Please create an account to participate in the Slashdot moderation system


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Apple Businesses

LinuxPPC Challenge: Crack the Box and Keep it! 161

Jeff Carr from LinuxPPC was so amused by yesterday's MS W2k crack challange that he figured he'd play too: By setting up a LinuxPPC box challanging the adept out there to get in... but if you can get in, you get to keep the box! Its a stock LinuxPPC install, and he even left telnet on. The url is You must be able to reproduce your entry to win. Have fun.
This discussion has been archived. No new comments can be posted.

LinuxPPC Challange: Crack the Box and Keep it!

Comments Filter:
  • I think it should be clarified what the "crack guestbook" really is!

    I mean it does not seem as if it is impossible to crack if the "crack guestbook" shows several people actually cracking the system.

    Even the computer cracked itself! (

    Seriously, tongue in check and all, I believe the list should be removed to avoid any excess traffic on other sites (I would not believe /.ers would /. the guestbook list, would they?)

    Where do you want to go today? seems off bound to me ;^P
  • I do believe that whoever moderated you down thought that you meant the "HAHAHAHAHA" in a nasty, flame provoking way. Also, moderators go kinda trigger happy on first posts, whether or not they are "first posts."
  • Starting nmap V. 2.12 by Fyodor (,
    Host ( appears to be up ... good.
    Initiating SYN half-open stealth scan against (
    Adding TCP port 23 (state Open).
    Adding TCP port 111 (state Open).
    Adding TCP port 80 (state Open).
    The SYN scan took 108 seconds to scan 1483 ports.
    For OSScan assuming that port 23 is open and port 30569 is closed and neither are firewalled
    Interesting ports on (
    Port State Protocol Service
    7 filtered tcp echo
    19 filtered tcp chargen
    23 open tcp telnet
    80 open tcp http
    111 open tcp sunrpc

    TCP Sequence Prediction: Class=random positive increments
    Difficulty=3004658 (Good luck!)

    Sequence numbers: 56980630 56E19E58 5757E55E 56A2583F 5758D1B1
    Remote operating system guess: Linux 2.1.122 - 2.1.132; 2.2.0-pre1 - 2.2.2

    Nmap run completed -- 1 IP address (1 host up) scanned in 121 seconds

    check out that sunrpc port .. that looks promesing

    enjoy :-)
  • But /. is dogging it too.
    No response,
    slow response.
  • a good filter and firewall
  • This is real. In the seattle/victoria area we're having fanfuckingtastic lighting storms right now. I just got back from watching them god it's nice. Isn't to kind on competers though with lightning coming down evert 3-5 seconds.
  • Yes, it would appear that way, since RedHat Linux 6.0 by default disables all inetd services, as do most populuar things based on RedHat 6.0, such as LinuxPPC R5.

    Turning on Telnet on a server that you are trying to get secure seems a bit exterme... why have telnet enabled when you can have something like ssh enabled just when you need it. Of course if you are going to leave telnet enabled, you can at least use /etc/hosts.deny and /etc/hosts.allow to control what machine have access to that box.

    (Not to say that populuar sites around the web do have telnet enabled for everybody on any machine as long as you know the login/pass, for example

    This should be interesting to see what flaws (since we know they are not perfect) we learn about in RedHat Linux 6.0 and spefically LinuxPPC R5.

  • No, it obviously not a default install, since more services are enabled by this install (like telnet), then how it typically ships, with all inetd services disabled.

    So they changed some things that would be typically changed on the server to make it 1) easier to use 2) more services 3) added services locked down better.
  • RedHat 6.0 has no internet services turned on by default, you must manually enable FTP, telnet, etc.

    Obviously, LinuxPPC has made a few changes to the server, for example they disabled some scripts and enabled telnet (by far a fair compremise).

    Trust me, enought people have asked why telnet and FTP are disabled with the default install, if you don't believe me, see: orking.shtml

    That's also true with RedHat 6.0.
  • (microsofts next lame contest to prove their servers are tight)

    Microsoft will make you CEO if you can crack this out of the box config NT 4.0 computer.
  • (microsofts next lame contest to prove their servers are tight)

    Microsoft will make you CEO if you can crack this out of the box config NT 4.0 computer. this box is stand alone and our engineers have assured us we cannot loose.
  • bah... It's probaly just the old LinuxPPC, Inc. web/mailing list/ftp server, that they finally retired last month.

