{"id":234,"date":"2007-09-05T22:35:00","date_gmt":"2007-09-05T22:35:00","guid":{"rendered":"https:\/\/defragged.org\/ossec\/?p=234"},"modified":"2020-07-02T22:35:26","modified_gmt":"2020-07-02T22:35:26","slug":"ossec-at-the-own-the-box-competition","status":"publish","type":"post","link":"https:\/\/defragged.org\/ossec\/2007\/09\/ossec-at-the-own-the-box-competition\/","title":{"rendered":"OSSEC at the \u201cOwn the Box\u201d competition"},"content":{"rendered":"\n<p><a href=\"http:\/\/observed.de\/\">Paul Ziegler<\/a>&nbsp;(tatsumori) sent me a very interesting e-mail explaining how he used&nbsp;<a href=\"http:\/\/www.ossec.net\/\">OSSEC<\/a>&nbsp;to protect his box at the&nbsp;<a href=\"http:\/\/www.defcon.org\/\">Defcon\u2019s 15<\/a>&nbsp;<em>\u201c\u00d8wn the box\u201d<\/em>&nbsp;competition.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\"><p>During Defcon15 there was a new kind of contest called the \u201c\u00d8wn the box\u201d competition where anyone who 0wned a box got to take it home. I was over there as a speaker so I thought it might be fun to try defending a box. My box was based on Gentoo-Linux and hardened using various techniques\u2026<\/p><p>So the results were recently published on the DC-Homepage (http:\/\/defcon.org\/) \u2013 and if you look closely there is this line saying \u201cMost evil entry: Tatsumori (Gentoo Hardened with arp poisoning evilness)\u201d The arp-foo was actually done using scapy, but I scripted it as an active response for OSSEC 1.2. So part of my success to survive there (and really make people curse out while hacking) is OSSEC.<\/p><p>It\u2019s great modularity and easy extensibility makes creating kick-ass crazy dedicated solutions so much easier then it was ever before.<\/p><\/blockquote>\n\n\n\n<p>He also posted some information at his&nbsp;<a href=\"http:\/\/observed.de\/?entnum=83\">blog<\/a>. Very cool stuff Paul!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Paul Ziegler&nbsp;(tatsumori) sent me a very interesting e-mail explaining how he used&nbsp;OSSEC&nbsp;to protect his box at the&nbsp;Defcon\u2019s 15&nbsp;\u201c\u00d8wn the box\u201d&nbsp;competition. During Defcon15 there was a new kind of contest called the \u201c\u00d8wn the box\u201d competition where anyone who 0wned a box got to take it home. I was over there as a speaker so I [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[7],"tags":[],"_links":{"self":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/234"}],"collection":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/comments?post=234"}],"version-history":[{"count":1,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/234\/revisions"}],"predecessor-version":[{"id":235,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/234\/revisions\/235"}],"wp:attachment":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/media?parent=234"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/categories?post=234"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/tags?post=234"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}