Hacker intrusion collusion creates 'perfect IDS'

Three months after the infamous Def Con hacker fest back in July, a group of geeks have published data which they claim may prove to be the ultimate Intrusion Detection System (IDS) test bed.

Each year the Def Con meeting in Las Vegas hosts a 'Capture the Flag' contest. In this event some of the best hackers from around the world duke it out over a specially constructed network for 72 hours, hacking for the title. To 'capture the flag' a hacker must get root access on a well-secured central server.

But geek organisation the Shmoo Group diligently sniffed and logged every packet sent over the network for posterity, effectively recording in blow-by-blow detail how the best hackers on the underground get into secure networks.

This week after "numerous technical difficulties" the Shmoo Group has made the aptly named 'Capture the Capture the Flag' data publicly available for free.

"Since Def Con brings the best and brightest in the security community together, and Capture the Flag is the cutting edge of the underground, we figured there is great value in saving the packets for posterity," the group said.

But Shmoo explained that the idea wasn't to help security companies sell more IDS based on these signatures. "The end result is not better IDS and such," it said. "The end result should be a wakeup call for application developers to write more secure apps that don't need IDS in front of them."

So now is your chance to download "by far the most interesting, exploit ridden, 5.8Gb of intrusion collusion ever published. Free for the bandwidth endowed, this is the ultimate IDS test bed." It can be found here.