RNP - Rede Nacional de Ensino e Pesquisa

português | español


 

 

About RNP | Partnership | Contact

 

Services | Backbone operation | Technologies | R&D | Networks | Qualification | Events

 

RNP > RNP News > 2004 News

RNP News 
 

Growing interaction between security groups of the Brazilian and Spanish academic networks

CAIS’s analyst was a juror in Rediris’s challenge


In October 2003, Jacomo Piccolini, senior analyst of RNP’s Security Incident Response Team (CAIS), was invited to participate, as a juror, in a forensic analysis challenge promoted by the security group of the Spanish academic network (Iris-Cert). The winners’ names were made public at the end of February. The invitation for CAIS to participate in the challenge is a result of the growing interaction between Rediris’s and RNP’s security groups.

Forensic analysis is one of the practices that have received most attention in the field of network security lately. Its goal is to investigate attacks to systems and get answers to the following questions: Who was the attacker (attacker’s IP address)? How was the attack made (tools used; vulnerability or flaw found by the attacker)? What was the attacker’s intention (what sort of "damage" was done to the attacked system)?

The challenge proposed by Iris-Cert aimed at making a forensic analysis of a previously attacked and affected Linux system. The jurors’ role was to evaluate the work handed in according to the evaluation proposal of the contest and to contribute to choosing the winners of the event.

By December 31st, more than 600 people had accessed the files with the information about the hard disk of the attacked machine. However, only 14 people or pairs sent the requested answers. In the evaluators’ opinion, all of the submitted answers revealed great knowledge of the techniques to be applied order to analyze an attack to the sort of equipment and system used in the challenge.

The five participants or pairs to get the best scores were David Santos and Javier Suárez; Germán Martín and David Pérez; Juan Manuel Tamayo; Román Rámirez; and Ervin Sarkisov. As a prize, they got licenses of the Encase Forensic Edition and manuals of Sans Institute. All of the competitors’ reports are available at Rediris’s site.

More information about Rediris’s forensic analysis challenge can be gotten at the address http://www.rediris.es/cert/ped/reto/.

[RNP, 04.04.2004]

News index:
2005 | 2004 | 2003 | 2002 | 2001 | 2000 | 1999

News search

 

See also:

Network security

RNP's Security Incident Response Team Webpage

RNP News

Documents

Publications

07.04.2005

Copyright RNP

Rede Nacional de Ensino e Pesquisa

Rua Lauro Müller, 116 sala 3902

22290-906 Rio de Janeiro RJ

phone: 55 21 2102-9660

fax: 55 21 2279-3731