Quoting fooler ([EMAIL PROTECTED]): >> We will be given 3 days to bring online a hardened server with >> a specifically chosen set of services to offer. > > as i understand here, the hackers will be the one to provide us what > services are going to run...
I may be wrong, but the natural interpretation of the term "service" in this context is something like o SMTP server o ftp server with anonymous read-only access o ftp server with non-anonymous read/write access o Web-based bulletin board o trouble-ticket system functionally equivalent to bugzilla o Dynamic (database-backed) Web server o IMAP server o SSH daemon supporting SSHv2 protocols o SMB server with at least one file volume and at least one printer share I suspect that the spec will describe required functionality, rather than dictating specific software. Logically, part of the point of this is to allow the admins to pick the software and configurations that satisfy a specified functionality needs without compromise by hostile outsiders. > second clarification.. they must define clearly about the definition > of a hacked system.. Indeed, clearly the definition of compromise must be stated to some reasonable degree. Don't assume someone's trying to run a rigged game: That's highly unlikely. However, _do_ assume that the attackers will think unconventionally in gaining access. That's what attackers do in the real world: The smart ones find the weaknesses that you just didn't even think about, that you'd never have thought anyone would exploit. -- Cheers, "That article and its poster have been cancelled." Rick Moen -- David B. O'Donnel, sysadmin for America Online [EMAIL PROTECTED] _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
