Symantec’s powerful virtual and physical server security solution- Symantec Critical System Protection was recently put to the test at the Black Hat conference. Seasoned hackers from various world renowned groups tried but failed to capture a ‘flag’ that was hidden within an un-patched, vulnerable Windows XP workstation protected by Symantec Critical System Protection.

The aim was to have security professionals and hackers help us improve our product by pointing out existing gaps. The flag was secured using Critical System Protection’s strong prevention policies on a Windows XP un-patched workstation. The workstation had 10 known OS vulnerabilities reported by Rapid 7, was vulnerable to attacks and had open shares that allowed external access.

At any given point in time at least 10 different IP’s were attacking the box, with some IP addresses originating from other countries, including people belonging to various hacker groups who kept trying social engineering techniques to get data about the system. The attacks that were being detected by Critical System Protection were exploitation of vulnerabilities on the system to try and get a remote shell or the execution of commands. Some interesting attempts were made.