Become a fan of Slashdot on Facebook


Forgot your password?
The Internet

LinuxPPC challenge rides again 56

jacobm writes "According to an announcement on their site, AntiOnline is going to host the LinuxPPC challenge (crack an out-of-the-box LinuxPPC install and you can keep the computer), which was taken down a few weeks back because of bad guys doing mean things to LinuxPPC's network. Gentlemen, start your port scanners! "
This discussion has been archived. No new comments can be posted.

LinuxPPC challenge rides again

Comments Filter:
  • It refers to the difficulty in spoofing a TCP connection. Basically, to spoof a TCP connection, you need to take down the host you're pretending to be (usually with SYN flooding or something of that nature), and then sent TCP packets with that host's IP address as the origin. However, since the return packets will be going back to the disabled host, not to you (TCP spoofing is a "blind" attach), you need to guess the sequence numbers to put in the TCP packets, and if you guess wrong, the other side will discard them as being out of order or random garbage data, thus disconnecting you (if you even got the connection negotiated in the first place) and messing up your attack.

    TCP sequence predition in nmap estimates the difficulty of guessing these TCP sequence numbers. In some OSs, such as Windows, it's a fixed increment between packets, so trivially easy to guess. In Linux, apparently, "random positive increments" are used, making it extremely difficult to guess the TCP sequence, thus making it extremely difficult to successfully spoof a TCP connection.

    I've read some on Bugtraq recently about other weird things in Linux that will allow you to get a more accurate guess of the sequence numbers on a host that's otherwise idle (i think the id field in the IP packet increments by one each time or something of that nature). However, it's still not nearly as easy as Windows.

    For a much more in-depth discussion, read daemon9's IP-Spoofing Demystified [] (Phrack Issue 48, Phile 14).
  • >And to linuxppc, I find it hard to believe you've never heard of >antionline, especially after the packetstorm fiasco.

    Don't be too surprised. A lot of people don't find sites like packetstorm or antionline very interesting or even care about them all that much.
  • Gentlemen, start your port scanners!
    This is not needed its been done alredy [].d on't waste your time and bandwith .... Try something else.

  • Im sure JP is popping corks right now, just from the hits he's getting off this previously fine webpage. The fact that /. seems to be advocating any sort of Antionline project is revolting.

    1)Antionline has censored links. This means that if a site they dont like (, packetstorm, to name a mere few) links to them, you cannot follow that link to them. And censorship of any kind is bad.

    2)John Vranesevich is a criminal. Proof: .html

    He's no better than CPM. Hi Carolyn!
    3)JP is a media whore, he'll say and do absolutely anything to get in your email or browser, even if it involves outright lies and breaking the law.

    Yeah, im ranting, and im sure that some of you will claim that because i'm an NCState student, my rants are biased. However, I'm merely disappointed that slashdot would support anything antionline does. Makes me wonder if Hemos has some sort of Faustian deal signed with antionline....

    Shoutouts to Ken Williams for coming out on top through all the bullshit, and all the ehap kids, especially zeno & dox.

  • for the record, i've seen the entire packetstorm archives. (long before they were taken down) Nowhere in them was slanderous material or pictures. Ken Williams had a legitimate lawsuit against Harvard that he chose not to pursue.

    just setting the record straight... im not even going to touch that other comment about JP being a good guy. that obviously couldnt hack his way out of a paperbag, much less know anything about the scene.

  • "AntiOnline is a great site"

    That is your opinion. My opinion is that the
    site is a really horrible one. Neither of us
    are right nor wrong.

    "John V is a really good guy"

    Again opinion, however after the PacketStorm
    situation, I personally will not support anything
    associated with his name.

    The rest of your post is immature, childish, and
    deserves no comment.
  • better read those rules carefully. I wouldn't put it past AO to try and pin federal charges on anyone breaking them. I agree that it's extremely likely that they will be logging any information they get for future use against people. As a generally non-paranoid and trusting person, I trust AO about as far as I could comfortably hurl a Buick.

  • by alhaz ( 11039 )
    I mean how to bring down the server.

    I guess you could alternate that with how to hack root, but that would be a matter of discovering a heretofore unknown rootshell exploit, which would require more resources than just crashing it.

  • by alhaz ( 11039 ) on Monday August 30, 1999 @06:45AM (#1717065) Homepage
    I think this is a silly way to figure out how to hack a known configuration.

