Joshua, I agree with with what Vos said. You're only going to open youself up to a lot of problems. Get a security pro to run something like ISS's Scanner. This can be done in a controlled manner. Regards, Dennis Keller ADP Security Administrator DDSP-Z email: [EMAIL PROTECTED] -----Original Message----- From: Joshua Chamas <[EMAIL PROTECTED]> at internet01 Sent: Tuesday, March 30, 1999 6:59 PM To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> at internet01 Subject: Hacking Contest ? Hi, I have been spending a lot of time on system security prior to going live with a www service, and I was interested in the prospect of running a hacking contest with a cash reward for breaking in, and visibly modifying the www site. I believe the conditions of winning the prize would be: ) documenting the hack ) forbidding hacking systems of upstream ISPs ) proposals for fixing the found security holes ) a finite timeline for the hack to occur in, say a week ) preservation of the system logs, so I can observe and learn from hacking strategies The upside of course is seeing what system vulnerabilities that I may have overlooked by having a hacker uncover them. I fear the potential downside of drawing too much unwanted attention in the future to the site from would be hackers, after the contest is over. What do you all think about this? If I should choose to proceed, how should I best advertise this contest? Thanks, Joshua - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
BEGIN:VCARD VERSION:2.1 N:Keller;Dennis FN:Keller, Dennis ORG:DDC;DDSP NOTE:ASCE-ZW ADR;WORK:;DDSP-Z LABEL;WORK:DDSP-Z EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:19981217T170940Z END:VCARD
