Become a fan of Slashdot on Facebook


Forgot your password?

Microsoft /asks/ "Crack this machine" 683

zealot writes "Apparently Microsoft wants people to try breaking the security on this site, which is running Win2k w/ IIS. There are some "rules" of engagement. " Basically, because it's not behind a firewall, it doesn't count to throw huge numbers of packets at it, but there are multiple users accounts-change stuff, look for hidden messages, or "get something you shouldn't have".
This discussion has been archived. No new comments can be posted.

Microsoft /asks/ "Crack this machine"

Comments Filter:
  • Perhaps this is a stupid question, but how many people who are planning to use w2k will be using it strictly for web hosting on port 80 with NO OTHER SERVICES RUNNING?

    Every place that I've worked which runs NT uses it for more than just web hosting, it's also an FTP, mail, DNS, file server, and serveral other services as well.

    In this case they're not testing the OS as it would be used in the real world. Many places can't afford the licenseing and software to split the services up on several machines.

    This is not a Linux rules, MS sucks thing. I use both in my job, as well as Windows and MACs. All have their place. I'd like to know how W2K is going to standup in the real world. I don't care how many people are trying to break in at once or how many hits the server is getting, it shouldn't need a reboot, especially because the "logs are full". That should be true of any server OS. Perhaps that's just poor sys admining though, since a good admin would be setup to have those logs trimmed automatically before they got too large.

    Personally I think it's just a PR thing for MS. Take a box and lock it down as tight as possible, to the point of being unusable in the real world, and see if somebody can break in. If nobody does they can say W2K is secure. If somebody does get in, they can blame it on a bug in IIS, not on W2K itself.
  • My guess is, it's an upset Microsoftie trying to get revenge by DoSing Slashdot.
    Funny... we're still here...
    The pathetic thing about all this is how clear it's becoming that NT+IIS, even in the most _relentlessly_ protected environments with a firewall cutting off everything but http, will still crash and burn in a matter of hours at the whims of teenaged script kiddies. Most of the damage wasn't done by the heavy guys. It's all the teens going, "Okay- I'll ask it for the page 'GHIGBDBWDBFJHJHWIGHFKJHbkjbKJGBihsdgifijfhfijhjif hidfijfijhhtmhtmhtm.htm.htm.htm.htm' which killed it. And no one particular garbage-request did it, either- the thing just started wobbling and went _down_. I don't think the MS people even _know_ what failed.
    There is no joy in Redmond. Nobody won the contest according to their rules... but they surely expected a server _that_ shielded to stay _up_. And it just isn't.
    Moral of the story? Don't bother trying to break MS stuff with cleverness. Just swamp it and it'll fall over...
  • >No developers want to work on Mozilla because the code is not open source.

    Are you on crack or something? Last time I checked, Mozilla was under an opensource licence.

  • 3:22pm - Network connections down due to router failure, possibly related to thunderstorms
    and power failures in the area

    2:59pm - Network connections intermittently up

    12:40pm - Network connections down due to router failure

    11:02am - Services restarted

    10:47am - Some services failed after reboot

    10:45am - Reboot because the System log was full

    10:30am - Network connections down due to router failure

    I uh... wouldn't post these kinds of statistics for MY server.
    6:16am up 101 days, 17:50, 29 users, load average: 0.00, 0.00, 0.00
    I did the installation and set up 32 days earlier than that.. but someone kicked the power plugs out.
    Gee.. no re-boots... no problems.. nada... *shrug*

  • Christ!

    All the time you moan aout microsoft opening stuff up to the community and here it is asking for your help and knowledge. Its a small step but it's still a start.

    The router stuff is a bit suspicious.

    Restarting the machine 'cause the log is full could be valid. If they are using the log to generate the "status" page they would need to clear it and then change it's settings so they didnt have to do it again.

    Lighten up and quit the boring, tired and annoying bash/gloat stuff. As usual you continue
    to shoot yourselves in the foot with these witless

    You all claim to be in this game for the good of the wider community - well doing this helps people
    who (for whatever reason) are going to use win2k.
    Do as you would be done by.

  • Well, let's see... If the server goes down I can't very well check the status page to see the message telling me that the server is down, now can I?
  • No explanation for the failed user log in messages from the WEB SERVER.
  • The average uptime before reboot on [] is 14.4 hours.

    This does not even count the router failings due to poor star and astral body alignments.

  • Is this just a trick to get us to crack/hack into their server, so that they can get help from the "smarter" community? Think about it, we crack it, they find bugs, who's winning here? If they admit someone got to it ( not that router failure shit, if there was router failure how come their site is never down?....hmmmm ). Still would be cool to get into it and rub it in their face.
  • the page is actually loading correctly w/ netscape 4 now

  • Wow, it looks like every UDP port I scan is open!!!! (note: sarcasm)

    Genius, have you thought that maybe none of these are open. Thats U-DP.

  • I got this. Looks like a new IIS 5.0. Good, another product from our friends I don't have to use.

    HTTP/1.1 200 OK
    Server: Microsoft-IIS/5.0
    Date: Wed, 04 Aug 1999 05:14:37 GMT
    Content-Type: text/html
    Accept-Ranges: bytes
    Last-Modified: Wed, 04 Aug 1999 01:58:16 GMT
    ETag: "e0711dd11cdebe1:a4a"
    Content-Length: 7103
  • Has anyone considered spreading this talk load over to some other service (IRC, maybe?), because i think /. is, sadly, being squashed (it's been 6 hours since it's posted that SPAM article).
  • I have been reading a lot of press on this haven't done much with it but there are no real statistics here. The linuxppc chalenge gives you the memory usuage and uptime right to the minute why can't M$ do something like that?

    Also with all the blunders with this project and this being their best of the crop why is their stock not going down. I have been hearing a lot of press about this. Do investors take this into account or just say since it is m$ they know what they are doing. I know nothing of stocks really but if your newest and best producted was tested in the 'real' world and broke ever 14 something hours I wouldn't want to invest in it.
  • 1:13am and is still refusing connections. It hasn't accepted one since about 2 or 3 this afternoon. Oddly enough i was going to the status page from the main page and it died. MY BAD!
  • has anyone tried this takeing an image and trying to go through https. It was on securityfocus and I am not sure if it has been fixed or what. They said that the iis people know about it but i am not sure if it is working?
  • Yes, W2K has the ability to do packet filtering on its own as well as applying IPSec to the connections that it does allow.

    It's not as comprehensive as a "true" firewall; not all the bits in the headers are available for filtering, but the standard stuff (IP addresses, protocols, UDP/TCP ports, etc) is trapable...