    That machine was a great, state of the art, 90mhz 601 machine, I think a PowerMac 7200.

    In the past, that machine seemed to lag quite often with all of the stress it had on it, and was partcally due to all of the load.
  • I can only imagine Microsoft's marketing geniuses saying:

    "Windows NT is the most secure operating system. It has a feature called IntelliCrash, which causes the operating system to crash when it detects high network traffic. Such traffic is always caused by hacker's activities, but, since the system is down, any attempts to break in will be unsuccessful. This innovation puts us years ahead of the competition."
  • I was under the impression that most buffer overruns were caused by overwriting the return address on the stack. So a function in a program run as root returns to exec /bin/sh. Different architectures might grow the stack in different directions, causing the buffer overflows to fail.

    I know that there are also buffer overflows on the heap, but I don't know how that works.
  • A team of us got together yesterday and we went bashing on it for a while. Judging from its reaction while we were after it I think we probably did bluescreen it or otherwise 'freaked it out' (to be technical). It came back up not too long after that though so nothing permanent. Probably just a reboot but no way for us to prove it was definitely our doing or someone else getting the KO punch in.

    I think someone REALLY got a suckerpunch in on them judging by its current reaction (or lack there of apparently). Probably is bandwidth flooding though.

    (The no-DOS attack method their rules were saying not do was for just swamping by the power of bandwidth. We just aimed at making it run out of ram and/or blue screening with as few packets as we could from multiple sites.)

  • I get to see the box, but only because IE5 has cached it. Go to the site and then hit the refresh button. 5 to 1 that it can't find the server.
  • Well... this is almost like the Happy Hacker wargames, except that it's worthwhile (prizes amounting to more than recognition). That, and it isn't intrisically flawed because it isn't run by Carolyn Meinel....
  • I love the idea, but I think you'd have a hard time finding anybody to host such a beast. Besides supporting what would probably be a huge amount of traffic - and some pretty funky looking packets, you've also got to consider what kind of collateral damage it could cause. Somebody mentioned that the MS test box has had it's DNS servers taken down already...

    Nope, you're wrong. Someone has already hosted many servers just for the intent to be hacked. Check out . Yep, a real life hack that box challenge that never goes away. []

  • oh, well...okay, but I still don't get it...I mean, it was very funny of them to do that...the first thing I thought when I saw the page was "it's sparse..." then I read that and started laughing...well, moderators, have fun with it..
  • This challenge to break into a LinuxPPC stock install (with nothing running) is NOT anallagous to Microsoft's challenge.

    There is no way in hell that the W2K server MS is putting up for this challenge is stock installed. It's probably been tweaked by MS engineers over the past two weeks to lock out any possible attack.

    When this server is cracked and theirs isn't, they will point to this as an example of W2k being more secure than Linux (which I doubt very much). This can't be allowed. Someone (maybe from Red Hat or from Debian or from *BSD) should take a week and secure one of thier servers and then let anyone go at it. Then we'll see whose server lasts longer.
  • I find it interesting to see how few people are flaming the LinuxPPC guys. When Microsoft started up their contest, people were extremely quick to crusade their views, many of them with four-letter words and simple sentences with little content.

    Of course, the Linux guys didn't make their web page incompatible with Netscape (or include unnecessary Javascript anyhow)...

    However, look at the situation from another angle--look at how shoddy the webpage is. Imagine if the Windows site had looked remotely like the LinuxPPC site does. Microsoft would have had a hard time finding enough extinguishers for THAT one.

    Imagine if the Windows guys had posted IP addresses on the main page.

    Do Linux users expect less of themselves? Do they not mind sloppy work? Does this make them feel more comfortable? The LinuxPPC site is definitely not designed to appeal to anyone in a "commercial" sense--is this why it's acceptible?

    In any case, it's good advertising for LinuxPPC I suppose...

    Oh well. I just think it's interesting how much our biases get in the way of logical thought.
  • by rnt ( 31403 )
    a couple of the postings have pointed out that this could turn out to be a kind of an
    almost-competition between linuxppc and the W2K bug-- if one gets hacked and the
    other doesn't, that means that that OS is more secure.

    I don't quite agree... in the August 4th part 3 log entry on it is mentioned that portmap, sendmail, and ftp will be turned on eventually.