    I've often told people, if someone hacks your system and leaves you an obscene calling card, that was basicly a scriptkiddy who got lucky. A genuine, serious security cracker prefers to leave as little evidence as possible.

    Flailing away at this thing from remote isn't just a waste of time, it's embarrasing.

    If I had any interest in all in cracking this box, here's what I'd do.

    If i didn't already have access to a powermac, I'd borrow or rent one, as similar as possible to the one being used.

    I'd install linuxppc on it, staying as close to their known configuration as possible. if this is truly the default installation, that makes it much easier.

    I'd hook it up on a private segment with some other systems, and hammer away on it where noone can see, where noone else is generating traffic, examining the system for different sorts of problems depending on what i did to it.

    I'm sure eventually I'd find some way to at least cause the thing to die. It might take weeks, or days. Hard to say.

    As soon as i was 100% certian I'd found a way to kill it, then and only then would i begin to attack the machine in question.

    All this portscanning and flooding is just noise. Even if they do bring it down, they won't be able to reproduce it. In that respect, this is a pretty good PR stunt, given that linux is reasonably secure and stable.

  • I think this is nothing more than a publicity stunt on antionline's part. After the PacketStorm fiasco I'm sure that antionline took a lot of heat from the security community. The descission to host the box is probally a way of saying "Look we're on your side, really we are!" in an attempt to look good in the public's eye.
  • Yo I got my bros and my bro-ettes backin me up so you best step lest you wanna be hurting, youknowwhatimsayin?

    No offence, my man, but this is really pitiful. If you're going to reply to a /. story and rant about what a great guy you are and how many people got your back, at least sign it with your own name, alright?

    God, what a loser!

    Sorry for the flamage, but, god, somebody had to do it!

    --Andrew Grossman
  • I think because of the recent actions of AntiOnline v Harvard/PacketStorm I'll be avoiding this challenge. I think it's probably just a publicity stunt to get some of the heat off him because of the previous affairs...

    I personally will be avoiding this challenge, mainly because of the people hosting it.
  • Well, according to they DO host it:

    August 30

    "11:55 CST: Hello! Anti-online is about to host a new machine you can try to crack into. Please also send us information on any tests you might have done on your machines you may have tried to break into."

    The next tidbit is also nice :)

    "12:00 CST: Microsoft posted stats today: 427,597 GET requests. Our stats:1,880,138 (and cron already rotated out the first few days, so it probably is closer to 2.5 million)"

  • The guy that runs Antionline often talks about how he tracks various crackers and turns the info over to the authorities.

    Yep. I am sure that he is compiling a database of IP addresses from which attacks are being launched. Given his past behavior, I wouldn't be surprised to learn that this was the whole point of the exercise.

  • by Kaa ( 21510 ) on Monday August 30, 1999 @06:38AM (#1717071) Homepage
    Didn't Antionline (John Vranesevich) behave in a very unpleasant manner recently (PacketStorm -- Harvard)? I thought that he was relegated to the "don't touch with a 10-foot pole" category.

  • I'm sure that the IP of anyone even viewing a web page on a host in that network is logged.

    Duh. Every time you view a web page on any host on any network your IP is being logged. Apache, IIS and every other Web server since the dawn of time tracks it.
  • A few comments:

    First, AntiOnline as others have mentioned has a nasty reputation. I'm sure that the IP of anyone even viewing a web page on a host in that network is logged.

    Second, has anyone heard anything from the LinuxPPC folks confirming this? *I* certainly haven't, and as of the time of this posting, has no announcement about the box moving to AntiOnline's network. Until I see something offical from the LinuxPPC folks, I'm writing this off as another attempted publicity stunt by AntiOnline.
  • Didn't Antionline (John Vranesevich) behave in a very unpleasant manner recently (PacketStorm -- Harvard)? I thought that he was relegated to the "don't touch with a 10-foot pole" category.

    Yes, he did, and yes, he pretty much is in that category, as is his friend Carolyn Meinel.

    The whole reason they host this stuff is so they get to see the attacks people use. You think they're just putting this box on the net with nothing between it and the pipe? Hah. They're packet sniffing, monitoring everything.