  • It you go to the "status" page, you see this message

    10:45am - Reboot because the System log was full

    Why did they have to reboot for that? Why do they have to reboot for anything!?!
  • No... admittedly the users aren't doing that much.
    That also doesn't count the Icecast server (4/128kbit streams),
    the active ftp site I run. Not to mention all the
    folks connected to the other services I host like:
    4 Mucks. 1 Mud. 1 XSW server and the quakeI
    server for my lan.

    I'd say that's not bad at all for a little p-100 (586)

    Try running half that with M$... *sheesh*

  • My bad. I was under the impression that most ethernet cards did their own ICMP handling for some packets, most notably ping. Guess not.
    "'Is not a quine' is not a quine" is a quine.

  • Okay kids, it's real simple, and it makes your life much easier-- us old geezers from back in the Netscape 2.x days when Java was even more broken than now have had our browsers like this for quite awhile:

    Click Edit.

    Click Preferences.

    Click Advanced.

    Turn off Java.

    Turn off JavaScript.

    Problem solved. Also fixes the annoying pop-ups on pr0n sites and geocities.

    Now quit whining and CRACK THIS SITE!!!!

  • Not 100% true. In Europe typeface designs are protectable.
    (Compuserve/AOL UK claims over 2 million users IIRC, Freeserve over 1 million, so it is getting harder to ignore the rest of the world and pretend the web is US only)

    And (according to the comp.fonts FAQ) in the US
    "scalable fonts are copyrightable" (though as in all law, this isn't necessarily absolute) True Type fonts are scalable fonts (last time I checked), but bitmapped fonts aren't (so you can use System!)
    The FAQ can be seen at 33

    Of course the font *name* may be a trademark (and quite often is) and as such may only be used with permission (and so couldn't be applied to someone else's font even if it looked identical), but the whole area of trademarks is a different can of worms!

    The Magician
  • Seattle had it's worst t-storms in 15 years yesterday. There were over 2000 lightning strikes recorded over a 6 hour period. We're (CIS Dept. of SPU) on UPS systems, but that doesn't neccesarily mean that all systems are good to go during a power outage/flicker.
  • :As the notes state, there is a magic bullet.

    No, the note does not say there is a specific "magic bullet".

    Read this again, children....

    "For this testing, we are intentionally not putting these machines behind a firewall. This means that you could slow these machines down by tossing millions of random packets at them if you have enough bandwidth on your end. If that happens, we will simply start filtering traffic. Instead, find the interesting "magic bullet" that will bring the machine down."

    In other words "DoS attacks don't count. Perform a real security hack, not some little script kiddy prank"

  • Here's the thing: I have no desire to make Windows any better with MY brain... (not that I'm certain I could do it anyway, but that's not the point). See, I know that Windows is not the quality product that I support, and it never will be. I could elaborate, but briefly, it doesn't have the functionality, the stability, nor the open source background that Linux has, and it never will.

    And since I feel that Linux and open source coding is the way to go because it is better and viable, then I feel I have no business supporting the wrong solution.

    Microsoft is only using YOUR brain and your most dear ability (uncompensated honest help) so that they can turn around and market/ sell it on that shoddy system.
  • 10:47am - Some services failed after reboot

    That problem could conceivably have been responsible for the failed user log in messages. Though I would find it astonishing that anything worked if the logon service was hosed.

    On the other hand, on such a clean box, why would services fail during startup?
  • The contest isn't as valuable to the community as it would be if w2k was open source, but it is nevertheless valuable. Yes, by attempting to crack the site, you are helping Microsoft, but you're also helping to produce a more secure operating system. Like it or not, w2k is going to be snapped up by millions of companies, and I for one would be much happier if all those millions of companies had a secure operating system instead of the bug ridden piece of bloatware they have right now.

    One of the major criticisms against Microsoft is that they don't learn from their mistakes - as I remember someone saying once, you'd think that they would figure out that the scrollbar doesn't have to snap back to the top of the screen just because you've moved your mouse a certain distance from it - but they are actively saying here "hey, we want you to show us how we're doing things wrong".

    By cracking the site, you are giving back to the community by providing the community with a more secure operating system, albeit one you have to pay for. Marketing departments are going to take advantage of the situation either way, but hey, that's what marketing departments do.

    Just my 2Kc.


  • No, they won't admit to downtime because of software and OS problems OR a crack.

    I just checked out the "status" page at the site and they are blaming downtimes on router failure, networking problems and thunder.

    I want to know what the hell router they use that is SO affected by thunder. I live on the Oregon coast and our Cisco router has never even blinked, and we get some nasty storms around here.

    I one would think they'd take more care on a test machine. Do you think they just plugged everything into a outlet with no UPS or surge even?

    Odd if you ask me.

    (from the website)
    8/3/99 Events

    3:22pm - Network connections down due to router failure, possibly related to thunderstorms and power failures in the area

    2:59pm - Network connections intermittently up

    12:40pm - Network connections down due to router failure

    11:02am - Services restarted

    10:47am - Some services failed after reboot

    10:45am - Reboot because the System log was full

    10:30am - Network connections down due to router failure
  • It probably isn't real, but it is true that the website does not work correctly in Netscape. It looks like screwy CSS or something to me.

  • Another problem this contest has it that it doesn't address one of the fundamental issues of keeping a system secure: having security conscious users.

    After all, a large number of cracks are done through trojan horses. If you have a system who's users are given only the job "Make sure nobody breaks in", you're simply not going to be able to slip a trojan into it. They'll be alert and deleting any and all executable files without running them.

    Put this in an office though where the people basically only know how to run their specific software and the email program and a whole world of opportunities open up. If it can stay secure under those conditions (say with lots of appropriate warning messages, auto-scanning incoming files, etc.) then you only have the problems that Mr. Spafford outlines.

  • No, the custom user pages are just broken, over simplified.

    I've got 174 comments showing. If you click on the item, you get the real count.
  • If MS provides detailed info about successful attacks, and uses the info to improve Win2K. Of course, can we trust the info that comes from their corporate mouthpieces?
  • I guess that want to leave the UNIX crackers out of this... Javascript dies in Netscape for me..

    Anyone else experience this?

    Chief Archer
  • Great, they can't even create a site that works with Navigator 4.0

  • by galore ( 6403 )
    i get a javascript error when i try to view this site... when i look at the javascript console in netscape, all it tells me is "Windows is not defined." how true it is.

  • If it can withstand /. effect, I'll be impressed.

  • Is it just me, or have hackers* already messed up the javascript front-end? Neither Netscape 4 nor IE3 seem to like it. Or is it just that the only hackers Microsoft want to attract are those that use the latest version of IE ?!?!?

    *or incompetent Microsoft employees
  • I regret that I lack the skills to hack their site in order to hide all those stupid 'M$ sux, Linux rulez' messages from their guest book. There's no other site I could think of that could make Linux users look more imature than this one.

  • I wonder what kind of intel beast is required to run the bloated OS?

    Check out the Status link in the site:
    8/3/99 Events

    3:22pm - Network connections down due to router failure, possibly related to thunderstorms and power failures in the area

    2:59pm - Network connections intermittently up

    12:40pm - Network connections down due to router failure

    11:02am - Services restarted

    10:47am - Some services failed after reboot

    10:45am - Reboot because the System log was full

    10:30am - Network connections down due to router failure

    Heh. Power failure?! Router problems? Are they SURE?
  • I'd be more ashamed to be a Windows user that posts something to the same effect:

    "Windows RuLZ! LInUx SuCKS!"
  • It sent a response back. Must have been running.

    Log in Response, or actual web page. Both came back.

    It was just really really confused. Probably a big cache problem. Some sent a request with a password, bad password. send back reply. keep sending reply back until server realizes it is not the right one, cache new one... now someone sends a password...
  • by Numeric ( 22250 ) on Tuesday August 03, 1999 @07:28AM (#1767438) Homepage Journal
    this was posted on their
    message board

    We have disabled the abilty of the Netscape browser to view our page for specific reasons. Please do not flame the messege board with comments pertaning to the inabilty to view the page in Netscape. Any comments relating to this should be directed at the Webmaster in charge of this page:
  • by davew ( 820 ) on Tuesday August 03, 1999 @07:39AM (#1767454) Journal

    Gene Spafford (co-author of the O'Reilly book on security, many seminal papers on Computer security, and minder of such tools as Tripwire - the man knows what he's talking about) had this to say some years ago on security challenges: walls/firewalls-9511/0743.html []

    He lists so many good reasons (eight) to distrust this sort of challenge that it is difficult to summarise the message here. Best to click and read it yourself.

    The point goes for every package where the author tries to "prove" security in this way - be it Sidewinder, Qmail or Microsoft. In many cases, the only result is to damage security by giving miscreants some "free time" to try and crack the system, for free, without fear of punishment.

    Tiger teams have their place in a properly designed, properly managed security audit. Using unpaid tiger teams as the principal means is useless and dangerous. Will Microsoft move to assure its customers that this is simply a small part of a large, thorough security audit?


  • You'd think, given the general nature of Linux development and the open-source community as a whole, that Slashdot readers would be open to this rather intriguing challenge. But, instead of praising Microsoft for "putting their code where their mouth is," so to speak, the general response to this (judging from Slashdot comments) seems to be "I don't want to crack Microsoft's site because I can't read it and they won't pay me. And besides, if I do crack it, Windows will get better as a result, and that's scary!"

    Do you get paid to find and report holes in Linux? Huh? Unless you work for a company that sells their own distribution and therefore it's your actual job, then no, the majority of you don't. So just what is the source of this stuck-up, arrogant, anti-Microsoft attitude? So what if Netscape won't read the page? I'd think that would be Netscape's fault, but no, you insist that the blame is to be placed on Microsoft. My Microsoft web browser doesn't choke on Javascript. Netscape's browser does. Netscape is the obvious problem here.

    The open-source community has been calling for Microsoft to do something like this for a long time now. Microsoft is begging for you guys to show them what you're talking about when you say "Windoze sux". If Windows sucks so much, it shouldn't be any trouble to knock out that IIS box, should it? Huh? Then why are you wasting time complaining? Get over there and kill that sucker! And while you're at it, if you want an even easier challenge, you're more than welcome to try and kill my own Windows 2000 beta 3 web server. I haven't optimized it for security, because I don't see any need to. It's on a tiny pipe, and it'd probably be a snap to wipe that sucker out. Go for it! Go kill [] and then let me know [mailto] about it! Tell me how lame my system was and how easy it was for you to crack it. Go on! I dare you. :)

    Wonko the Sane

  • by jcarr ( 20735 ) on Tuesday August 03, 1999 @07:43AM (#1767459) Homepage
    Ok. Here is a stock LinuxPPC 1999 Installed machine: (aka
    It's running apache only. If no one gets in for awhile, we will start adding services( sendmail is first)
    (You might have to wait for DNS to update in an hour - the IP is
  • For those who don't want to be bothered to download MSIE...

    Hahaha! I love the auto-load of
    I used to like MS DOS, and you had to go mess it
    up with this bulky bloatware called windows.
    win2000 needs /dev device management. Youre
    registry editor SUCKS! Whats with all the HEX
    strings/keys? Cant you use english? I dunno
    where to even start messing with that.


    Is there a problem with Chardonnay That used to
    get beeped by spell checkers a lot.?


    Nice IE only site. Like anyone who interested in
    bustn in would use a machine that could run ie
    :-). YOu guysll probably put this little site up
    for a week then claim its hack proof. Good luck


    Would someone please
    crash this [beep] server already so that I can get
    back to work...


    And you cant even say S C R A P!

    MS filtering at its finest :)


    For what its worth, the site works just fine with Opera; if not with Netscape! And Kudos to whoever put the freebsd link in the guest book!





    Is there a problem with [beep]?


    No - we cracked the admins - not the OS :)






    Im having javascript errors running ie 4.02
    (sp2) on nt4.5. does html work on this




    Maybe MS should have thought a bit more before
    taking to doing something of this calibre...

    S[beep] windows and start again at DOS. MSs only
    stable OS...


    It's just too funny! :)
  • They can't fire the guy who wrote Netscape.
  • No, it improves a product that many of us will have to deal with, for good or ill. The idea is peer review, correct? Granted, MS is asking for black-box (i.e. not giving access to code) peer review, but it is still a request in tune with the ideals often espoused in this forum. But I guess since MS does it, it's evil by definition. How hypocritical.
  • Some of the comments about this challenge have really amazed me. People have said that we should not try to crack the server because of a lot of different reasons, but they have all been selfish.

    For instance:
    1)why should anyone want to help micro$oft audit the security of win2k? wait till we can get a copy of it, then we'll start looking for security holes.

    2)why should anyone want to help micro$oft audit the security of win2k? wait till we can get a copy of it, then we'll start looking for security holes.

    3)Maybe the crackers should avoid the site, or break it and NEVER tell Microsoft how they did it. We certainly do not want to help improve products of particular company.

    What is it with you guys? You constantly complain about how unsecure Windows is and how much better Linux is. Then Microsoft gives you a chance to show them some of these security problems that Windows has and you say "Wait, don't help Microsoft then they might have a better product!!" Are you afraid that by showing them some of their security holes that Windows 2000 might actually, heaven forbid, be a good product and make Linux work keep its edge?

    From most of the posts I read it seemed that people were afraid that they might actually help Microsoft release of good product and I don't understand how you can see the release of a more secure and better product as a bad thing regardless of who makes it.


  • Are there any ports open besides port 80?

    And why does queso identify it as a Cisco/HP/Baystack switch?