    So now we have a win2k machine that is supposed to be secured to the max on one side of the arena and a linuxppc machine which will be gradually opened up on the other side.

    Clever move of linuxppc because first of all turning on more services keeps people interested. Let people have their fun! Having fun and learning a thing or two on the way. What more do we want?

    Another benefit could be that the two machines cannot be compared that way:
    The linuxppc machine is willingly set up in a way that increases the risks of anyone getting in.

    So if the linuxppc machine gets compromised it is not a big deal, it is more or less intended.
    That makes it kind of hard to brag that the win2k box remained intact (in some sense anyway) while the linuxppc has been hacked.

    Besides that: there is much more to learn from a box that does get broken into. Something to do with "learning from mistakes" I believe... and I quite like the idea of other services getting a nice pounding too.
  • "If you get in, please submit a better web page than this" HAHAHAHA

  • This looks more tempting than the cheesy MS "offer".

    Note, their server is down. I wonder if it's a DoS attack. Against the rules, but funny though.
  • I kid you not, I read on a MS page that NT
    5.0 (aka Win2000) would reduce the need for
    "administrative reboots". Now that is a great
    term if I ever head one.


  • I meant Microsoft's is down.
  • Doesn't work that way, at least not in this instance. The game ends with the first person to break into the box, so there's no opportunity for one-upmanship. The first person breaking in will probably put up a big ol' page with gaudy graphics splashed on it saying "I DID IT HOO HA HA" and it will be all over.

    If it ever happens, that is.

  • Great. Hack into their site. They display your IP address for everyone else in the world to hack into.

    No thanks. I already got stung by the last wuftpd exploit.

  • Thanks for your concern.
  • yeah. that's why I use a UPS.
    my site didn't go down.

  • by SirSlud ( 67381 ) on Wednesday August 04, 1999 @11:14AM (#1765802) Homepage
    Sounds suspiciously like a contest I run everyday when I bike to work. It's called "break the bike lock and keep the bike!".

  • How are you supposed to crack a server that's only running on port 80? And how are you supposed to crack it if it's going on and off like a lightbulb? Somebody swamped microsoft2000test yesterday, then it crashed and they brought up a duplicate, then somebody took out both of the nameservers, then they went back up, but both servers were down...
    Now they've switched nameservers totally, but the site's still out for the count. I think this is a pretty shoddy deal if you ask me.

    --- pinging, please wait...
    --- sending to [],

    error, ping 1 timed out...
    error, ping 2 timed out...
    error, ping 3 timed out...
    error, ping 4 timed out...
    error, ping 5 timed out...

    --- ping statistics for
    5 packets transmitted, 0 received

  • Compared to microsoft's test site, at least this one is reachable so far. After two days, I have been able to load microsoft's page only once.
  • so i did the rpcinfo scan for you folks:

    $ /usr/sbin/rpcinfo -p
    program vers proto port
    100000 2 tcp 111 rpcbind
    100000 2 udp 111 rpcbind

    not much there other than bind... but that can be useful. i leave it as an exercise on what to do with that info. :)

  • One of the machines we host websites on at work had a problem with SQLServer 6.5 filling up the application log - it was reporting that a connection could not be made (because the maximum number of simultaneous connections had been reached) 6 times a second.

    Not very many services didn't crash, including IIS and SMTP (not good on a webserver!)

    Only way to fix it was change the log settings and reboot....

  • Whiel you're correct, how many stolen bikes do you think are actually recovered every year? If someone actually managed to steal the guy's bike, what are the chances that he'd ever see it again or that the theif would ever be procecuted for it?
  • Except they wouldn't use the term "crash." Rather, "Temporary Security Enhancement Through Service Restriction" or similar.
    Hard to beat the name "IntelliCrash," though ;-)
  • I think they're assuming that their system is more secure straight out of the box than anything Microsoft could put up. I guess only time will tell, eh?

    In any case they win. If their system dies, they can still say, "but ours was a stock install," and they'll avoid most of the flack. The free toaster offer is good PR as well.

    If their system survives, they get to shout out, "our stock installation was more secure than the Redmond boys' machine." Of course, that probably won't happen.

    It doesn't look like they've got much to lose. Plus they're catering to the Linux crowd, not the Microsoft crowd, so they don't have to try all THAT hard to impress, I don't think.
  • There is some discussion on this issue from linux-kernel here [].

    The short version: It's possible to execute arbitrary code even if the stack is marked non-executable. Oh, and Alan Cox says Intel machines can't mark the stack non-exec anyway.

    So your point may be true, but it's of limited value.
  • The difficulty is that LinuxPPC R5 comes with all inetd services disbled (for security). So it's not *really* a stock install - Jeff had to make it less secure. I believe the intent is to keep turning on services (like telnetd, which was already enabled) if no one breaks it quick enough.

    Besides, if this server is cracked, then we will have found another hole to patch, which is the point of cracking, right?

    You talk about taking a week to secure a server, but it could be done in a few minutes by turning everything off except Apache (and disable CGI). "Secure" is kind of a tradeoff in that case.
  • ? - It damn well better. Some people actually need to keep complete logs. NT can be set to wrap around logging or halt when the log is full. Any installation with any security sense has NT to halt when logs fill, of course, they generally never let it get full either.
  • Looks like someone was reading ./ they have removed the IP list from the site (3:50 mdt) and made a few new comments about its configuration and stats, still telnet does not seem to be working.

  • We're not a non-profit entity. :) We do make enough to pay ourselves, pay our bills, and then have enough left over to buy new G3s for developers.

    We _do_ want to take over the world, but we're going to share the spoils with our friends. ;-)

  • would have helped to know that this company is based out of wisconsin and they are on my isp =)
  • Yes some operating systems do have non-executable stacks, I am unsure if Digital UNIX is one of them but it wouldn't surprise me. I do know Solaris has this feature (though there are/were some flaws, search bugtraq archives [] for more info). Linux does as well through Solar Designer's secure-linux patches ( index.html []). This may only work with Intel Linux, I haven't used it elsewhere. Gory details of how it works are include with the patches. Beware however that these are not perfect and can be defeated. Also note that there are good uses for executable stacks, search on "gcc trampolining" for some examples and discussion.
  • "ps - the machine still has 29meg of ram FREE - not buffered or shared - free as in totally unused with 128 connections. (160 meg of ram total.) Love to see the box do that. "

    LOL! This is great. Actually, I'd love to see the W2Ktest machine do ANYTHING right now. It's been down most of the day.

    Looks like they finally got the router loops fixed though, but the machine is still not up. I wonder who's head is gonna roll in Redmond for this one? I'm sure the marketing genius who came up with this one didn't clear it with ole Billy-Boy...
  • look at how shoddy the webpage is

    Look at how much time it took for LinuxPPC site to appear. How much time and people do you think it took to put M$'s site up?

  • Nevermind, its still there its just been moved off to another page

  • Yes, the return address is modified to return to your evil code which you inserted in the buffer you overflowed. That code generally does something useful like give you a shell. See Smashing The Stack For Fun And Profit [] for a much better explanation. Different architectures do grow the stack in different directions but that doesn't prevent the exploitation of overflows.

    Heap based overflows are very similar but they occur in the data (bss) segment of a program. w00w00 on Heap Overflows [] has a pretty good explanation.

  • The guestbook is including hostnames, and it's an shtml page.

    I'm not set up to change my hostname, but perhaps someone else would like to try changing their hostname to include a serverside include.

    for instance.

  • It's totally gone now. They removed in the last 10 minutes actually. I was just about to check how many people where on the list when it happened too. Damn.

    Hey, LinuxPPC guys, how about doing an "attempted cracks" counter?
  • by Anonymous Coward

  • Why is this moderated down? This person has several valid points. If you're a moderator, please to to bring it back to at least 1...

  • 1 KN0W!!!!!!!!!!!111

    1'M JU5T G0NN4 K33P TRY1N6 2 6U355 R00T PA55W0RD.
    ------ ------ ------
    ALL HA1L B1FF, TH3 M05T 31337 D00D!!!!!1
    ------ ------ ------
    ALL HA1L B1FF, TH3 M05T 31337 D00D!!!!!1
  • True, but then that's part of my point. There's the issue again of the fact that Microsoft has to have a nice page up.

    I ask again--what kind of flame would they have drawn if they had set up a "quick and dirty" page?

  • Is it a nice G3? Or a crappy 603/200mhz like my machine! Egads!

