Author: JT Smith
this box” challenge. As a demonstration of its behavioral analysis
approach to the field of security, Cylant invites hackers and
crackers alike to attempt a root compromise of victim.cylant.com.
The first person to successfully “0wn” victim will have the server
shipped to them.
Victim is configured to represent the worst possible system
configuration from a security standpoint. It is running several
services that have known vulnerabilities. However, victim is only
supposed to be a web server. Victim has been calibrated as a web
server using CylantSecure. CylantSecure is victim’s first, last
and only line of defense.
“Victim is our way of saying that you don’t have to have your systems
vulnerable to the latest and greatest attack”, says Scott Wimer,
VP of Business Development at Cylant. “Nearly all software has
vulnerabilities; most of them just happen to be unknown. Victim
simply has more than most administrators would feel comfortable
with”, he says.
The web site
victim.cylant.com lists the various services
running on victim, since “doorknob attacks” are highly unlikely
to succeed. Details of the challenge are also available there.
About Cylant Technology
Cylant Technology is a software measurement company creating enabling
tools and technologies for the development of high availability
software. Their static and dynamic software measurement technologies
are directly applicable to the areas of security, reliability,
maintainability, testability, and survivability. Founded by Dr. John
C. Munson in 1999, Cylant has done projects for Sun Microsystems,
JPL, DARPA, and other organizations. For further information please
www.cylant.com, or contact Scott Wimer