    It says it's running IIS 5.0, now that I'll believe.
  • You are free to break our system provided that:

    0) You don't do anything unexpected.
    1) You don't use a valid account to get in.
    2) You only use ports 19, 24, 88 and 666.
    3) You only use Microsoft products to do it.
    4) You don't tell anyone.
    5) You tell us (see rule #4)

    Are they kidding?? The first thing a hacker/cracker would do is something unorthodox. Where do they get off thinking that you can test the security of a system by imposing rules of engagement.

    That's what you get when you let your lawyers dictate procedure to your techies.
  • Running Netscape from my Solaris 7 Sun 10, that is what I get. It turns out to be an error. And I thought it was a congratulatory message! ;)
  • by tgd ( 2822 ) on Tuesday August 03, 1999 @07:55AM (#1767521)
    The difference is that the results are being used for their corporate benefit and no one else's. They patch their system, you better believe they're not going to give me the sources for that patch.

    They're just grandstanding and posturing, trying to prove that Windows 2000 is secure. Its win-win for them -- free high-level security testing (which unlike Beta testing, is something that is generally VERY expensive to contract out for), if it gets cracked, then they get an early warning and time to fix the problem, and if they don't their marketroids will have that nugged to get their paid-off "independant" columnists to write about.

    All while people are wasting time to save Microsoft money developing a product that they're going to charge exorbanant licensing fees for.

    Seems kind of stupid for anyone to waste their time on it. Get your own copy of Windows 2000, crack THAT, and post THAT exploit all over the net. That puts Microsoft in their place, and doesn't help them screw people over even more.
  • by theCoder ( 23772 ) on Tuesday August 03, 1999 @07:55AM (#1767530) Homepage Journal
    I don't have a copy of Netscape here (I'm at work), so I can't confirm this, but in looking at the source code I would suspect that Netscape is dying in the function "done()" at line 89. That function tries to access the object "Windows" which seems to be a DIV declared on line 96. This function is being executed from the "onload" attribute of the BODY tag on line 55.

    It seems that netscape is trying to execute this function before loading the DIV, while IE (and Mozilla) has either loaded it already or scanned the file to find that object.

    As for what is correct in this situation, it would have to depend on when the "onload" function should be called -- before the page is fully loaded or after. IMHO, I'd probably have to say that IE and Mozilla are probably doing it right (no error vs. error).

    I don't know why there is a spacing problem in Netscape (but I wouldn't be too surprised if it's intentional). Anybody know if Netscape or IE is interpreting the HTML "wrong" (please don't define "right" as what netscape does -- define it as you'd expect a browser to behave)?
  • ...specific reasons...

    Sounds more like high specific gravity to me...
  • by Ex Machina ( 10710 ) <jonathan.williams@gmail . c om> on Tuesday August 03, 1999 @07:58AM (#1767541) Homepage
    Here's what is going to happen. 1) People will try to get into site unsuccessfully, aside from discovering a few neat weird ports and services open that they can do nothing with. Maybe someone will be able to crash it but constructing a successful buffer overflow would be impossible. 2) MS claims win2k is secure and releases it. 3) People, with access to a real machine find tons of holes. 4) Script Children own the win2k machines. If they want a real fight they should give out copies of win2k to l0pht and other skilled peoples. []
  • by drwiii ( 434 ) on Tuesday August 03, 1999 @07:59AM (#1767548)
    I accidently redirected the guestbook to Sorry, Bill. Really.
  • Outcome 2 - we break it. they fix it. This would be a GOOD THING. The more secure a system is, the better. It doesn't conflict with our goal of Total World just gives people a viable choice

    But Microsoft doesn't believe in choice, oh wait, yes they do, "Workstation or Server edition?"

    A Stronger W2K means that MS will be in a stronger position to push their "Windows Everywhere" agenda

  • uh, d00dz and kiddi3z, they announced this earlier...around 9:55 Pacific time, a message was posted regarding something to the effect of "because of the obscene nature of this board, it will be shut down in one hour".

    You didn't take anything down.
  • by BuBu_ ( 72690 ) on Tuesday August 03, 1999 @09:20AM (#1767564)
    The Slashdot effect? What are you planning to do? get a bunch of your friends around then go and flame the hell out of them? By saying something like "YOUR 0S SUCKS! USE LINUX WOOOOOOO!" Yeah, great idea.
  • It's nice to know that these people don't have the brains to make their web pages compliant for all browsers

    Why would they? This is MS, to them there is only one browser. When they released IE for Unix, they proclaimed, "Finally, a graphical alternative to lynx!"

  • While you cannot kill (or perhaps injure) a person just because you give them permission, you can abuse or take someone's property if they give you permission. If I put widgets in a box saying "Free sample", I can't have you arrested for "stealing" one. Indeed, there was one case where a car dealership put up a billboard in the shape of a coupon, saying to bring it in for a free car. Somebody dismantled the billboard and trucked the whole thing into the dealership. Not only could they not be sued or arrested for dismantling the billboard (it asked them to, thus implying permission), the courts ruled that the dealership owed them a car!

    In the same way, this sort of B&E by permission is legit. This has been done by private "tiger teams" numerous times, in the private biz and the military. Microsoft has simply given B&E permission (to that one site) to the world, using the entier net.population as one honkin' huge tiger team.

  • Yeah, it's a step in the right direction, but... they *assume* that the linux hacker community is interested in helping to secure Windows.

    To a certain extent, the participation of the Opensource community is driven by intangibles, and that force hasn't been able to be successfully co-opted by any corporation yet. Look at some examples:

    - Netscape fails to engage thousands of kernel hackers in redevolping their browser
    - Redhat starts becoming a "brick and mortar" business, and the linux community starts to diss them and fight for disto agnosticism
    - For every major corporate announcement of plans for a Linux port, there's an effort underway to develop a free replacement.

    I don't think that many hackers are really interested in helping Micros~1 make better products -- since we don't use 'em, we don't promote 'em, and we stand to gain *NOTHING* by improving IIS 5.0 or Windows2001 - A Wasted Disk Space Odyssey.

    There's no portable code being release for peer review. There's no public API. There's nothing of interest for the linux hacker other than saying, "look, I hacked another Windows box!"
  • by anticypher ( 48312 ) <anticypher&gmail,com> on Tuesday August 03, 1999 @08:45AM (#1767597) Homepage
    Microsoft has slapped a packet sniffer on the local network feeding the contest machine. Probably several sniffing machines, with different filter criteria. Gives them some idea of what the script kiddies consider useful for cracking an M$ site.

    If any of the attacks succeed, they have a trace of the crack, and can build better security for the final release of NT2000. This is good, because I'll have those pieces of shit installed all over my networks soon enough.

