OpenHack 4: No News Is Good News

By Jim Rapoza  |  Posted 2002-11-04 Print this article Print

OpenHack 4 suffered its first crack only a few hours after it opened for business Oct. 22.

OpenHack 4 suffered its first crack only a few hours after it opened for business Oct. 22, but the applications at the heart of eWeek Labs interactive online security test stood strong throughout the following week, withstanding more than 300,000 visitors and 10,000 attempted cracks.

The most common alerts sounded by the intrusion detection system monitoring the OpenHack site ( were attempts to gain access to system files and to leverage older problems in Microsoft Corp.s Internet Information Services.

These are the types of attacks one expects from script kiddies. Underneath all this noise, however, were many more-sophisticated attempts to penetrate the Microsoft- and Oracle Corp.-written applications hosted at the site. Some attempts were similar to the methods used by Jeremy Poteet, chief technology officer of Technology Partners Inc., who found a cross-site scripting hole in the Oracle-written application the day the test started.

For more information on this vulnerability and OpenHack updates, go to

Jim Rapoza, Chief Technology Analyst, eWEEK.For nearly fifteen years, Jim Rapoza has evaluated products and technologies in almost every technology category for eWEEK. Mr Rapoza's current technology focus is on all categories of emerging information technology though he continues to focus on core technology areas that include: content management systems, portal applications, Web publishing tools and security. Mr. Rapoza has coordinated several evaluations at enterprise organizations, including USA Today and The Prudential, to measure the capability of products and services under real-world conditions and against real-world criteria. Jim Rapoza's award-winning weekly column, Tech Directions, delves into all areas of technologies and the challenges of managing and deploying technology today.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel