Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Apple Businesses

LinuxPPC Challenge: Crack the Box and Keep it! 161

Posted by CmdrTaco from the contests-with-incentive dept.
Jeff Carr from LinuxPPC was so amused by yesterday's MS W2k crack challange that he figured he'd play too: By setting up a LinuxPPC box challanging the adept out there to get in... but if you can get in, you get to keep the box! Its a stock LinuxPPC install, and he even left telnet on. The url is crack.linuxppc.org. You must be able to reproduce your entry to win. Have fun.
This discussion has been archived. No new comments can be posted.

LinuxPPC Challange: Crack the Box and Keep it! More

LinuxPPC Challange: Crack the Box and Keep it!

Comments Filter:
  • I think it should be clarified what the "crack guestbook" really is!

    I mean it does not seem as if it is impossible to crack if the "crack guestbook" shows several people actually cracking the system.

    Even the computer cracked itself! (127.0.0.1)

    Seriously, tongue in check and all, I believe the list should be removed to avoid any excess traffic on other sites (I would not believe /.ers would /. the guestbook list, would they?)

    Where do you want to go today? http://www.windows2000test.com seems off bound to me ;^P
  • I do believe that whoever moderated you down thought that you meant the "HAHAHAHAHA" in a nasty, flame provoking way. Also, moderators go kinda trigger happy on first posts, whether or not they are "first posts."
  • Starting nmap V. 2.12 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
    Host (169.207.154.108) appears to be up ... good.
    Initiating SYN half-open stealth scan against (169.207.154.108)
    Adding TCP port 23 (state Open).
    Adding TCP port 111 (state Open).
    Adding TCP port 80 (state Open).
    The SYN scan took 108 seconds to scan 1483 ports.
    For OSScan assuming that port 23 is open and port 30569 is closed and neither are firewalled
    Interesting ports on (169.207.154.108):
    Port State Protocol Service
    7 filtered tcp echo
    19 filtered tcp chargen
    23 open tcp telnet
    80 open tcp http
    111 open tcp sunrpc

    TCP Sequence Prediction: Class=random positive increments
    Difficulty=3004658 (Good luck!)

    Sequence numbers: 56980630 56E19E58 5757E55E 56A2583F 5758D1B1
    Remote operating system guess: Linux 2.1.122 - 2.1.132; 2.2.0-pre1 - 2.2.2

    Nmap run completed -- 1 IP address (1 host up) scanned in 121 seconds

    ================================
    check out that sunrpc port .. that looks promesing

    enjoy :-)
  • But /. is dogging it too.
    No response,
    slow response.
  • a good filter and firewall
  • This is real. In the seattle/victoria area we're having fanfuckingtastic lighting storms right now. I just got back from watching them god it's nice. Isn't to kind on competers though with lightning coming down evert 3-5 seconds.
  • Yes, it would appear that way, since RedHat Linux 6.0 by default disables all inetd services, as do most populuar things based on RedHat 6.0, such as LinuxPPC R5.

    Turning on Telnet on a server that you are trying to get secure seems a bit exterme... why have telnet enabled when you can have something like ssh enabled just when you need it. Of course if you are going to leave telnet enabled, you can at least use /etc/hosts.deny and /etc/hosts.allow to control what machine have access to that box.

    (Not to say that populuar sites around the web do have telnet enabled for everybody on any machine as long as you know the login/pass, for example www.macnn.com).

    This should be interesting to see what flaws (since we know they are not perfect) we learn about in RedHat Linux 6.0 and spefically LinuxPPC R5.

  • No, it obviously not a default install, since more services are enabled by this install (like telnet), then how it typically ships, with all inetd services disabled.

    So they changed some things that would be typically changed on the server to make it 1) easier to use 2) more services 3) added services locked down better.
  • RedHat 6.0 has no internet services turned on by default, you must manually enable FTP, telnet, etc.

    Obviously, LinuxPPC has made a few changes to the server, for example they disabled some scripts and enabled telnet (by far a fair compremise).

    Trust me, enought people have asked why telnet and FTP are disabled with the default install, if you don't believe me, see:

    http://www.linuxppc.com/updates/telnet-ftp-not-w orking.shtml

    That's also true with RedHat 6.0.
  • (microsofts next lame contest to prove their servers are tight)


    Microsoft will make you CEO if you can crack this out of the box config NT 4.0 computer.
  • (microsofts next lame contest to prove their servers are tight)


    Microsoft will make you CEO if you can crack this out of the box config NT 4.0 computer. this box is stand alone and our engineers have assured us we cannot loose.
  • bah... It's probaly just the old LinuxPPC, Inc. web/mailing list/ftp server, that they finally retired last month.

    That machine was a great, state of the art, 90mhz 601 machine, I think a PowerMac 7200.

    In the past, that machine seemed to lag quite often with all of the stress it had on it, and was partcally due to all of the load.
  • I can only imagine Microsoft's marketing geniuses saying:

    "Windows NT is the most secure operating system. It has a feature called IntelliCrash, which causes the operating system to crash when it detects high network traffic. Such traffic is always caused by hacker's activities, but, since the system is down, any attempts to break in will be unsuccessful. This innovation puts us years ahead of the competition."
  • I was under the impression that most buffer overruns were caused by overwriting the return address on the stack. So a function in a program run as root returns to exec /bin/sh. Different architectures might grow the stack in different directions, causing the buffer overflows to fail.

    I know that there are also buffer overflows on the heap, but I don't know how that works.
  • A team of us got together yesterday and we went bashing on it for a while. Judging from its reaction while we were after it I think we probably did bluescreen it or otherwise 'freaked it out' (to be technical). It came back up not too long after that though so nothing permanent. Probably just a reboot but no way for us to prove it was definitely our doing or someone else getting the KO punch in.

    I think someone REALLY got a suckerpunch in on them judging by its current reaction (or lack there of apparently). Probably is bandwidth flooding though.

    (The no-DOS attack method their rules were saying not do was for just swamping by the power of bandwidth. We just aimed at making it run out of ram and/or blue screening with as few packets as we could from multiple sites.)

  • I get to see the box, but only because IE5 has cached it. Go to the site and then hit the refresh button. 5 to 1 that it can't find the server.
  • Well... this is almost like the Happy Hacker wargames, except that it's worthwhile (prizes amounting to more than recognition). That, and it isn't intrisically flawed because it isn't run by Carolyn Meinel....
  • I love the idea, but I think you'd have a hard time finding anybody to host such a beast. Besides supporting what would probably be a huge amount of traffic - and some pretty funky looking packets, you've also got to consider what kind of collateral damage it could cause. Somebody mentioned that the MS test box has had it's DNS servers taken down already...

    Nope, you're wrong. Someone has already hosted many servers just for the intent to be hacked. Check out http://www.happyhacker.org/hwargame.html . Yep, a real life hack that box challenge that never goes away. [happyhacker.org]

    -Brent
  • oh, well...okay, but I still don't get it...I mean, it was very funny of them to do that...the first thing I thought when I saw the page was "it's sparse..." then I read that and started laughing...well, moderators, have fun with it..
  • This challenge to break into a LinuxPPC stock install (with nothing running) is NOT anallagous to Microsoft's challenge.

    There is no way in hell that the W2K server MS is putting up for this challenge is stock installed. It's probably been tweaked by MS engineers over the past two weeks to lock out any possible attack.

    When this server is cracked and theirs isn't, they will point to this as an example of W2k being more secure than Linux (which I doubt very much). This can't be allowed. Someone (maybe from Red Hat or from Debian or from *BSD) should take a week and secure one of thier servers and then let anyone go at it. Then we'll see whose server lasts longer.
  • I find it interesting to see how few people are flaming the LinuxPPC guys. When Microsoft started up their contest, people were extremely quick to crusade their views, many of them with four-letter words and simple sentences with little content.

    Of course, the Linux guys didn't make their web page incompatible with Netscape (or include unnecessary Javascript anyhow)...

    However, look at the situation from another angle--look at how shoddy the crack.linuxppc.org webpage is. Imagine if the Windows site had looked remotely like the LinuxPPC site does. Microsoft would have had a hard time finding enough extinguishers for THAT one.

    Imagine if the Windows guys had posted IP addresses on the main page.

    Do Linux users expect less of themselves? Do they not mind sloppy work? Does this make them feel more comfortable? The LinuxPPC site is definitely not designed to appeal to anyone in a "commercial" sense--is this why it's acceptible?

    In any case, it's good advertising for LinuxPPC I suppose...

    Oh well. I just think it's interesting how much our biases get in the way of logical thought.

  • Re:PR (Score:1)

    by rnt ( 31403 )
    a couple of the postings have pointed out that this could turn out to be a kind of an
    almost-competition between linuxppc and the W2K bug-- if one gets hacked and the
    other doesn't, that means that that OS is more secure.


    I don't quite agree... in the August 4th part 3 log entry on crack.linuxppc.org it is mentioned that portmap, sendmail, and ftp will be turned on eventually.

    So now we have a win2k machine that is supposed to be secured to the max on one side of the arena and a linuxppc machine which will be gradually opened up on the other side.

    Clever move of linuxppc because first of all turning on more services keeps people interested. Let people have their fun! Having fun and learning a thing or two on the way. What more do we want?

    Another benefit could be that the two machines cannot be compared that way:
    The linuxppc machine is willingly set up in a way that increases the risks of anyone getting in.

    So if the linuxppc machine gets compromised it is not a big deal, it is more or less intended.
    That makes it kind of hard to brag that the win2k box remained intact (in some sense anyway) while the linuxppc has been hacked.

    Besides that: there is much more to learn from a box that does get broken into. Something to do with "learning from mistakes" I believe... and I quite like the idea of other services getting a nice pounding too.
  • "If you get in, please submit a better web page than this" HAHAHAHA

    hahaha..
    ha
  • This looks more tempting than the cheesy MS "offer".

    Note, their server is down. I wonder if it's a DoS attack. Against the rules, but funny though.
  • I kid you not, I read on a MS page that NT
    5.0 (aka Win2000) would reduce the need for
    "administrative reboots". Now that is a great
    term if I ever head one.

    Mo

  • I meant Microsoft's is down.

  • Doesn't work that way, at least not in this instance. The game ends with the first person to break into the box, so there's no opportunity for one-upmanship. The first person breaking in will probably put up a big ol' page with gaudy graphics splashed on it saying "I DID IT HOO HA HA" and it will be all over.

    If it ever happens, that is.

  • Great. Hack into their site. They display your IP address for everyone else in the world to hack into.

    No thanks. I already got stung by the last wuftpd exploit.

  • Thanks for your concern.
  • yeah. that's why I use a UPS.
    my site didn't go down.

  • You break it, you keep it. (Score:4)

    by SirSlud ( 67381 ) on Wednesday August 04, 1999 @11:14AM (#1765802) Homepage
    Sounds suspiciously like a contest I run everyday when I bike to work. It's called "break the bike lock and keep the bike!".

    SirSlud
  • How are you supposed to crack a server that's only running on port 80? And how are you supposed to crack it if it's going on and off like a lightbulb? Somebody swamped microsoft2000test yesterday, then it crashed and they brought up a duplicate, then somebody took out both of the nameservers, then they went back up, but both servers were down...
    Now they've switched nameservers totally, but the site's still out for the count. I think this is a pretty shoddy deal if you ask me.

    --- pinging www.windows2000test.com, please wait...
    --- sending to www.windows2000test.com [207.46.171.196],

    error, ping 1 timed out...
    error, ping 2 timed out...
    error, ping 3 timed out...
    error, ping 4 timed out...
    error, ping 5 timed out...

    --- ping statistics for www.windows2000test.com
    5 packets transmitted, 0 received
  • Compared to microsoft's test site, at least this one is reachable so far. After two days, I have been able to load microsoft's page only once.
  • so i did the rpcinfo scan for you folks:

    $ /usr/sbin/rpcinfo -p crack.linuxppc.org
    program vers proto port
    100000 2 tcp 111 rpcbind
    100000 2 udp 111 rpcbind

    not much there other than bind... but that can be useful. i leave it as an exercise on what to do with that info. :)

  • One of the machines we host websites on at work had a problem with SQLServer 6.5 filling up the application log - it was reporting that a connection could not be made (because the maximum number of simultaneous connections had been reached) 6 times a second.

    Not very many services didn't crash, including IIS and SMTP (not good on a webserver!)

    Only way to fix it was change the log settings and reboot....


    Tim
  • Whiel you're correct, how many stolen bikes do you think are actually recovered every year? If someone actually managed to steal the guy's bike, what are the chances that he'd ever see it again or that the theif would ever be procecuted for it?
  • Except they wouldn't use the term "crash." Rather, "Temporary Security Enhancement Through Service Restriction" or similar.
    Hard to beat the name "IntelliCrash," though ;-)
  • I think they're assuming that their system is more secure straight out of the box than anything Microsoft could put up. I guess only time will tell, eh?

    In any case they win. If their system dies, they can still say, "but ours was a stock install," and they'll avoid most of the flack. The free toaster offer is good PR as well.

    If their system survives, they get to shout out, "our stock installation was more secure than the Redmond boys' machine." Of course, that probably won't happen.

    It doesn't look like they've got much to lose. Plus they're catering to the Linux crowd, not the Microsoft crowd, so they don't have to try all THAT hard to impress, I don't think.
  • There is some discussion on this issue from linux-kernel here [tux.org].

    The short version: It's possible to execute arbitrary code even if the stack is marked non-executable. Oh, and Alan Cox says Intel machines can't mark the stack non-exec anyway.

    So your point may be true, but it's of limited value.
  • The difficulty is that LinuxPPC R5 comes with all inetd services disbled (for security). So it's not *really* a stock install - Jeff had to make it less secure. I believe the intent is to keep turning on services (like telnetd, which was already enabled) if no one breaks it quick enough.

    Besides, if this server is cracked, then we will have found another hole to patch, which is the point of cracking, right?

    You talk about taking a week to secure a server, but it could be done in a few minutes by turning everything off except Apache (and disable CGI). "Secure" is kind of a tradeoff in that case.
  • ? - It damn well better. Some people actually need to keep complete logs. NT can be set to wrap around logging or halt when the log is full. Any installation with any security sense has NT to halt when logs fill, of course, they generally never let it get full either.
  • Looks like someone was reading ./ they have removed the IP list from the site (3:50 mdt) and made a few new comments about its configuration and stats, still telnet does not seem to be working.

    Dan-
  • We're not a non-profit entity. :) We do make enough to pay ourselves, pay our bills, and then have enough left over to buy new G3s for developers.

    We _do_ want to take over the world, but we're going to share the spoils with our friends. ;-)

  • would have helped to know that this company is based out of wisconsin and they are on my isp =)
  • Yes some operating systems do have non-executable stacks, I am unsure if Digital UNIX is one of them but it wouldn't surprise me. I do know Solaris has this feature (though there are/were some flaws, search bugtraq archives [geek-girl.com] for more info). Linux does as well through Solar Designer's secure-linux patches (http://www.false.com/security/linux/ index.html [false.com]). This may only work with Intel Linux, I haven't used it elsewhere. Gory details of how it works are include with the patches. Beware however that these are not perfect and can be defeated. Also note that there are good uses for executable stacks, search on "gcc trampolining" for some examples and discussion.
  • "ps - the machine still has 29meg of ram FREE - not buffered or shared - free as in totally unused with 128 connections. (160 meg of ram total.) Love to see the windows2000test.com box do that. "

    LOL! This is great. Actually, I'd love to see the W2Ktest machine do ANYTHING right now. It's been down most of the day.

    Looks like they finally got the router loops fixed though, but the machine is still not up. I wonder who's head is gonna roll in Redmond for this one? I'm sure the marketing genius who came up with this one didn't clear it with ole Billy-Boy...
  • look at how shoddy the crack.linuxppc.org webpage is

    Look at how much time it took for LinuxPPC site to appear. How much time and people do you think it took to put M$'s site up?

    Breace.
  • Nevermind, its still there its just been moved off to another page

    Dan-
  • Yes, the return address is modified to return to your evil code which you inserted in the buffer you overflowed. That code generally does something useful like give you a shell. See Smashing The Stack For Fun And Profit [phrack.com] for a much better explanation. Different architectures do grow the stack in different directions but that doesn't prevent the exploitation of overflows.

    Heap based overflows are very similar but they occur in the data (bss) segment of a program. w00w00 on Heap Overflows [w00w00.org] has a pretty good explanation.

  • The guestbook is including hostnames, and it's an shtml page.

    I'm not set up to change my hostname, but perhaps someone else would like to try changing their hostname to include a serverside include.

    for instance.

  • It's totally gone now. They removed in the last 10 minutes actually. I was just about to check how many people where on the list when it happened too. Damn.

    Hey, LinuxPPC guys, how about doing an "attempted cracks" counter?

  • Re:uh.... real nice ...not anymore (Score:2)

    by Anonymous Coward

    06-095.021.popsite.net
    0wned.org
    12.1.145.19
    12.1.182.66
    12.13.101.2
    12.13.101.5
    12.13.226.21
    12.15.222.5
    12.17.133.102
    12.19.7.129
    12.20.48.100
    12.20.66.36
    12.23.153.224
    12.4.125.144
    12.66.3.222
    12.76.123.49
    12.78.105.190
    12.79.180.100
    12.79.24.215
    12.8.190.10
    12.9.139.104
    127.0.0.1
    128.103.107.130
    128.114.10.13
    128.114.130.1
    128.114.130.224
    128.114.22.163
    128.115.134.64
    128.118.206.34
    128.119.198.30
    128.135.47.228
    128.138.129.12
    128.143.2.47
    128.146.156.242
    128.146.190.30
    128.163.161.148
    128.165.209.115
    128.165.88.132
    128.173.12.137
    128.173.17.87
    128.174.154.139
    128.174.5.39
    128.174.5.62
    128.183.105.37
    128.187.21.178
    128.197.73.220
    128.2.121.189
    128.2.15.12
    128.2.15.9
    129.133.28.203
    129.142.196.41
    129.176.201.45
    129.186.46.116
    129.187.26.51
    129.21.142.164
    129.22.240.140
    129.237.125.61
    129.237.97.63
    129.57.8.76
    129.57.9.170
    129.57.9.179
    129.6.61.57
    129.6.61.64
    129.6.61.65
    129.64.8.30
    129.65.242.5
    129.69.166.243
    129.69.192.144
    129.93.33.1
    130.115.255.113
    130.127.112.40
    130.149.82.47
    130.160.4.114
    130.160.7.39
    130.216.93.17
    130.231.6.20
    130.244.106.141
    130.244.175.90
    130.244.58.19
    130.64.1.30
    130.67.198.209
    130.67.50.88
    130.67.96.162
    130.68.1.26
    131.104.238.101
    131.128.23.171
    131.130.104.58
    131.151.6.34
    131.155.20.128
    131.155.209.82
    131.174.116.100
    131.174.97.67
    131.179.192.137
    131.215.86.119
    131.216.128.150
    131.216.136.173
    131.238.221.93
    131.238.3.50
    141.201.222.106
    141.201.53.23
    141.211.63.82
    141.213.8.81
    141.215.10.193
    141.31.147.253
    141.44.136.32
    141.69.150.240
    141.82.18.72
    142.104.124.69
    143.166.173.56
    143.195.1.4
    144.15.26.94
    144.32.178.46
    144.41.19.78
    144.74.19.216
    144.74.69.107
    144.74.69.67
    144.92.108.95
    144.92.112.142
    145.228.129.71
    145.253.2.35
    145.253.2.36
    145.253.71.163
    145.253.72.145
    145.253.74.131
    145.253.76.21
    145.253.94.137
    146.145.249.135
    146.186.226.167
    147.11.41.19
    147.253.80.10
    147.26.62.159
    147.86.141.72
    148.100.215.108
    149.136.185.159
    149.138.16.3
    149.225.11.73
    149.44.3.33
    150.135.83.151
    150.216.63.62
    151.140.22.53
    151.198.200.161
    151.199.124.10
    151.23.0.215
    152.1.9.115
    152.174.207.47
    152.19.5.73
    152.2.205.95
    166.72.196.67
    166.84.144.9
    168.122.16.231
    168.159.218.165
    168.175.254.62
    168.191.209.196
    168.191.82.165
    168.191.91.103
    168.58.110.4
    169.197.54.146
    169.207.131.61
    169.207.134.6
    169.207.154.107
    169.207.62.79
    169.207.85.200
    169.229.92.67
    169.237.129.161
    169.237.7.61
    169.244.19.131
    170.142.111.15
    170.65.40.28
    170.94.194.189
    18.215.0.52
    190.newark-23-24rs.nj.dial-access.att.net
    192.100.81.126
    192.101.159.1
    192.124.43.73
    192.127.94.7
    192.131.1.4
    192.135.215.35
    192.138.149.4
    192.148.249.74
    192.150.11.14
    192.160.145.62
    192.17.17.130
    192.195.249.21
    192.195.85.210
    192.197.71.189
    192.219.29.174
    192.233.136.11
    192.245.102.11
    192.246.229.214
    192.25.214.6
    192.28.2.11
    192.31.106.1
    192.33.12.69
    192.68.228.2
    192.76.134.33
    192.9.51.3
    194.152.172.114
    194.162.145.35
    194.17.41.1
    194.18.101.34
    194.197.215.2
    194.198.101.1
    194.208.80.90
    194.208.92.67
    194.221.140.149
    194.222.63.202
    194.222.8.242
    194.231.246.180
    194.231.50.144
    194.236.213.123
    194.236.215.94
    194.242.196.203
    194.252.1.200
    194.51.167.7
    194.64.39.28
    194.65.230.81
    194.65.231.252
    194.7.44.225
    194.7.44.226
    194.72.42.56
    194.94.24.15
    194.94.27.35
    194.94.72.124
    194.94.72.126
    194.94.79.146
    194.95.210.55
    194.97.8.164
    195.114.68.138
    195.14.233.244
    195.143.133.82
    195.143.28.45
    195.144.66.11
    195.162.211.19
    195.162.214.217
    195.166.139.131
    195.166.17.18
    195.17.73.6
    195.179.182.249
    195.179.84.182
    195.186.49.140
    195.188.192.3
    195.190.20.5
    195.190.20.8
    195.193.71.12
    195.2.169.34
    199.179.168.21
    199.217.179.162
    199.222.102.24
    199.232.225.18
    199.232.56.155
    199.240.131.6
    199.34.138.5
    199.44.121.100
    199.45.180.168
    199.72.63.2
    199.77.241.57
    199.80.64.7
    1Cust246.tnt9.mobile.al.da.uu.net
    1Cust254.tnt2.new-port-richey.fl.da.uu.net
    200.246.133.232
    200.30.36.4
    202.175.36.13
    202.239.129.98
    203.101.8.186
    203.141.89.167
    204.101.128.170
    204.116.105.201
    204.116.105.203
    204.120.86.79
    204.123.9.76
    204.133.76.235
    204.143.88.170
    204.146.167.237
    204.157.28.119
    204.171.56.12
    204.186.132.220
    204.200.26.249
    204.201.36.60
    204.209.13.16
    204.209.13.50
    204.233.149.15
    204.233.33.63
    204.244.79.129
    204.247.248.254
    204.254.20.134
    204.254.26.24
    204.26.82.5
    204.50.58.21
    204.50.73.2
    204.57.230.98
    204.71.94.223
    204.73.77.78
    204.92.192.254
    204.92.92.4
    206.235.208.2
    206.239.230.70
    206.243.225.122
    206.246.132.18
    206.249.10.9
    206.25.87.88
    206.250.128.222
    206.251.162.36
    206.251.228.219
    206.29.141.237
    206.32.221.66
    206.40.108.228
    206.48.122.153
    206.58.2.63
    206.58.25.245
    206.6.238.10
    206.66.13.105
    206.66.99.144
    206.68.204.37
    206.86.154.23
    206.97.151.44
    206.97.175.184
    206.97.65.17
    206.97.88.159
    207.108.173.122
    207.110.37.52
    207.111.212.178
    207.126.105.147
    207.127.69.20
    207.134.168.101
    207.135.116.245
    207.135.131.153
    207.136.14.73
    207.138.231.95
    207.138.232.149
    207.139.178.34
    207.140.74.130
    207.15.170.31
    207.153.9.81
    207.155.143.117
    207.155.96.37
    207.159.105.131
    207.159.93.20
    207.16.153.157
    207.16.5.140
    207.161.224.43
    207.161.225.114
    207.168.73.180
    207.171.209.66
    208.15.173.3
    208.150.70.131
    208.151.7.175
    208.152.101.253
    208.152.187.140
    208.152.187.163
    208.152.24.17
    208.157.22.219
    208.16.29.139
    208.16.9.92
    208.161.201.178
    208.165.34.242
    208.166.162.61
    208.17.58.196
    208.19.193.169
    208.201.134.2
    208.204.227.13
    208.205.182.1
    208.206.247.152
    208.207.65.236
    208.207.65.6
    208.207.65.7
    208.21.27.6
    208.210.111.70
    208.210.85.198
    208.219.4.235
    208.219.70.3
    208.220.46.111
    208.221.102.251
    208.228.132.188
    208.229.121.42
    208.229.229.167
    208.241.97.130
    208.242.126.233
    208.242.162.61
    208.243.144.10
    208.244.148.253
    208.246.233.5
    208.249.36.2
    208.251.243.254
    208.253.11.185
    208.254.169.221
    208.26.231.61
    208.3.135.29
    208.32.204.3
    208.32.204.5
    208.44.102.21
    208.8.63.7
    209-122-217-50.s50.tnt1.atn.pa.dialup.rcn.com
    209.182.66.6
    209.185.85.59
    209.186.43.132
    209.192.217.21
    209.195.11.176
    209.197.144.15
    209.197.144.33
    209.198.142.194
    209.213.94.232
    209.214.88.43
    209.214.98.118
    209.215.153.34
    209.218.241.162
    209.218.67.132
    209.218.86.11
    209.219.204.2
    209.220.27.250
    209.224.199.240
    209.226.46.92
    209.226.82.199
    209.232.222.1
    209.239.142.234
    209.241.234.5
    209.242.84.12
    209.242.9.3
    209.245.5.148
    209.250.40.237
    209.250.78.231
    209.251.79.107
    209.30.101.230
    209.31.36.209
    209.36.104.6
    209.36.105.132
    209.45.132.3
    209.49.1.57
    209.49.185.208
    209.5.245.146
    209.5.75.40
    209.50.4.73
    209.54.54.166
    209.57.142.27
    209.57.145.206
    209.57.224.15
    209.57.91.134
    209.58.32.49
    209.58.5.165
    209.58.5.166
    209.6.0.151
    209.63.10.104
    212.32.172.115
    212.43.207.16
    212.49.139.18
    212.53.197.174
    212.63.145.237
    212.7.167.253
