Post Wed Sep 01, 2010 2:10 pm

Honeynet Project Challenge 5 - Log Mysteries


Challenge 5 - Log Mysteries - (provided by Raffael Marty from the Bay Area Chapter, Anton Chuvakin from the Hawaiian Chapter, Sebastien Tricaud from the French Chapter) takes you into the world of virtual systems and confusing log data. In this challenge, figure out what happened to a virtual server using all the logs from a possibly compromised server.

The questions are a more open ended than past challenges. To score highly, we recommend to answer the following way:

- Accuracy is highly encouraged to get the highest note
- You must explain tools you used and how
- If you use visualization tools such as afterglow, picviz, graphviz, gnuplot etc. explain why this was better (than other tools, than other visualization): such as good timeline representation etc.
- Outline HOW you found things



For more details:
http://honeynet.org/challenges/2010_5_log_mysteries

Don
CISSP, MCSE, CSTA, Security+ SME