Challenges

Challenges

The Honeynet Project goal is to improve the security of the Internet by sharing lessons learned about the most common threats. We deploy honeynets all around the world, capture attacks in the wild, analyze this information and share our findings. Based on this information, the security community can better understand the threats they face and how to defend against them.

The purpose of Honeynet Challenges is to take this learning one step farther. Instead of having the Honeynet Project analyze attacks and share their findings, Challenges give the security community the opportunity to analyze these attacks and share their findings. The end results is not only do individuals and organizations learn about threats, but how to learn and analyze them. Even better, individuals can see the write-ups from other individuals, learning new tools and technique for analyzing attacks. Best of all, these attacks are from the wild, real hacks.

We will post challenges with latest attacks, such as a mixture of server-side attacks on the latest operating systems and services, attacks on client-side attacks that emerged in the past few years, attacks on VoiP systems, web applications, etc. At the end of each challenge, we will provide a sample solution created by our members using the state-of-the-art tools that are publicly available, such as libemu and dionaea. Submissions received are judged by our members and the top three submissions are recognized and awarded with small prizes.

 

Past challenges:

Forensic Challenges from a few years ago can be accessed below:

  • Scan of the Month Challenges
    These are monthly challenges for the security community to decode the attack in the wild. These challenges vary, from an NT webserver attack to reverse engineering malware. These also vary in degree of difficulty from Beginner, to Intermediate, to Advance. Note: Due to resource limitations, we can no longer provide these challenges every month.
    You can download all archived SotM challenges here (90MB).
  • The Reverse Challenge
    The Reverse Challenge was held from 06 May to 31 May, 2002. The Challenge was to decode a binary captured in the wild. For this Challenge, there were even prizes!. The purpose is to develop the communities understanding of the value of reverse engineering, and how to do it.
    You can download the entire Reverse Challenge here (27MB).
  • The Forensic Challenge
    The Forensic Challenge was held from 15 January - 19 February of 2001. The Challenge was to conduct a full forensic analysis of a Linux Red Hat 6.2 computer hacked in the wild. There were thirteen entries for the contest, each entry detailing how they analyzed the hacked systems.
    You can download the entire Forensic Challenge here (12MB).