    212.7.167.6
    212.72.80.74
    212.72.85.148
    212.76.145.211
    212.81.150.228
    212.81.159.190
    212.81.171.145
    212.81.172.169
    212.83.79.166
    212.94.193.116
    212.97.194.55
    215.morristown-06-07rs.nj.dial-access.att.net
    216-32-34-252.irv0.flashcom.net
    216-53-137ppp144.mpinet.net
    216.1.114.68
    216.101.194.195
    216.103.105.213
    216.118.25.150
    216.13.50.10
    216.132.201.1
    216.132.81.82
    216.14.11.106
    216.155.28.194
    216.168.238.199
    216.180.14.7
    216.180.30.62
    216.192.59.132
    216.206.203.245
    216.207.212.160
    216.208.135.237
    216.211.97.40
    216.221.32.68
    216.26.5.45
    216.27.11.84
    216.3.68.2
    216.32.34.252
    216.34.100.231
    216.41.30.77
    216.53.137.144
    216.61.88.225
    216.70.158.187
    216.78.144.14
    216.78.184.96
    24.64.185.179.on.wave.home.com
    24.64.28.172
    24.66.41.94
    24.66.41.94.mb.wave.home.com
    24.66.45.250
    24.7.131.186
    24.8.188.136
    24.92.239.104
    24.93.12.164
    24.93.22.133
    24.93.242.192
    24.95.24.108
    32.100.141.128
    33-29.H.dial.o-tel-o.net
    35.8.4.89
    36.51.0.54
    38.151.156.129
    38.182.104.66
    38.183.48.74
    38.202.145.254
    38.222.98.240
    38.246.96.2
    38.28.97.248
    39-116.egginc.com
    4.17.192.55
    4048b06.specent.com
    45.frankfurt.dialup.cybernet-ag.de
    48-216.B.dial.o-tel-o.net
    49.columbus-05-10rs.oh.dial-access.att.net
    53.122.2.31
    62.0.150.20
    62.104.64.66
    62.108.24.27
    62.136.28.22
    62.144.250.67
    62.156.16.68
    62.157.19.250
    62.157.202.242
    62.157.21.6
    62.157.68.21
    62.158.120.205
    62.158.126.94
    62.158.18.117
    62.158.20.99
    62.158.85.222
    62.172.107.140
    62.52.129.145
    62.52.130.143
    62.52.138.48
    atmax-4-9.enter.net
    av209x177x21x43.aero-vision.com
    avalon.dpc.com
    b61580.STUDENT.CWRU.Edu
    baycity-0164.wcnet.net
    bc77-253.jacksonville.net
    beavis.eng.techline.com
    begate.boeing.com
    bftir.lanl.gov
    blacker-119.caltech.edu
    blah
    blndi4-145-253-076-021.arcor-ip.net
    bo.oca.udayton.edu
    boeing.infocom.com
    br-d-215.agrinet.ch
    brain-dead.pa.uky.edu
    brenne.swm.uni-mannheim.de
    burns.cmf.nrl.navy.mil
    bw6.bivwood.com
    c221812-a.olmpi1.wa.home.com
    c71114-a.potlnd1.or.home.com
    caard1-p29.telepac.pt
    cable-195-162-214-217.customer.chello.be
    cacta95.phil.unc.edu
    catv6100.extern.kun.nl
    cc493382-b.whmh1.md.home.com
    chef.ecs.soton.ac.uk
    chevrons.demon.co.uk
    ci594222-a.ruthfd1.tn.home.com
    client-151-199-124-10.bellatlantic.net
    cm116-2.evhr.net
    cobol.mtsu.edu
    coke.imsa.edu
    coredump.novagate.com
    corp.stamps.com
    cow.imv.de
    cr342197-a.hnsn1.on.wave.home.com
    creature.Crew-KG.NET
    crescent.bitwrench.com
    cronus.oanet.com
    cx275569-a.msnv1.occa.home.com
    cx337747-b.wwck1.ri.home.com
    cx38442-a.santab1.ca.home.com
    cx87325-a.nwptn1.va.home.com
    d142-h036.rh.rit.edu
    d185d0ca4.rochester.rr.com
    d185d1685.rochester.rr.com
    d8-31.dyn.telerama.com
    dante.gsfc.nasa.gov
    firewall.weltman.com
    foxboro-bh.foxboro.com
    fw-02.microage.com
    fw240.smed.net
    g76.jlab.org
    gate.mcc.net
    gatekeeper.tripos.com
    gatekeeper.westar.com
    gateway.dievision.de
    geekport.be.com
    geminga.Berkeley.EDU
    gemini.clide.howard.edu
    get
    gleung.llnl.gov
    global.mactemps.com
    global.sl.se
    glympton.airtime.co.uk
    gow068.graddosten.ac.se
    gps-fddi.leeds.ac.uk
    greenbay.shoreland.com
    gtng-m130-143.pool.mediaways.net
    gw-31.wh.uni-stuttgart.de
    gw.varesearch.com
    h135-3-84-10.outland.lucent.com
    ha1.ntr.net
    hadrian.guardian.co.uk
    handi4-145-253-094-137.arcor-ip.net
    harold.sierraweb.com
    hawk-a-047.resnet.purdue.edu
    hdcnet.com
    helium.dcs.kcl.ac.uk
    hephaestos.cs.ucdavis.edu
    hercules.regi.ubc.ca
    heretic.Sunquest.COM
    hitchhiker.ltnb.lu
    hlt8-m156-51.pool.cww.de
    hmbdi3-145-253-071-163.arcor-ip.net
    host-15.edinc.org
    host-209-214-88-43.atl.bellsouth.net
    host-209-214-98-118.sav.bellsouth.net
    host-212.121.137.56.de.colt.net
    host-212.121.137.60.de.colt.net
    host-62.96.13.148.inetservice.de
    host.159-142-112-5.gsa.gov
    host113-sub66.symantec.com
    host178.wbg.logicon.com
    i48-13-45.pdx.du.teleport.com
    indigo3.igpm.RWTH-Aachen.DE
    ip23.boanxr11.ras.tele.dk
    modemcable011.85-200-24.mtl.mc.videotron.net
    modemcable148.13-200-24.que.mc.videotron.net
    moe.apci.com
    monsoon.ssec.wisc.edu
    ms02-377.tor.istar.ca
    mueata-e1-wan029.citykom.de
    n016.nijmegen.telekabel.euronet.nl
    n1-h254.isgtec.com
    n20057.telekabel.chello.nl
    n23-c209-c149-c50.bs.xlate.ufl.edu
    nas1-03.dialup.neca.com
    nat3.densonreed.com
    nd026094.global.medtronic.COM
    netblk-10-152.netapp.com
    netcom14.netcom.com
    newport32.aiconnect.com
    node181b.a2000.nl
    obsession.logics.de
    onh1-168.twcny.rr.com
    orion.linuxbox.com
    oub.daytontbrown.com
    outbound.seic.com
    p249.n03.fra.access.is-europe.net
    p3E9C1044.dip.t-dialin.net
    p3E9D13FA.dip0.t-ipconnect.de
    p3E9D1506.dip.t-dialin.net
    p3E9E1275.dip.t-dialin.net
    p3E9E1463.dip.t-dialin.net
    p3E9E78CD.dip0.t-ipconnect.de
    p3E9E7E5E.dip.t-dialin.net
    p798.as1.adl.dublin.tinet.ie
    pC19F3868.dip.t-dialin.net
    pC19F7E1C.dip.t-dialin.net
    pC19F7FAD.dip.t-dialin.net
    pa1.cantor.com
    packetway.MPI-SoftTech.Com
    pages.sssnet.com
    paix-alg-gw9-51.ncal.verio.com
    panache.ernie.org
    panther.uwo.ca
    paris.ncsl.nist.gov
    pc15.cybersurf.net
    pc33.cybersurf.net
    pc70.escient.com
    pc83010.stofanet.dk
    pcBaby.ACNS.Carleton.edu
    pcbellet.imag.fr
    pdx-0104.dip.internetcds.com
    pec-11-73.tnt1.hh2.uunet.de
    rocco.ngdc.noaa.gov
    rodan.apollotrust.com
    router.ddd.de
    rtowster.state.lib.la.us
    rz111.rz.hs-bremen.de
    rzpc23.uni-trier.de
    s152.paris-90.cybercable.fr
    s4m097.dialup.RWTH-Aachen.DE
    s5n81.hfx.andara.com
    sass.thecomplex.com
    saturn.bt.com
    scuttlebutt.linuxcrypt.com
    sdn-ar-002florlaP077.dialsprint.net
    sdn-ar-002florlaP325.dialsprint.net
    server.penfieldsmith.com
    servo.msln.net
    seven.cvconline.com
    sg20.york.ac.uk
    shell-sprint.global2000.net
    shell.one.net
    shell1.ncal.verio.com
    shl-host1.shl.ca
    siebert.kawo2.RWTH-Aachen.DE
    skovarik.engl.iastate.edu
    slip166-72-196-67.fl.us.ibm.net
    socks1.clearlake.ibm.com
    spjork.handeye.com
    spmhc.org
    staff.feldberg.brandeis.edu
    station-132.vm.com
    staudir7.cc.univie.ac.at
    stgdi3-145-253-074-131.arcor-ip.net
    surf0004.sybase.com
    surf15-158.hhe.adelphia.net
    swift.ukc.ac.uk
    swizzle.imergy.com
    swtc19.cc.swt.edu
    system3.chordant.com
    t3o35p3.telia.com
    tarsis.ncsa.uiuc.edu
    tcp-relay-4.adobe.com
    therest.wholefoods.com
    thunderclap.g-web.net
    ti12a61-0066.dialup.online.no
    tigger.splwg.com
    times.cmgi.com
    tlo40f9.swm.uni-mannheim.de
    tnt1-182.toolcity.net
    tnt2-28-119.iserv.net
    tob0364e.is.rpslmc.edu
    tpk-ppp-b63-KMC.networksplus.net
    triton.uqtr.uquebec.ca
    trustnoone.erols.com
    ts03-116.dublin.indigo.ie
    twoface.sep.com
    tycho.osc.edu
    u105-132.rose.net
    ultra13.cs.umr.edu
    unique.outlook.net
    unknown
    unknown-225-148.connectix.com
    unknown-41-19.wrs.com
    unknown.nbrhood.udayton.edu
    unspacy.demon.co.uk
    user.neteng.com
    user2.infinet.com
    users.newsregister.com
    usi-phl-2.usinteractive.com
    usr410-edi.cableinet.co.uk
    vernetzt.at
    walapai.telematik.informatik.uni-karlsruhe.de
    wc153.ccsn.nevada.edu
    we-24-130-86-171.we.mediaone.net
    website.naples-online.com
    wiley240h066.roadrunner.nf.net
    wndnsvr02-26.mnsi.net
    wnpgas10-p73.mts.net
    wo-d-152.agrinet.ch
    wo-d-171.agrinet.ch
    wo-d-209.agrinet.ch
    world-f.std.com
    wrench.toolcity.net
    www.linux.de
    x149.mcis.de
    xania.demon.co.uk
    xlsa.kwantlen.bc.ca
    xmission.xmission.com
    zappa.neis.net
    zelgadis.mich.com
    zen.webmedia.co.nz
    ziggy.bitstream.net
    zoom11-106.telepath.com