    They also get to harvest IP addresses of everyone stupid enough to try even looking at this machine. Even a simple traceroute will give them a source IP address. Toss them all into a big database at a later date, couple it in with some other data about the attack type, and wait to use it later to track crackers. Offline analysis is a powerful tool, couple it with automated lookups and a simple knowledge based system, and you could populate a DB with some dangerous data.

    For the paranoid, perhaps there has been a nasty break-in by some sophisticated infocriminals (love that new word, see HNN), and the FBI are also sitting in the room with their own analyzers, waiting for someone to try a similar attack. Assuming the crackers are just some misguided wanna-be scripties, this could help the FBI to back track to them. The cracking contest is just a combination of marketing fiasco and FBI clue gathering mission. The FBI are probably not even looking for anything they could use in court, just some leads to track down.

    Given the lack of any other services on the machine, and the simplicity of the web pages (no DB or useful cgi-bin), and the quickly hacked together javascript errors, I would say this is mostly a marketing exersize. No matter what the outcome, they can spin it into some hype and a FUD campaign.

    the AC
  • by Menneg ( 56417 ) on Tuesday August 03, 1999 @11:27AM (#1767608)
    Just a thought here, but looking at some of the scan data that was posted earlier on /., it would appear to be a Linux box!!! This leads to 3 posibilities;

    1) They are tricking us into hosing a Linux box,
    2) They have ported IIS to Linux and are testing that configuration, or
    3) The scans are coming back incorrect.

    I hope for the sake of the Linux comunity that it is (3) rather than the first 2. Man, think of the bad press for Linux!
  • YOu can looked up a cached response of the ip addy on the MS nameservers at Earlier in looking around I had noticed that this redirects to another box known as I think or what not. This is all old info I think though.

    The interesting point that everyone keeps reitterating is that the site has been constantly down all day. I keep wondering what spin MS is going to put on this. They put out this box to be cracked, which cant even stay online. They use a non real world example by not running any services. The sad part is due to all the lame posts, they will attribute this to the opensource community in some way and attempt to make us look bad. And all this when I was just remarking that Bill Gates has done something good for once by donating some of his fortune to a really good charitable cause. *sigh*
  • by EngrBohn ( 5364 ) on Tuesday August 03, 1999 @06:42AM (#1767614)
    Two possible outcomes:
    - Nothing breaks it, and this becomes a marketing high-point for Microsoft - It gets broken, and Microsoft engineers now have solid data (vice anecdotal) as to where the problems are. Especially if this was compiled with the debug option switched on.
    Christopher A. Bohn

  • We're witnessing the ultimate in internet security! Not only is it impossible to hack/crack/smack this box, but they've tightened things up sooooo much that I can't even ping it! Heck, I can't even resolve the name to an IP address.

    My next challenge is for all you /.'ers to hack into my old 486. It's sitting in the corner of my office unplugged and collecting dust. Now THAT's security!

  • To "show off Windows 2000", I would think they could do with a better designed web page. I get about 250 pixels (vertically) of broken-looking header, followed by about 800 pixels of whitespace, followed by the actual text. I have to scroll down more than a screenful just to read anything. And a Javascript error to boot. I mean, if they still can't even design a competent website, what makes them think they can design a whole OS?

  • by knuth ( 6137 ) on Tuesday August 03, 1999 @09:57AM (#1767626) Homepage

    Top Ten Specific Reasons Why Only MSIE Users Can View Microsoft Cracking Challenge

    10. If you're doing lame browser detection, MSIE is fewer letters to type than Netscape, Mozilla, or even Opera.

    9. Similarly, "JScript" is shorter than "JavaScript".

    8. AOL^H^H^HMicrosoft is the Internet.

    7. We left our copy of FrontPage at the default settings. But don't worry, it will all be fixed in FrontPage 2005.

    6. We fear the mighty /. effect, and those fanatics wouldn't be caught dead using Exploder.

    5. VisualBasic is more powerful and efficient than C++.* Likewise, Internet Explorer has that comforting familiar Microsoft Windows interface, so you don't have to learn that arcane, complicated Netscape setup.

    4. You can't crack our powerful enterprise-level Microsoft(tm) Windows(tm) server if you can't read the rules we made up, nanny nanny boo boo.

    3. We're weenies. We couldn't write "Hello world" in HTML, let alone use scripting languages.

    2. 3l337 hAx0r d0oDz swear by MSIE.**

    And the number one reason why only MSIE users are permitted to view the Microsoft cracking challenge is... drumroll, please...

    1. Somehow the demo site was interfered with. Give me another chance, your honor.

    *Editor's note: Microsoft actually says this on another page.

    **Editor's note: swear at, more likely.

  • The key was to put the refresh at 0. It stopped IE people from adding new entries, and kept the refresh on the guestbook page.

    With all the people hammering the server though, I'm surprised nobody tried a meta refresh before my and tests. :P

  • by Anonymous Coward
    I run linux and I'm gonna hack it. And when the interview me for the article, I will use the word hack just to piss you off.
  • by DLG ( 14172 ) on Tuesday August 03, 1999 @11:36AM (#1767656)
    Microsoft offers a server and asks that folks take a shot at gaining access to things Microsoft wouldn't want folks to have access to in a commercial product.

    Some people yelp, "Screw Microsoft, let em do their own dirty work."

    Others tut tut, "This is just like Open Source! This is a step in the right direction."

    What to do!?! Is Microsoft challenging us to stick by our Morals? Or are we being "used" by a corporate entity. Even worse, are the logs of this attempt at hackign the system going to represent evidence?

    #1. If you can't avoid a simple tcp/ip packet sniffer from tracking you down, then you are unlikely to be the ones the FBI cares about.

    #2. If you believe that this is closer to open source than before, try a breath deep too. Oxygen is good. Yes.. It burns stuff... Anyone can torture test any product they buy. There is nothing open source about that. The issue of Open Source is that modifications we as hackers might make after finding bugs, are owned by the community, as is the original software to some extent. The notion that this method of security analysis is any different than normal practice of Microsoft is laughable. The question is HOW the software is being tested, not WHO is testing it.

    #3. I will note that it is rare for a Linux machine to HAVE to be advertised to be crashed. That is because if you want to test out a security flaw you can create your own test machine with no cost. Thats the joy of OPEN SOURCE. You can truly know what you are getting, try it before spending money, and even fix problems yourself rather than having to wait for a company to respond to your bug report.

    #4. I still have doubts that this product ever will exist. The fact is that if no one hacks the software, then Microsoft can claim their non-released software that probably will not be really implemented before some serious bug fixing, is secure within the context of 1999's security issues and protocols. With new services being added regularly and custom software being thrown into the mix, this is relatively vapor ware benchmarking...


  • by Mignon ( 34109 ) <> on Tuesday August 03, 1999 @06:45AM (#1767666)
    How about making this a contest? Maybe those Linux users disillusioned by their crippled SETI@Home client could put their idle time to use. Now that would be a Slashdot effect...