    Open the sendmail PORT!!!

  • by mcc ( 14761 )
    a couple of the postings have pointed out that this could turn out to be a kind of an almost-competition between linuxppc and the W2K bug-- if one gets hacked and the other doesn't, that means that that OS is more secure.

    Well, if we're going to play it like that, i think linuxppc has already won-- after all, this long after the w2k challenge was posted on /., the slashdot effect had already practically taken the windows2000test box out.

    So this would seem to imply that LinuxPPC is, if not more security-friendly than w2k, at least a _lot_ more reliable. Which if you ask me is more important than "security", since total security will never really happen.

    Now if only it supported HFS+.. but i guess that really isn't a huge problem if you look at it in perspective. -_-

  • $ portscan
    Scanning host - TCP ports 1 through 1024
    23 (telnet) is running.
    80 (www) is running.
    111 (sunrpc) is running.
  • I held root on 3 of the games in the happyhacker wargames. I'd really suggest not getting involved though, because it's just a big thing to get people's info to add to the "Hacker information Database" on Yup, that's right, a big list of people involved with hacking that JP shares with the feds.

    Anyhoo, tg0d ( is going to be hosting something like this of it's own. We aren't gonna keep a log of people's IP's or anything like that. And if you root a box, it's your as long as you can defend it for. Our games aren't up yet, but we have 5 boxes that are schulded to go up soon. So bookmark and come back later for more info.

    P.S. Yeah, our page sucks.. it's not complete yet, we've been busy.


    The more you learn, the more you realize how little you know.
  • We do this stuff every day at Tiger Team Australia [] and if there is one thing we have learnt is that a target cannot ever be declared secure because tommorrow there will always be another sploit. The best you can hope for is a box that is not easy to crack into. This means keeping up to date with your security. Nothing more.. To fix a machine's security you have to test it. It makes no good to turn all your services off and then say "go on.. hack me", only to turn em all back on the next day. When we are hired to do a penetration test we tell the client not to inform their staff of the attack for precisely these reasons. As for you might as well remove tcp from the kernel (although I do like the chances of burning apache.. but you need a little more information on the web content.. my guess would be that this is a stock standard install which is pretty pointless cause real clients put real web pages on their machines and, more to the point, it's the braindead web designers and graphic artists who put the data on there, screwing up perms and so forth). The environment that you find the machine in is more important than the machine itself. To the leet crackers out there, (none of my crew included.. get back to work) I suggest that you do a location hack (geographic hack, neighbourhood hack.. etc).. traceroute the box, hack the isp, or any other client of that isp, go back up the chain and violate trust.
  • Someone that does not know how to use telnet should not be trying to break into another machine. You have to walk before you can run.

    Not knowing about telnet implies a general vacuum in the unix/ip-clue area.
  • An iMac. MS is probably running their test server of some big Xeon iron. I just think it would be funny to show that Apple's little jelly bean computer running Linux makes a better server than a $7000 Xeon box running W2K ;-)

    An iBook would be even better, but I don't think anyone outside of Apple has one yet.
  • ...that the box you'll be getting will more than likely be a ...


  • >Except they wouldn't use the term "crash." Rather, "Temporary Security Enhancement Through Service Restriction"
    >or similar.
    >Hard to beat the name "IntelliCrash," though ;-)

    ummm, how about "Temporarily Restrict Availabilty to Server Hardware"???

    That'd make Microsoft IntelliTrash(tm) :-)

    heh heh

  • That was actually kindof a worthwhile read. Not in the sense of trying to track down names, but it was nice to see a few of my favorite IP addresses on the list.
  • slashdos effect...i like it.
  • Trying
    Connected to
    Escape character is '^]'.
    GET /cgi-bin/cachemgr.cgi?wtf=9 HTTP/1.1

    Connection closed by foreign host.

    Whats the deal there? no no-such-page. Is this definitely a stock install?
  • OK. Let's take a look at reasons the flames aren't fortcoming (beside your insinuation of MS bias)...

    Of course, the Linux guys didn't make their web page incompatible with Netscape (or include unnecessary Javascript anyhow)...

    This may seem like a minor point, but it actually points to a chief complaint towards MS; "Our way or no way". The promise of Java is cross-platform compatability; MS' implementation breaks this. A good web site can be handles by a multitude of browsers and platforms - even MS' own corporate site runs fine with Netscape. Yet, here it breaks. Did MS do this on purpose? Their past history certainly implies this is possible.