  • Why is this moderated down? This person has several valid points. If you're a moderator, please to to bring it back to at least 1...

    -ElJefe
  • 1 KN0W!!!!!!!!!!!111

    1'M JU5T G0NN4 K33P TRY1N6 2 6U355 R00T PA55W0RD.
    S0 FAR, 1 KN0W IT'5 N0T BLANK, "ROOT" OR "SECRET" BUT 1'LL K33P TRY1NG! 1 W1LL 3V3NTUALLY GU3SS IT!!!!!!111111 1 W1LL TH3N HAV3 A PPC B0X ALL T0 MYS3LF!!!!1
    :WQ
    :wq
    ------ ------ ------
    ALL HA1L B1FF, TH3 M05T 31337 D00D!!!!!1
    ------ ------ ------
    ALL HA1L B1FF, TH3 M05T 31337 D00D!!!!!1
  • True, but then that's part of my point. There's the issue again of the fact that Microsoft has to have a nice page up.

    I ask again--what kind of flame would they have drawn if they had set up a "quick and dirty" page?

  • Is it a nice G3? Or a crappy 603/200mhz like my machine! Egads!

    Open the sendmail PORT!!!

  • PR (Score:1)

    by mcc ( 14761 )
    a couple of the postings have pointed out that this could turn out to be a kind of an almost-competition between linuxppc and the W2K bug-- if one gets hacked and the other doesn't, that means that that OS is more secure.

    Well, if we're going to play it like that, i think linuxppc has already won-- after all, this long after the w2k challenge was posted on /., the slashdot effect had already practically taken the windows2000test box out.

    So this would seem to imply that LinuxPPC is, if not more security-friendly than w2k, at least a _lot_ more reliable. Which if you ask me is more important than "security", since total security will never really happen.

    Now if only it supported HFS+.. but i guess that really isn't a huge problem if you look at it in perspective. -_-

    -mcc-baka
    INTELLECTUAL PROPERTY IS THEFT
  • $ portscan crack.linuxppc.org
    Scanning host 169.207.154.108 - TCP ports 1 through 1024
    23 (telnet) is running.
    80 (www) is running.
    111 (sunrpc) is running.
  • I held root on 3 of the games in the happyhacker wargames. I'd really suggest not getting involved though, because it's just a big thing to get people's info to add to the "Hacker information Database" on antionline.com. Yup, that's right, a big list of people involved with hacking that JP shares with the feds.

    Anyhoo, tg0d (www.tg0d.org) is going to be hosting something like this of it's own. We aren't gonna keep a log of people's IP's or anything like that. And if you root a box, it's your as long as you can defend it for. Our games aren't up yet, but we have 5 boxes that are schulded to go up soon. So bookmark www.tg0d.org and come back later for more info.

    P.S. Yeah, our page sucks.. it's not complete yet, we've been busy.

    schematic

    The more you learn, the more you realize how little you know.
  • We do this stuff every day at Tiger Team Australia [tigerteam.com.au] and if there is one thing we have learnt is that a target cannot ever be declared secure because tommorrow there will always be another sploit. The best you can hope for is a box that is not easy to crack into. This means keeping up to date with your security. Nothing more.. To fix a machine's security you have to test it. It makes no good to turn all your services off and then say "go on.. hack me", only to turn em all back on the next day. When we are hired to do a penetration test we tell the client not to inform their staff of the attack for precisely these reasons. As for crack.linuxppc.org.. you might as well remove tcp from the kernel (although I do like the chances of burning apache.. but you need a little more information on the web content.. my guess would be that this is a stock standard install which is pretty pointless cause real clients put real web pages on their machines and, more to the point, it's the braindead web designers and graphic artists who put the data on there, screwing up perms and so forth). The environment that you find the machine in is more important than the machine itself. To the leet crackers out there, (none of my crew included.. get back to work) I suggest that you do a location hack (geographic hack, neighbourhood hack.. etc).. traceroute the box, hack the isp, or any other client of that isp, go back up the chain and violate trust.
  • Someone that does not know how to use telnet should not be trying to break into another machine. You have to walk before you can run.

    Not knowing about telnet implies a general vacuum in the unix/ip-clue area.
  • An iMac. MS is probably running their test server of some big Xeon iron. I just think it would be funny to show that Apple's little jelly bean computer running Linux makes a better server than a $7000 Xeon box running W2K ;-)

    An iBook would be even better, but I don't think anyone outside of Apple has one yet.
  • ...that the box you'll be getting will more than likely be a ...

    ...Macintosh.