    I haven't read the "rules", but I wonder if everyone will follow them.

  • The site is already fubar if you use NS or IE 3 so to even read the text you'll need IE 4 or 5. This is Microsoft's evil plan since any cracker out there who installs IE 4 or 5 will have their name and SSN sent to the FBI. *grin*
  • Maybe the site is designed so you can only crack it using Internet Explorer.
  • YEP

    Outcome 1 - nothing breaks it. THis would be a bad thing. Arrogance and "we're unstoppable" would be their attitude.

    Outcome 2 - we break it. they fix it. This would be a GOOD THING. The more secure a system is, the better. It doesn't conflict with our goal of Total World just gives people a viable choice.

    You forgot Outcome 3 though - we break it. they deny it for 6 months and then release a Service Pack that fixes the problem that "doesn't exist". This seems the most likely to me.

  • by jtgold ( 31028 ) on Tuesday August 03, 1999 @11:48AM (#1767694)

    Exactly how is this "challenge" intriguing? Cracking contests are a dime-a-dozen these days, which is interesting because they demonstrate almost nothing about security. (See this essay [] to undestand why.) If you believe that the nature of the open-source community is to fall for tricks like that then you have drastically underestimated this community. Most of the audience here doesn't get paid to find and report security holes in Linux or NT. However, if you find a security hole in Linux the result of your work will be made available to you and everyone in the Linux community at no charge through the efforts of volunteers like Torvalds and Cox. If you make the same effort for NT on the other hand, Gates is sure to offer you the opportunity to pay for the improvement whenever Win2K manages to surface without seeing it's own shadow.

    I'm not sure what you mean when you say, "The open-source community has been calling for Microsoft to do something like this for a long time now." As far as I can tell, no one has asked for Microsoft to offer us an opportunity to allow us to support their development and marketing efforts without compensation. Sorry, but now that the opportunity is here, I'm still not impressed. It probably would be easy to knock down the Win2K test server (I can't seem to get through to it so perhaps someone already did), and yours as well -- but I don't much care. I use Linux because it is the most stable and effective operating system that meets my computing needs, not as a protest against some other system. I choose to direct my attention to constructive activities -- attacking a system that isn't even in production without source code or specifications doesn't qualify.

  • All you are doing is allowing them to test their software using your efforts. Don't waste your time. Let them test their own crap.
  • M$ = $$$ (for more staff & admins)

    2 staff/admins per mainframe
    3 staff/admins per NT server + good technical support contract ;)

    Yes but those 3 staff are much cheaper since NT is so easy that anyone can admin it.***

    *** Not my own view, but it seems to be a prevalant view among some PHBs. MS themselves seem guilty of pushing this notion in some form.
  • Yes, but what about the case when noone (flexibly defined) CARES to break it? Serious people have more important work to do rather than break the thing which is broken by design...
  • Ha! I knew that acronym sounded familiar. Thanks for reminding the /. community. Pretty funny they are using that.

    Seems to be a class C block of IP addresses from right in the middle of the Class B that M$ uses. Claims to be an ISP, but they have just one static web page on their server.

    the AC
  • Obviously your a new user here, or just haven't been paying attention. The slashdot effect, is a semi-natural phenomenon, in which a article/url is posted on slashdot that everyone wants to checkout/read. The server holding that article is generally not prepared for an increase in hits of several thousand people within an hours time, crashing the server. The server is then known as being slashdotted. Every once in a while even slashdot gets slashdotted, when other news agencies link to slashdot, but in general the effect is named after slashdot as we tend to create such an effect more often than most other news sites.
  • I can see all the benifiets MS will get out of this site.

    1) Noone breaks in. Claim the most secure 0S in the world.
    2) People break in, MS fixes the bugs, downplays the seurity risk, and makes money off of a better product.

    What do the crackers get?

    1) They don't break in, Nothing.
    2) If they break in, Nothing.

    Humm... What a deal.

    Who is going to waste thier time trying to get into a system they have no idea whats behind? Where are the security holes? I would hope MS has fixed all the Known problems. And until they release thier software, it will be hard to see what new is broken.

  • by drwiii ( 434 ) on Tuesday August 03, 1999 @06:57AM (#1767769)
    There are hidden messages sprinkled around the computer. See if you can find them.

    Do GPFs count as "hidden messages"?

    The goal is to see how a properly secured machine will stand up to attack. These machines are configured to prevent known attacks.

    With a cookie-cutter operating system like Windows, you'd think they'd make the default configuration as resistant as possible to known attacks.

  • No I am not an employee of Microsoft. I am a CS student and a programmer\sys. admin assistant at a company in Atlanta.

    But then does it really matter what company I work for? The point is that as a programmer you should work to help people release good code, not avoid helping someone just because you don't like their previous products.

    That is only narrow minded and immature.

  • I must respond to the previous poster as to the security issues of a stock install( of LinuxPPC anyway.) A default install is much more secure than the machine is. And more stable from the looks of it as the windows machine looks like it has been rebooted already :)

    So here is an additional challange:
    Be the first to change /etc/motd on in a reproducable manner and we give you the machine

  • Even though this machine is outside a firewall (supposedly), it must have some sort of software firewalling running on it. When I did a portscan, I noticed it taking an unusually long time, and when it tries to connect to a port, it's not even getting the response that it cannot connect. Connections are being ignored on these ports. Does win2k have software firewalling built in (like Linux)?

    Anyway, that was as much effort as I'm going to put into it. If MS wants to pay me a normal consulting rate, I'll be happy to mess with it some more. I've got better things to do on my Linux box...
  • Not only is ( not responding, but (the maching to which appears to route all of its traffic) is also down. I e-mailed the MS ppl. if is fair game, but I imagine that they are a little busy at the moment.

    Has ANYBODY been able to get into ANYTHING at ANY time other than http ports? Some guy said everyone had download access to some msdca directory or something, but I haven't heard of anybody else getting in. If no ports are open then whats the point?
  • by rlm ( 52965 ) <rmeans.uclink4@berkeley@edu> on Tuesday August 03, 1999 @07:02AM (#1767810)
    Why do I see so many posts on here complaining because Microsoft is trying to get "free auditing" by asking everyone to attack their machine? Doesn't this fit entirely with the concept of Open Source? They're requesting assistance and criticism from the community rather than keeping it entirely closed. I mean, it's not handing out the source code, but it is a step in the right direction. I mean, shouldn't we all be happy that Microsoft is at least TRYING to improve their product before they release it rather than just giving us another piece of crap?

    If you don't want to help Microsoft out, that's one thing, but you can't deny that this is better for the hoards of people who will be running this thing.

