Heres The Openhack III Deal | eWeek

Heres The Openhack III Deal

Verfasst von
Timothy Dyck
Timothy Dyck
Jan 15, 2001
2 minute read
eWeek Inhalte und Produktempfehlungen sind redaktionell unabhängig. Wir können Geld verdienen, wenn Sie auf Links zu unseren Partnern klicken. Mehr erfahren

In our continuing quest to find and evaluate the best ways to secure digital infrastructure, eWeek once again invites hackers from around the world to examine, probe and crack into four servers accessible from the Internet.

In eWeek Labs past two annual tests, we built our site using a classic IT security design: We used commercial, off-the-shelf operating systems and applications that were manually hardened and then protected using multiple firewall layers. This is by far the most common approach to Internet security used today.

This time, weve taken Openhack in a new direction: trusted operating systems. After our last Openhack test, trusted operating system vendor Argus Systems Group Inc., of Savoy, Ill., proposed that we try out the trusted operating system strategy in a future Openhack test, and that is the defining characteristic in this test. Argus PitBull line, which adds trusted operating system functionality to Sun Microsystems Inc.s Solaris, IBMs AIX and Red Hat Inc.s Red Hat Linux, is used throughout the site.

Its important to note that, although a number of products from IBM, Red Hat and Sun are used on the site, no staff from these companies (or from eWeek) was involved in site setup or configuration; Argus staff designed and set up the entire site itself. Our role is to audit the test to make sure the rules are followed and the systems are set up as described, which they are. We have remote root-level access to the servers throughout the test, which runs from Jan. 15 through Jan. 31.

Besides the challenge and public recognition for successful cracks, theres a decent pot of gold at the end of this rainbow, too: Cash prizes from Argus ranging from $1,000 to $50,000 are waiting for whoever can slip his or her way through our defenses. The qualifying cracks and exact rules are at www.openhack.com.

This is very much a test of PitBull and the trusted operating system approach. In fact, we are relying solely on the access controls in PitBull for protection. There are no firewalls—each system has an external IP address.

We are publishing user accounts and passwords so attackers will have local shell access to the shell account server and the Web server and so will be free to upload tools and run operating system commands, something that would normally be the IT equivalent of taking a syringe from a stranger and jamming it into your neck (using author Neal Stephensons colorful image).

Were keen to see what happens.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Eigentum von TechnologyAdvice. © 2026 TechnologyAdvice. Alle Rechte vorbehalten

Werbetreibenden-Offenlegung: Einige der auf dieser Website erscheinenden Produkte stammen von Unternehmen, von denen TechnologyAdvice eine Vergütung erhält. Diese Vergütung kann beeinflussen, wie und wo Produkte auf dieser Website erscheinen, einschließlich beispielsweise der Reihenfolge, in der sie erscheinen. TechnologyAdvice schließt nicht alle Unternehmen oder alle auf dem Marktplatz verfügbaren Produkttypen ein.