[NOTE: This is a condensed version of the announcement. Once I have ip addresses and stuff I will release it to give people as much time as possible to gear up for the attack. The machine will be attached to our public net which will be addressable as defcon.org starting Friday the 4th to the 6th]

OK, here's the deal: having demonstrated to our own satisfaction that you can't easily get *into* a Sidewinder(tm) from the *outside*, we now will now test how hard it is to get *out* of one from the *inside*. Herewith, the rules:

Rule 1. There are no rules. There are, however, some things you have to do to claim the reward:

A. Log into the host as "demo." The door's wide open, no need to knock.

You'll find yourself in a limited service environment that looks a lot like a C shell. It isn't. Among the services denied to you is telnet and ftp. (Mail works fine, to show that we can control function instead of just ports.) Note that this demonstrates our ability to encapsulate and protect an arbitrary service. You don't have to waste a lot of time figuring out how to fool Mosaic or some such to perform a particular command sequence; just log in and do it directly.

B. Break out of the limited service environment and get to the machine on the other side.

C. Extract the congratulatory note stored in /pub.

D. Publish the signed congratulatory note on Usenet so anybody on the net can verify the signature.

E. Publish a description of how you did it in enough detail so that anybody on the net can duplicate your feat.

- - ---------------- The Rewards -------------------------------

1. World-wide bragging rights on Usenet.
2. A nifty jacket with a Sidewinder(tm) [7] patch on it.
3. A framed paper certificate, signed in ink by the members of the
4. Your name in our public documentation, along with a description of your
   attack and what we did to close the vulnerability it exploited. None of
   this security by obscurity stuff for us. If you outwit us, you get the
   credit and we document and fix the problem.
5. All the media attention that you can handle. Hey, if you want to further
   the myth of crackers as romantic outlaws, we can even get you on a talk
   show with a bag over your head :-)

Helpful Hints

Download the technical FAQ from ftp.sctc.com; it's in the pub directory, in both gzip (.gz) and compressed (.Z) PostScript.

Don't waste your time with packet-level games. This is a layer 7 gateway. It makes no security decisions whatever on the values of packet headers. The technical FAQ also lists other stuff that isn't worth trying. Remember, we're letting you *in* for free; no need to spray the neighborhood with cutely crafted packets.

Sidewinder Information, sidewinder@sctc.com