  • Of course, what you say is true for any product, whether it's Linux/Apache or Windows 2000. Holes are going to be found that no one bothered to think of before. Linux servers were exploit city about a year ago, despite all the open sourcey stuff.

    For example, a serious IIS 4.0 exploit (in 'Remote Data Services') was just found a few weeks ago. This is after the product being out for more than a year.

    Also, I'm sure L0pht and others have Windows2000 betas. You can buy it mailorder, if MS hasn't sent it to your company.

  • I applaud Microsoft's intentions behind this test, but it really won't benefit its end customers.

    Howabout releasing some specs as to what hardware this machine is on, and what security settings they are using.

    We're not even certain they haven't made unfair modifications to their code (say randomly changing usernames and passwords if someone brute hacks them). Is this a realistic level of security which can be maintained by the average sysadmin, or will you need to hire half the NT 5.0 development team.

    Say someone does crack this system. Or everyone fails? Then what? Are we going to recieve detailed data on what people tried and succeeded/failed? If not we have no assurances that Microsoft will even attempt to fix any security holes they find.

    Essentially Microsoft has created a marketing gimick, nothing more.

  • An article in Bruce Schneier's excellent "Crypto-Gram" monthly newsletter. Now this will probably make next month's newsletter too. :-)

    The Fallacy of Cracking Contests []

  • I was screwing with it and it looks like I killed it with a cheap and easy buffer overflow. It stopped responding right after I sent it a ton of ASCII code 255 characters. Time of death: Approx. 1:45PM MST 8/3/99
  • by dattaway ( 3088 ) on Tuesday August 03, 1999 @11:24AM (#1767888) Homepage Journal
    I won! Where's my prize? I broke its Java! I couldn't even see the rules, now what were they? Microsoft can't seem to write HTML worth a damn.
  • Apple ran a contest much like this a couple of years ago; it was open for about a month or so and offered a cash prize to break-ins (but not DoS attacks). In the end, no one was able to claim the prize and Apple gained lots of bragging points. It became an instant selling point for Apple PR and Mac advocates.

    When the contest ended, Mac advocates took it up and sponsored their own contest. This ran for some time and again wasn't claimed; more bragging rights. Then, they ran another contest and upped the prize...this time, someone was able to break in using a security hole in a webserver plugin (that linked to a database--to their credit, they had set up the server to do something real, not just serve static pages). The prize was claimed, the hole was fixed, and then the contest started up again...and was quickly hacked via yet another plugin bug, as I recall.

    After this, there were no more contests, and you didn't hear people touting the security so much anymore.

    The moral of this story is that if someone claims their prize, Microsoft will lose more than they gain. It fixes one security hole, but there will always be others. And, their webserver got cracked--no bragging rights, and embarrassing no matter how they spin it.

  • We are gathered here today to today to mourn the passing of led a short life, but one full of activity. It is this action that we should remember, how pleasantly he served those static web pages, and the cute manner in which he [beep]ed out naughty words, like compe[beep]ion. We should remember how he went missing for a while, and then came back, opening up to us with several ports. We should focus on these positive things, not that somebody stuck a knife in those ports and twisted it with 30 minutes, but on how trustingly invited us in.

    I know that many of you will find his passing difficult to cope with, and I only wish I could do more to ease your grief.
  • by Signal 11 ( 7608 ) on Tuesday August 03, 1999 @07:25AM (#1767965)
    No, there is another outcome. Nobody takes the challenge. Challenges like this are generally dismissed in the security industry for a variety of reasons. Some of them are as follows...

    - Real Crackers aren't going to spend their time trying to get caught on a high-profile site.
    - Script kiddies don't have any scripts for the "new" OS yet.
    - It's new - so of COURSE it's going to take time to find the vulnerabilities. You think "one stunt, and that's it" is going to fix all their problems? You're more naive than I thought.
    - Past record. How long does Microsoft take to acknowledge, let alone fix, the problems they find? W2K *will* have bugs. All major programs have bugs. The question is - will they efficiently and quickly inform their customers, and provide comprehensive support to them - like the 4-color glossies they distribute say?
    - Many vulnerabilities are discovered at the console - and by looking at the source. It could be wide open, but you'd never know that from a remote perspective. Breaking into a system you've never seen or used remotely has about as much of a chance of success as me getting away with being called Rob Malda in this post.

    That's just what I can think of off the top of my head. Use your imagination. And most importantly: dismiss yet another one of Microsoft's tricks to get you to do their bidding. Clever Microsoft, but I thought you'd have learned by now that the 'net dispels FUD faster than a speeding salesman.

  • by Anonymous Coward
    ..mainly because it _IS_ behind a firewall.

    Let me paste the text from my initial scans.

    The following is a traceroute from my hosts to as if I _would_ leave in my
    peers ;)

    8 199.ATM7-0.XR1.SEA1.ALTER.NET ( 143.469 ms * 252.588 ms
    9 195.ATM4-0.GW3.SEA1.ALTER.NET ( 148.365 ms 149.046 ms 149.636 ms
    10 ( 148.690 ms 150.032 ms 248.992 ms
    11 ( 148.777 ms 149.989 ms 149.094 ms
    12 ( 216.968 ms * 256.297 ms
    13 * ( 144.507 ms *
    14 ( 148.849 ms * 163.483 ms
    15 * * *
    16 * * *
    17 * * *
    18 * * *
    19 * * *
    20 * * *
    21 * * *
    22 * * *
    23 * * *
    24 * * *
    25 * * *
    26 * * *
    27 * * *
    28 * * *
    29 * * *
    30 * * *

    Right there in black and white...line 14 returns no udp/tcp info. All ack's on echo replies are being denied.

    This means that Microsoft is implicitly denying tcp packets. I thought this host was wide open. Hmm let me try something else.

    Next pasting-------------------------------------

    This is a simple scan from saint formerly satan
    against (

    [root@nessus saint-1.4]# ./saint
    Security Administrator's Integrated Network Tool
    Portions copyright (C) 1998 World Wide Digital Security, Inc.
    Portions copyright (C) 1995 by Satan Developers.
    SAINT is starting up...
    *** can't find Server failed
    bin/udp_scan: are we talking to a dead host or network?
    Usage: ostype.saint target

    Obviously Targeted info has been redirected....

    The machine just before this win2000 box is definately the router for that subnet.

    Pasted Text--------------------------------------

    [skippy@nessus skippy]$ telnet
    Connected to
    Escape character is '^]'.
    Copyright (C) 1998 Extreme Networks
    By John Hollowell
    The WINISP Team!
    login: anonymous


    Simple telnets and ftps to the box are rejected. Services not running or being discrarded at the firewall.

    I am scanning various TCP ports for activity.

    Using nmap to discover destination services...

    I find that the following information is very _interesting_ to say the least.

