Day 2 saw the takedown of the OSX machine with a Safari bug, which was previously unknown. Today, the final day of the contest, the Vista box was compromised with an unknown Flash exploit. Another term for an unknown exploit is a zero-day.

Zero-day exploits are almost indefensible. This is why I preach the sermon of defense in depth. Always have defenses in place that allow you to detect intrusions, and these defenses be layered. This gives you options to thwart the attack, even if it is only to start by pulling the ethernet cable.

As for the competition, I am somewhat surprised that the OSX box, which is Unix/BSD based fell first. However, it was an application-based attack versus a core OS level compromise…

Does this make Linux invincible? Absolutely not. It does say something about closed-source versus open source  development, but there are also vulnerabilities in open source software, but there are more eyes available to look at it. We should never let our guard down, even running open source.

Sunday was my youngest’s 18th birthday, and she wanted to go to the Melting Pot, which was a great experience but expensive.

So currently, I am backing the information off of defiant, and will hopefully be able to get the to the task of rebuilding in the next day or so.

As if that is not bad enough, crazyhorse, my firewall, finally gave up the ghost. I found I had no vpn access to my home network from work, and thought it was a problem with Comcast. However, I got home and checked it, and the drive light was on solid, the CDROM drive was flashing and the power supply was hot. So I spent friday night pressing the SPARC I have been building out into service…Until 2am saturday.

Once I get defiant back up and running, I plan to get some recording done.

This will replace my current box, which is a PII/233. I’ve built a minimal Debian installation, then added the tools I need, such as snort, tripwire, iptables and other tools.

And with every device you put on your network, make sure you scan it before you bring it online.