pas apprécier les attaques en deni de service et affuble les auteurs de ce type d'attaque de "script kiddie".

Mais il nous semble pourtant qu'un site de E-commerce devrait résister aux attaques en déni de service.

A vos outils c'est parti ....

http://www.challenge.securecomputing.com

Secure's e-Security Challenge is accessible worldwide via its own Web site that is located at: http://www.challenge.securecomputing.com. Secure invites you to test your hacking skills on their e-Security Challenge site. Please note that attempting to attack any other Secure Computing facilities will result in prompt legal action as appropriate. Everyone knows that Denial-of-Service attacks take little or no skill, so performing such attacks will only serve to annoy your fellow attackers. Please take such "script kiddie" attacks elsewhere. The only way to win the challenge is to secure the secret.txt file by penetrating the firewall and mail the contents of the file, and the steps taken to retrieve it, to challenge@securecomputing.com. The first person to do this wins the Challenge and a reward of $10,000 U.S. dollars. Any successful hack must be re-creatable. There is no partial credit, nor partial reward.

From the site itself the following ingormation is interesting

This is the Challenge site. It has its own, dedicated Internet connection. You are welcome to do anything you want to break into it, but attempting to attack any other Secure Computing facilities will result in prompt legal action as appropriate.
Denial-of-Service attacks take little or no skill. As such, performing such attacks will only serve to annoy your fellow attackers. Please take such "script kiddie" attacks elsewhere.
The only way to win the challenge is to secure the "secret.txt" file and mail it to challenge@SecureComputing.com. There is no partial credit, nor partial reward.
Secure Computing must be able to reconstruct any successful hack; the hacker must provide Secure Computing with the steps used to gain successful access.

IP address of the target: 63.242.112.8

Traceroute to the destination target

    N:\TLAusers\chris\tmp>tracert www.challenge.securecomputing.com

Tracing route to sidewinder.challenge.securecomputing.com [63.242.112.8]
over a maximum of 30 hops:

  1    10 ms     *      <10 ms  tla07 [194.191.78.7]
  2   <10 ms    10 ms   <10 ms  tla36 [194.191.78.36]
  3     *       60 ms    50 ms  arc-tc1-arc1.petrel.fr [144.85.16.225]
  4    60 ms    50 ms    50 ms  fe1-0-1.arc-eu2-er-36-01.cwspan.net [144.85.16.254]
  5    70 ms    61 ms    70 ms  gve-gix-br-36-01.cwspan.net [144.85.0.3]
  6    70 ms    60 ms    70 ms  fe0-0-1.gve-icc-br-72-01.cwspan.net [144.85.9.254]
  7    60 ms    60 ms    60 ms  fe0-0-1.gve-icc-br-72-02.cwspan.net [144.85.9.244]
  8    60 ms    60 ms    61 ms  cixp-gw-e0.isdnet.net [192.65.185.148]
  9    70 ms    80 ms    80 ms  j1t3200.gen1.ipergy.com [195.10.5.21]
 10    80 ms    80 ms    80 ms  c1S501.par1.ipergy.com [195.10.5.133]
 11   241 ms   190 ms   200 ms  cs010.nyc1.ipergy.com [195.10.5.89]
 12   181 ms   200 ms   180 ms  166.90.136.37
 13   190 ms   190 ms   180 ms  gigaethernet5-0.core2.NewYork1.Level3.net [209.244.12.45]
 14   190 ms   180 ms   201 ms  so-6-0-0.mp2.NewYork1.level3.net [209.247.10.45]
 15   180 ms   181 ms   180 ms  209.247.10.42
 16   180 ms   180 ms   191 ms  209.244.160.186
 17   190 ms   260 ms   201 ms  pos3-0-622M.nyc-bb8.cerf.net [134.24.33.158]
 18   210 ms   200 ms   211 ms  so6-3-0-622M.chi-bb5.cerf.net [134.24.32.213]
 19   210 ms   211 ms   210 ms  pos2-0-622M.chi-bb3.cerf.net [134.24.33.197]
 20   221 ms   210 ms   210 ms  atm5-0.det-bb1.cerf.net [134.24.46.153]
 21   220 ms   230 ms   221 ms  redback.det-bb1.cerf.net [134.24.134.222]
 22   271 ms   260 ms   260 ms  63.242.112.8