    ...look at how shoddy the webpage is.

    Do Linux users expect less of themselves? Do they not mind sloppy work? Does this make them feel more comfortable? The LinuxPPC site is definitely not designed to appeal to anyone in a "commercial" sense--is this why it's acceptible?

    Oh well. I just think it's interesting how much our biases get in the way of logical thought.

    Actually, I would point out that the web page makes perfect sense. The idea of this "counter-challenge" is NOT glitzy publicity. The machine is there to be attacked - not to hand out online brochures. The marginal page is functional... even humorous ("If you get in, please submit a better webpage than this :)"). I hardly see how additional flash would make a TECHNICAL challege more legitimate.

    Imagine if the Windows guys had posted IP addresses on the main page.

    Now, here you've made a good point. And apparently, others have made it too since the page has removed the "log". I agree. Posting these IPs is trouble and MS would definately get flamed hard for it.

    In the final analysis, you have to ask yourself what are the motivations here? The belief is that MS is pulling a shallow publicity stunt (and none too origional at that). No matter what the outcome, MS will turn it into brochure fodder for PHB's. In the meantime, issues such as MS' responce times to discovered security holes are not dealt with.

    The LinuxPPC guys are responding to MS' publicity stunt with a copycat stunt. They've done it in good humor. And they've done this in a way that appeals to other tech-minded people. If anything, its less dubious bait-and-switch and more lampooning. Will they get glitzy brochure fodder out of it? I don't know. Ask their marketing department.

  • I'm sure the marketing genius who came up with this one didn't clear it with ole Billy-Boy...

    Somehow, I suspect a lot happens in Redmond that doesn't get cleared with "ole Billy-Boy". I highly doubt he's in every marketing meeting for every little stunt they come up with. Gates is probably involved in much higher-level stuff than this (although I personally have the feeling he's more of a company mascot than fearless leader at this point - think Ronald McDonald). Microsoft is way too big for one person to keep track of everything that's going on...

  • The game, almost exactly as you stated it, takes place at DEFcon--it's called Capture the Flag--to win, you have to root, and to keep, more systems than the other folks.
  • I don't believe this is an option, since the SSI appears (as far as I can tell) to be simply including a text file generated by some other script.
  • It's "funny" because Challenge *IS* spelled correctly in the title!
  • I'm listening to KMFDM while reading these comments about cracking Microshaft vs LinuxPPC. It "owns" you. The best music by which to read comments. :-)
  • The outcry about Netscape not working with the page was understandable. I don't believe in proprietary standards either, which is why I mentioned it. Microsoft's general website however, follows a certain plan--they have pages which are formatted and displayed to IE users, and then they have pages which are for non-IE users. If you view from non-IE4/5 browsers, you're going to see an entirely different site.

    One way to sort of "excuse" the guys is that they probably were trying to remain within the Microsoft web site design specifications. Perhaps they didn't feel like making the non-IE4/5 version of the page or ran out of time? When viewed from the perspective of it being part of a larger site with a required "look and feel", rather than an independant page, it's somewhat easy to justify their mistake.

    The belief is that MS is pulling a shallow publicity stunt (and none too origional at that).

    That's definitely something I would agree with. I'm under the belief that it was a bad move on their part--if anything it just made them look really bad.

    The LinuxPPC guys are responding to MS' publicity stunt with a copycat stunt. They've done it in good humor. And they've done this in a way that appeals to other tech-minded people.

    True, but it still seems to me that LinuxPPC is a company that is not adverse to publicity (it'd be hard to survive without it). To say that they made the site in the manner that they did just because it appeals to other like-minded individuals seems to go against the fact that in the grand scheme of things, they are trying to make money...aren't they? I profess to not knowing much about LinuxPPC, so correct me if I'm wrong and that they are a purely non-profit-oriented Linux distributor.

    So, in that sense, I still wonder if professionalism is a negligible requirement of Linux users in the companies that they allow to represent themselves. Any thoughts on that, anyone? Or is this reply too deep for most people to notice? :)

  • Ok, everyone run "ping -t"
    and just leave it going.
  • I think what MS and LinuxPPC are doing is great. For a long time now, the default install of many operating systems- Red Hat 6.0 included - has been very insecure. For instance, I believe you might be able to remotely attach to a default installation's X server and watch users enter passwords!

