The scan for Febuary, 2001. This month's challenge is to decode a specific attack
The Challenge:
The Results:
Writeups from the Honeynet Project members
The responses for this month's challenge have been outstanding. We
received almost 30 repsonses, everyone did an excellent job. We truly
hope that those who submitted answers developed their analysis skills.
For others, we hope you benefit from their hard work. The most common
mistake we found in people's analysis was they assumed the attack was
NT RDS (or msdac) attack, that is not the case. Read the results and
learn why.
Selecting the top entry was extremely difficult, as there are so many high
quality analysis. Instead of selecting a single winner for this month, we
have selected the top three entries. Also, we decided to not post submissions
that were incorrect, so as not to confuse people as to which one was the
correct answer. We would love to offer prizes to the top three (and actually
everyone that submitted) but we do not have the resources.
Bonus Question: Is it possible to gain remote control of the system
using this technqiue? If so, how?
Writeup from the Security Community