Folks, we have decided to extend the submission deadline of the Forensic Challenge 2010/3 - "Banking Troubles" for another week (deadline is now April 26th 2010.) Seems like this challenge is a bit tougher and we would like to give you all the opportunity to submit your results. For those folks that have already submitted, you can resubmit via the web form in case you would like to make changes to your solution. The Forensic Challenge 2010/3 can be accessed here: http://honeynet.org/challenges/2010_3_banking_troubles.
Student applications for Google Summer of Code 2010 closed at 19:00 UTC tonight, with the usual last minute rush of submissions (but thankfully no timezone confusion this time). We had thought that receiving three student applications in the final minute, including one with 8.4 seconds to spare was cutting it close, but Plan9 apparently had one lucky applicant with 1.23 seconds remaining on the clock! That must set a new GSoC record... ;-)
On March 29th Google officially began accepting applications from students for Google Summer of Code 2010, which the Honeynet Project is very exicted to be participating in again this year as a mentoring organisation. We've recently updated our project ideas page and mentor information and students have until 19:00 UTC on Friday April 9th to apply (you can either chose one of our ideas or propose your own).
Challenge 3 of the Honeynet Project Forensic Challenge - titled "Banking Troubles" - is now online and we invite you to participate. Challenge 3 - provided by Josh Smith and Matt Cote from The Rochester Institute of Technology Chapter, Angelo Dell'Aera from the Italian Chapter and Nicolas Collery from the Singapore Chapter - is a bit different from our previous challenges in that we do not ask you to analyze a pcap network trace, but rather a memory image from a virtual machine. This should make for an interesting challenge!
Submission deadline is April 18th and results will be released on Wednesday, May 5th 2010. Small prizes will be awarded to the top three submissions.
Challenge 3 - Banking Troubles - (provided by Josh Smith and Matt Cote from The Rochester Institute of Technology Chapter, Angelo Dell'Aera from the Italian Chapter and Nicolas Collery from the Singapore Chapter) is to investigate a memory image of an infected virtual machine.
The challenge has been completed on May 12th 2010.
Skill Level: Difficult
Company X has contacted you to perform forensics work on a recent incident that occurred. One of their employees had received an email from a fellow co-worker that pointed to a PDF file. Upon opening, the employee did not seem to notice anything, however recently they have had unusual activity in their bank account. Company X was able to obtain a memory image of the employee’s virtual machine upon suspected infection. Company X wishes you to analyze the virtual memory and report on any suspected activities found. Questions can be found below to help in the formal report for the investigation.
hn_forensics.tgz Sha1: 8178921fd065ad2de9c6738fe062d2b37402c04a
Forensic_Challenge_3_-_Banking_Troubles_Solution.pdf - Sha1: 986752a9aa4b832951dfa6319cb5e16256a9b3c9
This work by Josh Smith, Matt Cote, Angelo Dell'Aera and Nicolas Collery is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.
Nicolas and Guillaume have been judging your submissions of the FC2010/2 relentlessly over the last few days and we now have the results in: We had a total of 32 submissions and a very tight race at the top. In the end, four submissions tied for first place:
Congratulations to the winners!!! Each winner will receive a signed book from one of our Honeynet Project authors. We have posted the submissions of the winners and sample solution on the FC2010/2 web page. All participants of the challenge should have also received an email today with information about their individual score as well as placement.
Much to the excitement of students all around the world, tonight Google officially announced which mentor organisations have been accepted for Google Summer of Code (GSoC) 2010, and the Honeynet Project are delighted to have been selected as one of 151 such mentoring organisations! You can view the full list here:
Well, Google Summer of Code 2010 is now officially up and running, with the deadline for organisation applications closing 45 minutes ago. Happily the Honeynet Project's application for GSoC 2010 was submitted on time, so all we can do now is sit back and wait until March 18th to find out if we are one of the lucky organisations selected this year.
Folks, its a frosty Tuesday morning in Seattle and the deadline for submissions to the forensic challenge 2010/2 "browsers under attack" has passed. We received a total of 34 for submissions from folks all over the world. Nicolas from the Singapore chapter will be judging the submissions in the next few days. We will announce the top three winners on Monday, 22nd of March 2010. Alongside, we will post their submissions as well as our sample solution. Since we were using a web form for this challenge, we will not acknowledge receipt of each submission. If you are unsure whether submission was successful, please email email@example.com and we can check the submission database.) Also, if you have any suggestions on how to improve the forensic challenge, please let us know.
Chief Communications Officer
The Honeynet Project
PS: Forensic Challenge 2010/3 is currently being prepared. In this challenge, a memory dump needs to be analyzed...so a bit different from our past couple of challenges that focus on network traces....I hope to see many submissions on it. We expect to post it Tuesday, 23rd of March 2010...
We have decided to extend the submission deadline for our second forensic challenge - "browsers under attack" to Monday, 8th of March 2010. This gives you another week to participate in our latest challenge. Subsequently, the announcement of the results will also move another week to Monday, 22nd of March 2010.
I have contacted all the folks that have already submitted their solution to us about this change. They, of course, have the opportunity to resubmit their solution, if they so wish, until the new submission deadline on the 8th. (If you have submitted and did not receive an email from me, please contact us at firstname.lastname@example.org)
Challenge 2 focuses on browser attacks and can be accessed at Forensic Challenge 2010/2. The top 3 submissions will be awarded prizes.