List of DNS entries at SecureComputing

> server 192.55.214.1
Default Server:  [192.55.214.1]
Address:  192.55.214.1

> ls -d securecomputing.com.
[[192.55.214.1]]
 securecomputing.com.           SOA    securecomputing.com root.securecomputing.
com. (1999121343 86400 3600 1728000 172800)
 securecomputing.com.           NS     gateway.sctc.com
 securecomputing.com.           NS     beach.sctc.com
 securecomputing.com.           NS     ns.mr.net
 securecomputing.com.           MX     20   gateway.sctc.com
 securecomputing.com.           MX     10   beach.sctc.com
 ilf.securecomputing.com.       A      206.145.0.205
 beach.securecomputing.com.     A      192.55.214.50
 www1.securecomputing.com.      A      192.55.214.69
 baloo.securecomputing.com.     A      192.55.214.76
 empire.securecomputing.com.    A      206.145.0.209
 partner1.securecomputing.com.  A      192.55.214.70
 danger.securecomputing.com.    A      192.55.214.158
 atdwebmail.securecomputing.com. A      172.17.65.10
 listserv.securecomputing.com.  MX     30   listserv.securecomputing.com
 listserv.securecomputing.com.  A      216.161.26.139
 kosho.securecomputing.com.     A      192.55.214.159
 bellcore.securecomputing.com.  A      206.145.0.203
 dspt.securecomputing.com.      A      206.145.0.195
 phate.securecomputing.com.     A      206.145.0.204
 partner.securecomputing.com.   CNAME  partner1.securecomputing.com
 masque.securecomputing.com.    A      192.55.214.132
 ra.securecomputing.com.        A      192.55.214.165
 nsa.securecomputing.com.       A      206.145.0.206
 pulsar.securecomputing.com.    A      206.145.0.72
 bigbrother.securecomputing.com. A      206.145.0.207
 beta.securecomputing.com.      A      192.55.214.66
 iat.securecomputing.com.       A      192.55.214.137
 support.securecomputing.com.   CNAME  slapshot.securecomputing.com
 ftp.support.securecomputing.com. A      199.202.238.172
 webmail.securecomputing.com.   A      192.168.10.202
 tarponfw.securecomputing.com.  A      206.145.0.70
 ftp.activations.securecomputing.com. A      192.55.214.71
 rtfm.securecomputing.com.      A      192.55.214.163
 starbug.securecomputing.com.   A      192.55.214.164
 www.securewire.securecomputing.com. CNAME  tarponfw.securecomputing.com
 mod.securecomputing.com.       A      206.145.0.201
 burden.securecomputing.com.    A      206.145.0.100
 demoroom.securecomputing.com.  NS     danger.securecomputing.com
 demoroom.securecomputing.com.  NS     kosho.securecomputing.com
 dca.securecomputing.com.       NS     bastion.dca.securecomputing.com
 bastion.dca.securecomputing.com. A      216.2.198.226
 dca.securecomputing.com.       NS     beach.securecomputing.com
 sjc.securecomputing.com.       NS     ns.sjc.securecomputing.com
 challenge.securecomputing.com. NS     sidewinder.challenge.securecomputing.com
 sidewinder.challenge.securecomputing.com. A      63.242.112.8
 channel.securecomputing.com.   A      192.55.214.77
 syd.securecomputing.com.       NS     ns.syd.securecomputing.com
 ns.syd.securecomputing.com.    A      203.24.45.3
 slapshot.securecomputing.com.  A      192.55.214.162
 p0sse.securecomputing.com.     A      206.145.0.202
 magnetar.securecomputing.com.  A      206.145.0.71
 zephyr.securecomputing.com.    A      206.145.0.42
 netservices1.securecomputing.com. A      192.55.214.160
 netservices2.securecomputing.com. A      192.55.214.161
 stpswfw02.securecomputing.com. A      192.55.214.66
 ext2.securecomputing.com.      A      192.55.214.166
 share.securecomputing.com.     CNAME  gateway.sctc.com
 partners-ftp.securecomputing.com. A      192.55.214.76
 archway.securecomputing.com.   A      12.27.47.162
 stpsoas01.securecomputing.com. A      216.161.26.137
 www.securecomputing.com.       A      192.55.214.69
 con.securecomputing.com.       NS     conswfw01.con.securecomputing.com
 conswfw01.con.securecomputing.com. A      12.22.22.2
 con.securecomputing.com.       NS     beach.sctc.com
 con.securecomputing.com.       NS     gateway.sctc.com
 con.securecomputing.com.       NS     ns.mr.net
 lod.securecomputing.com.       A      206.145.0.200
 intranet.securecomputing.com.  A      192.168.10.60
 gateway.securecomputing.com.   A      192.55.214.1
 ccc.securecomputing.com.       A      206.145.0.208
 drake.securecomputing.com.     A      206.145.0.103
 ftp.securecomputing.com.       CNAME  ghoul.sctc.com
 tfw.securecomputing.com.       A      206.145.0.198
 rsvl.securecomputing.com.      NS     gateway.sctc.com
 securecomputing.com.           SOA    securecomputing.com root.securecomputing.
com. (1999121343 86400 3600 1728000 172800)
>

MX record for the challenge says

> set query=MX
> challenge.securecomputing.com.
Server:  [63.242.112.8]
Address:  63.242.112.8

challenge.securecomputing.com   MX preference = 5, mail exchanger = sidewinder.challenge.securecomputing.com
challenge.securecomputing.com   nameserver = sidewinder.challenge.securecomputing.com
sidewinder.challenge.securecomputing.com        internet address = 63.242.112.8

more security information with TLAnews ...

All information provided is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the facts of the particular situation.

Author information. Copyright © [Telecom and Logistics Associates Sàrl]. All rights reserved. Revised: juillet 27, 2000 .

Author information.
Copyright © [Telecom and Logistics Associates Sàrl]. All rights reserved.
Revised: juillet 27, 2000 .