    I think that other /.'ers can appreciate any words that come from the mouth of Saddam Gates...

    "Apocalypse now..."

    Pasted text----------------------------------

    [root@nessus src]# nmap -sT -P0 -o ./windows2000.txt -v -e ppp0

    Starting nmap V. 2.12 by Fyodor (,
    Initiating TCP connect() scan against (
    Adding TCP port 56 (state Firewalled).
    Adding TCP port 794 (state Firewalled).
    Adding TCP port 362 (state Firewalled).
    Adding TCP port 719 (state Firewalled).
    Adding TCP port 1495 (state Firewalled).
    Adding TCP port 310 (state Firewalled).
    Adding TCP port 409 (state Firewalled).
    Adding TCP port 415 (state Firewalled).
    Adding TCP port 1509 (state Firewalled).
    Adding TCP port 1019 (state Firewalled).
    Adding TCP port 254 (state Firewalled).
    Adding TCP port 2023 (state Firewalled).
    Adding TCP port 2043 (state Firewalled).
    Adding TCP port 7005 (state Firewalled).
    Adding TCP port 1015 (state Firewalled).
    Adding TCP port 1545 (state Firewalled).
    Adding TCP port 5530 (state Firewalled).
    Adding TCP port 1513 (state Firewalled).
    Adding TCP port 5191 (state Firewalled).
    Adding TCP port 126 (state Firewalled).
    Adding TCP port 116 (state Firewalled).
    Adding TCP port 1666 (state Firewalled).
    Adding TCP port 909 (state Firewalled).
    Adding TCP port 135 (state Firewalled).
    Adding TCP port 222 (state Firewalled).
    Adding TCP port 549 (state Firewalled).
    Adding TCP port 394 (state Firewalled).
    Adding TCP port 184 (state Firewalled).
    Adding TCP port 502 (state Firewalled).
    Adding TCP port 140 (state Firewalled).
    Adding TCP port 1473 (state Firewalled).
    Adding TCP port 678 (state Firewalled).
    Adding TCP port 844 (state Firewalled).
    Adding TCP port 1550 (state Firewalled).
    Adding TCP port 874 (state Firewalled).
    Adding TCP port 572 (state Firewalled).
    Adding TCP port 825 (state Firewalled).
    Adding TCP port 605 (state Firewalled).
    Adding TCP port 1528 (state Firewalled).
    Adding TCP port 1397 (state Firewalled).
    Adding TCP port 157 (state Firewalled).
    Adding TCP port 735 (state Firewalled).
    Adding TCP port 920 (state Firewalled).
    Adding TCP port 295 (state Firewalled).
    Adding TCP port 23 (state Firewalled).
    Adding TCP port 165 (state Firewalled).
    Adding TCP port 541 (state Firewalled).
    Adding TCP port 104 (state Firewalled).
    Adding TCP port 490 (state Firewalled).
    Adding TCP port 393 (state Firewalled).
    Adding TCP port 61 (state Firewalled).
    Adding TCP port 2064 (state Firewalled).
    Adding TCP port 73 (state Firewalled).
    Adding TCP port 7326 (state Firewalled).
    Adding TCP port 424 (state Firewalled).
    Adding TCP port 5190 (state Firewalled).
    Adding TCP port 967 (state Firewalled).
    Adding TCP port 1026 (state Firewalled).
    Adding TCP port 118 (state Firewalled).
    Adding TCP port 229 (state Firewalled).
    Adding TCP port 1669 (state Firewalled).
    Adding TCP port 49 (state Firewalled).
    Adding TCP port 927 (state Firewalled).
    Adding TCP port 998 (state Firewalled).
    Adding TCP port 1542 (state Firewalled).
    Adding TCP port 609 (state Firewalled).
    Adding TCP port 834 (state Firewalled).
    Adding TCP port 10082 (state Firewalled).
    Adding TCP port 478 (state Firewalled).
    Adding TCP port 904 (state Firewalled).
    Adding TCP port 1482 (state Firewalled).
    Adding TCP port 237 (state Firewalled).
    Adding TCP port 912 (state Firewalled).
    Adding TCP port 2401 (state Firewalled).
    Adding TCP port 403 (state Firewalled).
    Adding TCP port 1241 (state Firewalled).
    Adding TCP port 367 (state Firewalled).
    Adding TCP port 3086 (state Firewalled).
    Adding TCP port 805 (state Firewalled).
    Adding TCP port 303 (state Firewalled).
    Adding TCP port 766 (state Firewalled).
    Adding TCP port 944 (state Firewalled).
    Adding TCP port 169 (state Firewalled).
    Adding TCP port 1399 (state Firewalled).
    Adding TCP port 1987 (state Firewalled).
    Adding TCP port 6148 (state Firewalled).
    Adding TCP port 1178 (state Firewalled).
    Adding TCP port 901 (state Firewalled).
    Adding TCP port 654 (state Firewalled).
    Adding TCP port 469 (state Firewalled).
    Adding TCP port 9535 (state Firewalled).
    Adding TCP port 668 (state Firewalled).
    Adding TCP port 1421 (state Firewalled).
    Adding TCP port 75 (state Firewalled).
    Adding TCP port 5300 (state Firewalled).
    Adding TCP port 706 (state Firewalled).
    Adding TCP port 78 (state Firewalled).
    Adding TCP port 338 (state Firewalled).
    Adding TCP port 813 (state Firewalled).
    Adding TCP port 1009 (state Firewalled).
    Adding TCP port 625 (state Firewalled).
    Adding TCP port 7 (state Firewalled).
    Adding TCP port 1505 (state Firewalled).
    Adding TCP port 1490 (state Firewalled).
    Adding TCP port 506 (state Firewalled).
    Adding TCP port 1470 (state Firewalled).
    Adding TCP port 1499 (state Firewalled).

    And the list goes on...

    # Log of: nmap -sT -P0 -o ./windows2000.txt -v -e ppp0
    Interesting ports on (
    (Not showing ports in state: filtered)
    Port State Protocol Service

    None because they all _HAVE_ definately been firewalled off.

    Should I scan behind the firewall?
    Now this is a question of morals and ethics...
    Right Bill?

    What the fsck I think I am in the mood for a little challenge...

    Heh, heh, heh...oops!

    They must have active firewall admins at the console...All acks to my source address are being denied now. I could come from different hosts until I finally get through but I think I'll just leave it alone. As everyone can see from the info above I have used no scripts to attempt to crack the workstation. I was merely just accepting the invitation to look and try.

    Thanks Hemos, TACO, Cowboy and the gang...

    Any comments or suggestions can be sent to

    attempted by portslider at

    I will try to answer as many as I can.

    Sorry in advance but I do not provide hacking/cracking information to anyone. So don't ask.

1 Angstrom: measure of computer anxiety = 1000 nail-bytes