    I'd like Red Hat to try to make their next release be secure by default - no Internet services turned on - and still have X working properly (maybe using Unix domain sockets?).

  • It looks like a fiasco... Why in the world
    they went for this. With IPv4 nothing is stable, if you fuck with it long and hard enough...
  • it on P-II 350 with 128Mb. Or that what
    they claimed when the site was up.

    But I think it is a T3e running -g version of NT
    in emulation mode...

    Or, well, I do not think.. Nevermind :)
  • I'm pretty much in agreement here. I'm surprised they're displaying the IP#s ..... kinda kills my desire to take a crack at it.

  • by Anonymous Coward
    please fix the spelling of "challange" in the title...
  • by arieh ( 30860 ) on Wednesday August 04, 1999 @11:18AM (#1765872)
    Kudos to the PPC guys.

    No better way to detract from the interest that
    Microsoft may have generated than to divert back the efforts of the linux community to a more
    worthy cause - improving the security of our own systems.

    Let's eat our own (dog)food.

  • by slothbait ( 2922 ) on Wednesday August 04, 1999 @11:19AM (#1765874)
    The comment:
    If you get in, please submit a better webpage than this :)
    ...made me think. Whoever can make it into this box gets to replace the web page with whatever they want...they become owners and get to be "King of the Hill". Plus, if they acquire root access, then they presumably have the power to patch whatever hole they crawled through, making the box that much more secure.

    But what could really prove interesting is if someone tried to break in and steal from the stealer...knocking off the old King and resulting in a King of the Hill, and so on...

    All the while, people would be stress-testing the system. And people will have an ego-incentive to discover security holes because, if they find a way in, they get to be "King of the Mountain" until someone else finds a new way to crack the box.

    Oh what a game this could become!!!
  • Well, with IE 5 at work I've been able to hit the microsoft site pretty much all day today and most of the day yesterday. That's the Win2000 one as well as the regular one. So it doesn't seem to have gone down too hard if at all.... Then again, if they just did something screwy with the page so that only IE5 would show it as existing....
    Wouldn't that be interesting? I away to entirely shut out half of the community from your website.

  • This was posted on winsucks [] yesterday.
  • If you had a sign on your bike: "Remove the lock and the bike is yours", then you could compare the two. This is an offer that allows you legally to crack, hack, scriptkiddie your way into the box, and if you do, its yours, legally. A huge difference.
    Stan "Myconid" Brinkerhoff
  • I know, I know, I was just kidding around. =)
  • Unfortunately, the louder voice does tends to be the more ignorant one, doesn't it? I'd hate to believe that all of those Linux users who were titillated by the "[BEEP]" filter in the guest book were truly representative of Linux academia.
  • Well... this is almost like the Happy Hacker wargames, except that it's worthwhile (prizes amounting to more than recognition). That, and it isn't intrisically (sic) flawed because it isn't run by Carolyn Meinel...

    What happened? Did she turn you down on a date or something?

    Phil Fraering "Humans. Go Fig." - Rita
  • ActiveCrash

    "The number of suckers born each minute doubles every 18 months."
    -jafac's law
  • A few months ago, when I was still in college (about a month from graduating), someone decided they needed my bike more than I did, and so they stole it. I was somewhat pissed (since I, of course, ended up having to walk home as a result), and so I emailed the campus police, only as a formality. I figured I'd just walk for the rest of the month, as it wouldn't have been cost-effective to buy a new bike so close to graduation. Ennyhoo, next day, I got an email back from the campus police stating that they'd already found my bike. Apparently it wasn't good enough for the thief, and so they left it on the lawn in front of the English building. The English building of all the places! I was incredibly insulted. But I got my bike back, and so all was well.

    I think I had a point to all that, but it must have broken off somewhere...

    "'Is not a quine' is not a quine" is a quine.
  • I'm already working on this with a few of my friends. We will post something if/when we can find a ISP with the guts to try it.