    J.
  • >Except they wouldn't use the term "crash." Rather, "Temporary Security Enhancement Through Service Restriction"
    >or similar.
    >Hard to beat the name "IntelliCrash," though ;-)

    ummm, how about "Temporarily Restrict Availabilty to Server Hardware"???

    That'd make Microsoft IntelliTrash(tm) :-)

    heh heh

    big
  • That was actually kindof a worthwhile read. Not in the sense of trying to track down names, but it was nice to see a few of my favorite IP addresses on the list.
  • slashdos effect...i like it.
  • Trying 169.207.154.108...
    Connected to crack.linuxppc.org.
    Escape character is '^]'.
    GET /cgi-bin/cachemgr.cgi?wtf=9 HTTP/1.1
    Host: crack.linuxppc.org

    Connection closed by foreign host.

    Whats the deal there? no perm-denied..no no-such-page. Is this definitely a stock install?
  • OK. Let's take a look at reasons the flames aren't fortcoming (beside your insinuation of MS bias)...

    Of course, the Linux guys didn't make their web page incompatible with Netscape (or include unnecessary Javascript anyhow)...

    This may seem like a minor point, but it actually points to a chief complaint towards MS; "Our way or no way". The promise of Java is cross-platform compatability; MS' implementation breaks this. A good web site can be handles by a multitude of browsers and platforms - even MS' own corporate site runs fine with Netscape. Yet, here it breaks. Did MS do this on purpose? Their past history certainly implies this is possible.

    ...look at how shoddy the crack.linuxppc.org webpage is.

    Do Linux users expect less of themselves? Do they not mind sloppy work? Does this make them feel more comfortable? The LinuxPPC site is definitely not designed to appeal to anyone in a "commercial" sense--is this why it's acceptible?

    Oh well. I just think it's interesting how much our biases get in the way of logical thought.

    Actually, I would point out that the web page makes perfect sense. The idea of this "counter-challenge" is NOT glitzy publicity. The machine is there to be attacked - not to hand out online brochures. The marginal page is functional... even humorous ("If you get in, please submit a better webpage than this :)"). I hardly see how additional flash would make a TECHNICAL challege more legitimate.

    Imagine if the Windows guys had posted IP addresses on the main page.

    Now, here you've made a good point. And apparently, others have made it too since the page has removed the "log". I agree. Posting these IPs is trouble and MS would definately get flamed hard for it.

    In the final analysis, you have to ask yourself what are the motivations here? The belief is that MS is pulling a shallow publicity stunt (and none too origional at that). No matter what the outcome, MS will turn it into brochure fodder for PHB's. In the meantime, issues such as MS' responce times to discovered security holes are not dealt with.

    The LinuxPPC guys are responding to MS' publicity stunt with a copycat stunt. They've done it in good humor. And they've done this in a way that appeals to other tech-minded people. If anything, its less dubious bait-and-switch and more lampooning. Will they get glitzy brochure fodder out of it? I don't know. Ask their marketing department.

  • I'm sure the marketing genius who came up with this one didn't clear it with ole Billy-Boy...

    Somehow, I suspect a lot happens in Redmond that doesn't get cleared with "ole Billy-Boy". I highly doubt he's in every marketing meeting for every little stunt they come up with. Gates is probably involved in much higher-level stuff than this (although I personally have the feeling he's more of a company mascot than fearless leader at this point - think Ronald McDonald). Microsoft is way too big for one person to keep track of everything that's going on...

  • The game, almost exactly as you stated it, takes place at DEFcon--it's called Capture the Flag--to win, you have to root, and to keep, more systems than the other folks.
  • I don't believe this is an option, since the SSI appears (as far as I can tell) to be simply including a text file generated by some other script.
  • It's "funny" because Challenge *IS* spelled correctly in the title!
  • I'm listening to KMFDM while reading these comments about cracking Microshaft vs LinuxPPC. It "owns" you. The best music by which to read comments. :-)
  • The outcry about Netscape not working with the page was understandable. I don't believe in proprietary standards either, which is why I mentioned it. Microsoft's general website however, follows a certain plan--they have pages which are formatted and displayed to IE users, and then they have pages which are for non-IE users. If you view www.microsoft.com from non-IE4/5 browsers, you're going to see an entirely different site.

    One way to sort of "excuse" the www.windows2000test.com guys is that they probably were trying to remain within the Microsoft web site design specifications. Perhaps they didn't feel like making the non-IE4/5 version of the page or ran out of time? When viewed from the perspective of it being part of a larger site with a required "look and feel", rather than an independant page, it's somewhat easy to justify their mistake.

    The belief is that MS is pulling a shallow publicity stunt (and none too origional at that).

    That's definitely something I would agree with. I'm under the belief that it was a bad move on their part--if anything it just made them look really bad.

    The LinuxPPC guys are responding to MS' publicity stunt with a copycat stunt. They've done it in good humor. And they've done this in a way that appeals to other tech-minded people.

    True, but it still seems to me that LinuxPPC is a company that is not adverse to publicity (it'd be hard to survive without it). To say that they made the site in the manner that they did just because it appeals to other like-minded individuals seems to go against the fact that in the grand scheme of things, they are trying to make money...aren't they? I profess to not knowing much about LinuxPPC, so correct me if I'm wrong and that they are a purely non-profit-oriented Linux distributor.

    So, in that sense, I still wonder if professionalism is a negligible requirement of Linux users in the companies that they allow to represent themselves. Any thoughts on that, anyone? Or is this reply too deep for most people to notice? :)

  • Ok, everyone run "ping -t crack.linuxppc.org"
    and just leave it going.
  • I think what MS and LinuxPPC are doing is great. For a long time now, the default install of many operating systems- Red Hat 6.0 included - has been very insecure. For instance, I believe you might be able to remotely attach to a default installation's X server and watch users enter passwords!

    I'd like Red Hat to try to make their next release be secure by default - no Internet services turned on - and still have X working properly (maybe using Unix domain sockets?).

  • It looks like a fiasco... Why in the world
    they went for this. With IPv4 nothing is stable, if you fuck with it long and hard enough...
  • ..run it on P-II 350 with 128Mb. Or that what
    they claimed when the site was up.

    But I think it is a T3e running -g version of NT
    in emulation mode...

    Or, well, I do not think.. Nevermind :)
  • I'm pretty much in agreement here. I'm surprised they're displaying the IP#s ..... kinda kills my desire to take a crack at it.

    SirSlud

  • someone, (Score:1)

    by Anonymous Coward
    please fix the spelling of "challange" in the title...

  • A very good idea to route back the efforts, indeed (Score:3)

    by arieh ( 30860 ) on Wednesday August 04, 1999 @11:18AM (#1765872)
    Kudos to the PPC guys.

    No better way to detract from the interest that
    Microsoft may have generated than to divert back the efforts of the linux community to a more
    worthy cause - improving the security of our own systems.

    Let's eat our own (dog)food.

    Arieh

  • This could turn into "King of the Hill" (Score:3)

    by slothbait ( 2922 ) on Wednesday August 04, 1999 @11:19AM (#1765874)
    The comment:
    If you get in, please submit a better webpage than this :)
    ...made me think. Whoever can make it into this box gets to replace the web page with whatever they want...they become owners and get to be "King of the Hill". Plus, if they acquire root access, then they presumably have the power to patch whatever hole they crawled through, making the box that much more secure.

    But what could really prove interesting is if someone tried to break in and steal from the stealer...knocking off the old King and resulting in a King of the Hill, and so on...

    All the while, people would be stress-testing the system. And people will have an ego-incentive to discover security holes because, if they find a way in, they get to be "King of the Mountain" until someone else finds a new way to crack the box.

    Oh what a game this could become!!!
    --Lenny
  • Well, with IE 5 at work I've been able to hit the microsoft site pretty much all day today and most of the day yesterday. That's the Win2000 one as well as the regular one. So it doesn't seem to have gone down too hard if at all.... Then again, if they just did something screwy with the page so that only IE5 would show it as existing....
    Wouldn't that be interesting? I away to entirely shut out half of the community from your website.

    Kintanon
  • This was posted on winsucks [windowssucks.com] yesterday.
  • If you had a sign on your bike: "Remove the lock and the bike is yours", then you could compare the two. This is an offer that allows you legally to crack, hack, scriptkiddie your way into the box, and if you do, its yours, legally. A huge difference.
    Stan "Myconid" Brinkerhoff
  • I know, I know, I was just kidding around. =)
  • Unfortunately, the louder voice does tends to be the more ignorant one, doesn't it? I'd hate to believe that all of those Linux users who were titillated by the "[BEEP]" filter in the guest book were truly representative of Linux academia.
  • Well... this is almost like the Happy Hacker wargames, except that it's worthwhile (prizes amounting to more than recognition). That, and it isn't intrisically (sic) flawed because it isn't run by Carolyn Meinel...

    What happened? Did she turn you down on a date or something?



    Phil Fraering "Humans. Go Fig." - Rita
  • ActiveCrash

    "The number of suckers born each minute doubles every 18 months."
    -jafac's law

  • A few months ago, when I was still in college (about a month from graduating), someone decided they needed my bike more than I did, and so they stole it. I was somewhat pissed (since I, of course, ended up having to walk home as a result), and so I emailed the campus police, only as a formality. I figured I'd just walk for the rest of the month, as it wouldn't have been cost-effective to buy a new bike so close to graduation. Ennyhoo, next day, I got an email back from the campus police stating that they'd already found my bike. Apparently it wasn't good enough for the thief, and so they left it on the lawn in front of the English building. The English building of all the places! I was incredibly insulted. But I got my bike back, and so all was well.

    I think I had a point to all that, but it must have broken off somewhere...


    ---
    "'Is not a quine' is not a quine" is a quine.
  • I'm already working on this with a few of my friends. We will post something if/when we can find a ISP with the guts to try it.

    --
  • Pfft. What a bunch of wankers. If you're going to use <a href>'s, at least learn how to use them.
    I'm actually mildly concerned that people may even contemplate for more than a nanosecond giving you money.
    Your web page doesn't even say who you -are-.. That's enough to turn anyone with a clue off.
    Comics:
    Sluggy.com [sluggy.com] - It rocks my nads.

  • Totally Off Topic (Score:1)

    by Anonymous Coward
    Ok, I must warn you that the following is a Totally Off Topic(tm) comment, and that by reading it you subject yourself to 20 lashes with a /. noodle. Here goes:

    Nmap appears to be an interesting tool to use. This is good. I flipped over to the URL given in the pasted text, only to find a statement like this: "Windows was intentionally excluded from the table because I don't currently have any intention of porting to NT/95. I suggest an upgrade to one of the many supported operating systems or don't use nmap. Note that Linux, FreeBSD, OpenBSD, and NetBSD are all free for download and run on pretty much any PC (as well as other platforms) so there are few good reasons not to just install one (or all) of them."

    My question is this: Will all *nix users PLEASE GET OFF THEIR HIGH HORSE?! Yes, damn it, there are a few technically literate people who use Windows for whatever reason. Mine happens to be the fact that I am a technical support person for my company (we are all of 8 people, serving 350 clients) and my home machine must run Windows so that I can _do_my_job_. It doesn't bother me that people don't write useful tools for Windows anymore. If I want one, I'll crank up MSVC++ and write it myself, but it really chaps my ass to see the utter arrogance that passes off for normal in the *nix community. Yes, I like Linux just as much as many of you do. I have an account on a Linux box so that I can play with this all-mighty OS. And, the day I can actually scrape together enough money to put up a box that will actually DO something (X on a 486 is mind-bendingly slow), I will.

    Please, for goodness' sake, lay off the holier-than-thou attitude. This should be in the Advocacy-HOWTO somewhere. It only makes the rest of the world believe you are half-crazed zealots who care nothing about the 85% of us who use a certain OS made by a certain company out of Washington state (US for the international folks), either by choice or by force.

    There. That's my rant. Please moderate this down to -1 so that no one has to see my pitiful opinion.

    Oh, and by the way, good luck to those attempting to crack this box. I'm still plugging away at it myself, but with such a crippled OS at my disposal, I doubt I'll make it.

    Anonymous by Choice, not by Volume.

  • Pray don't confuse firewalls with security. Machines behind a firewall are only as secure (from the big bad net, assuming they're connected to it, as most firewalls are) as the TCP/IP stacks and services that answer on ports accessible through the firewall and/or its sockets. Most firewalls that I've had experience with have closed off all ports except the ones that people needed to use from the outside -- and half the time that included stuff like pop[23], imap, smtp, etc., and on which the servers answering those ports tended to be way behind on their updates because people had this sense of security lent by the firewall.

    Also, firewalls don't work from people who can emit packets from inside your firewall -- and that's surprisingly easy to do, either through coercion of the firewall box's network stack, compromise of a machine behind the firewall through some open port, or simply being behind the firewall in the first place (as in many corporate environments). If a firewall is configured to permit connections to ports 22 (ssh) and 443 (SSL http), there's no particular reason why an attacker can't arrange for a root shell to answer on one of those ports, and with most network installations no one would be the wiser.

  • Comment removed based on user account deletion
  • The linux box is up, the Microsoft one is down.

    'nuff said
  • Unfortunately, the box is partly relying on the fact that all the script kiddies have buffer overflows that were written for Intel Linux. This is one of the arguments I've always had for staying away from a Unix variant that only runs on one platform--homogeneity in systems hardware and software was what made the Internet worm possible.

    When I set up my first Alpha box, I knew nothing about security, but the script kiddies kept failing on account of their buffer overflows just crashing and core-dumping. It bought me some time to get a clue, at least.
    --
    I noticed
  • isn't just posting this stuff on slashdot a DoS attack? :)

  • Re:MS site is down (Score:3)

    by pmmay ( 60272 ) on Wednesday August 04, 1999 @11:47AM (#1765908)
    They have a status page up. This is only from yesterday's activities:

    8/3/99 Events
    3:22pm - Network connections down due to router failure, possibly related to thunderstorms and power failures in the area

    2:59pm - Network connections intermittently up

    12:40pm - Network connections down due to router failure

    11:02am - Services restarted

    10:47am - Some services failed after reboot

    10:45am - Reboot because the System log was full

    10:30am - Network connections down due to router failure

Slashdot Top Deals

Love may laugh at locksmiths, but he has a profound respect for money bags. -- Sidney Paternoster, "The Folly of the Wise"

Close