  • Pfft. What a bunch of wankers. If you're going to use <a href>'s, at least learn how to use them.
    I'm actually mildly concerned that people may even contemplate for more than a nanosecond giving you money.
    Your web page doesn't even say who you -are-.. That's enough to turn anyone with a clue off.
    Comics: [] - It rocks my nads.
  • by Anonymous Coward
    Ok, I must warn you that the following is a Totally Off Topic(tm) comment, and that by reading it you subject yourself to 20 lashes with a /. noodle. Here goes:

    Nmap appears to be an interesting tool to use. This is good. I flipped over to the URL given in the pasted text, only to find a statement like this: "Windows was intentionally excluded from the table because I don't currently have any intention of porting to NT/95. I suggest an upgrade to one of the many supported operating systems or don't use nmap. Note that Linux, FreeBSD, OpenBSD, and NetBSD are all free for download and run on pretty much any PC (as well as other platforms) so there are few good reasons not to just install one (or all) of them."

    My question is this: Will all *nix users PLEASE GET OFF THEIR HIGH HORSE?! Yes, damn it, there are a few technically literate people who use Windows for whatever reason. Mine happens to be the fact that I am a technical support person for my company (we are all of 8 people, serving 350 clients) and my home machine must run Windows so that I can _do_my_job_. It doesn't bother me that people don't write useful tools for Windows anymore. If I want one, I'll crank up MSVC++ and write it myself, but it really chaps my ass to see the utter arrogance that passes off for normal in the *nix community. Yes, I like Linux just as much as many of you do. I have an account on a Linux box so that I can play with this all-mighty OS. And, the day I can actually scrape together enough money to put up a box that will actually DO something (X on a 486 is mind-bendingly slow), I will.

    Please, for goodness' sake, lay off the holier-than-thou attitude. This should be in the Advocacy-HOWTO somewhere. It only makes the rest of the world believe you are half-crazed zealots who care nothing about the 85% of us who use a certain OS made by a certain company out of Washington state (US for the international folks), either by choice or by force.

    There. That's my rant. Please moderate this down to -1 so that no one has to see my pitiful opinion.

    Oh, and by the way, good luck to those attempting to crack this box. I'm still plugging away at it myself, but with such a crippled OS at my disposal, I doubt I'll make it.

    Anonymous by Choice, not by Volume.
  • Pray don't confuse firewalls with security. Machines behind a firewall are only as secure (from the big bad net, assuming they're connected to it, as most firewalls are) as the TCP/IP stacks and services that answer on ports accessible through the firewall and/or its sockets. Most firewalls that I've had experience with have closed off all ports except the ones that people needed to use from the outside -- and half the time that included stuff like pop[23], imap, smtp, etc., and on which the servers answering those ports tended to be way behind on their updates because people had this sense of security lent by the firewall.

    Also, firewalls don't work from people who can emit packets from inside your firewall -- and that's surprisingly easy to do, either through coercion of the firewall box's network stack, compromise of a machine behind the firewall through some open port, or simply being behind the firewall in the first place (as in many corporate environments). If a firewall is configured to permit connections to ports 22 (ssh) and 443 (SSL http), there's no particular reason why an attacker can't arrange for a root shell to answer on one of those ports, and with most network installations no one would be the wiser.

  • Someone has crashed it 3 times in a the box is back up but MS turned off port 80(the webserver. So the box has NO open ports now. Real fair.
  • The linux box is up, the Microsoft one is down.

    'nuff said
  • Unfortunately, the box is partly relying on the fact that all the script kiddies have buffer overflows that were written for Intel Linux. This is one of the arguments I've always had for staying away from a Unix variant that only runs on one platform--homogeneity in systems hardware and software was what made the Internet worm possible.

    When I set up my first Alpha box, I knew nothing about security, but the script kiddies kept failing on account of their buffer overflows just crashing and core-dumping. It bought me some time to get a clue, at least.
    I noticed
  • isn't just posting this stuff on slashdot a DoS attack? :)
  • by pmmay ( 60272 ) on Wednesday August 04, 1999 @11:47AM (#1765908)
    They have a status page up. This is only from yesterday's activities:

    8/3/99 Events
    3:22pm - Network connections down due to router failure, possibly related to thunderstorms and power failures in the area

    2:59pm - Network connections intermittently up

    12:40pm - Network connections down due to router failure

    11:02am - Services restarted

    10:47am - Some services failed after reboot

    10:45am - Reboot because the System log was full

    10:30am - Network connections down due to router failure

Unix will self-destruct in five seconds... 4... 3... 2... 1...