    Well, so that in the off chance someone either writes his own exploit or gets ahold of a non-public one, and that person is stupid or naive enough to use it on them, they get to break the news, and claim the glory for it and use it themselves. Or better yet, have Carolyn write a book about it or turn the guy in to the FBI (which jaypee has said he will do and already has done, in fact, he's got an entire section of his website that is accessable only to law enforcement).

    They (antionline) been doing a "contest" like this already, called happy hacker, for a while now. Its a scam, just like this is. The only thing you do by breaking into their machine is to give carolyn and jaypee knowledge that they didn't earn, and can't be trusted to use wisely.

    I can't help feeling that the linuxppc folks got scammed. They probably didn't know who they were really dealing with.

    Antionline, and the people who run it, are not to be trusted, folks. Jaypee has just enough of a clue to be dangerous, and carolyn, well, everything that one can say about her already has been said better than I can. Check out's negation site [] for a few examples.

    User Bio
    I am a 36y/o in Georgia. I am a vice president for a rather large company. balh..blah..blah.. ADenton has posted 3 comments (this only counts the last few weeks)

    1 Re:umm ok posted on Monday August 30, @08:41PM CDT (Score:1 Replies:1)
    attached to LinuxPPC challenge rides again

    2 Re:i can walk the walk posted on Monday August 30, @08:39PM CDT (Score:1)
    attached to LinuxPPC challenge rides again

    3 re: AntiOnline posted on Monday August 30, @06:32PM CDT (Score:1 Replies:4)
    attached to LinuxPPC challenge rides again

    Gee, I wonder who this could be??
    "Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
  • i know this is ever so slightly off topic but can anybody out there in /. land help explain what the nmap output below actualy means

    TCP Sequence Prediction: Class=random positive increments
    Difficulty=3004658 (Good luck!)

    because i have played with nmap for quite a while now and in all of my visits to the documentation i havent seen an explination for what TCP Sequence Prediction actualy is granted i might be missing the obvious but i would certanly apreciate somebody at least pointing me in the right direction
  • The owner of AntiOnline pays people to crack servers in exchange for full coverage of the crack. It's a brilliant idea for making money.

    But then he later gives information about the hackers to the government. Whatever his incentive is, this guy is a total idiot and potentially dangerous.

    I bet he's letting some government acency have full access to this LinuxPPC box's logs. The person who cracks the box will probably get noticed by the government.

    And even if that's not true, why support an idiot like this?
  • The guy that runs Antionline often talks about how he tracks various crackers and turns the info over to the authorities. While one can describe this as good citizenship, I would not attempt to crack something Antionline is concerned with, even if it is a game. They may at somepoint turn your info over as potential suspects in some future investigation.
  • I'm sure eventually I'd find some way to at least cause the thing to die. It might take weeks, or days. Hard to say. What do you mean by "the thing"? I had originally assumed that you meant, "killing" the PPC machine. Or did you mean, to kill the page? I changed my thought, of course, when I saw this statement:

    As soon as i was 100% certian I'd found a way to kill it, then and only then would i begin to attack the machine in question. Apparently, I was mistaken on the "it," so I was wondering if someone could explain the "it" to a pitiful little ignorant person such as myself. Thank you. =)
  • Great. A cracking contest now open to anyone... unless JP doesn't like you. Then you had best not even LINK to the contest. You bastards.

    Next, we'll see protesting sites publishing embarassing background and family histories of LinuxPPC coders.

  • because the whole "crack this box" thing doesn't seem to be anything but PR. Props to antionline for hosting it, i guess, they don't seem like they have been very friendly to the underground in the past.... Oh well, (instert fart noise here) first post, i think :)
  • There is another guy out there that is challenging people to crack his PWS running on NT. He told me that if you get in and explain thoroughly how it was done you get a spiffy T-Shirt sent to you to commemorate the event! Not a free PC, but heck it identifies you as one bad ass dude....i think... ;]

    hack this dude's website and win a tshirt...

  • JP sucks.

    Anti* sucks.

    Don't view their web page, you might be sued.

    Don't try to hack the machine, you might be sued.

    Oops, he might try to sue me for saying he sucks. Well, he blows too.
  • What Linux community? I use FreeBSD.

  • I'm not normally a cracker but. . . Yah! Ride 'em, Ping-Boy!
  • Yea whatever dude.. *shaking*
  • yea whatever to you too dude.. i own a rather large company, read my bio dickweed.
  • Ok. ands whats your fucking point? so you showed how many times i posted today.. OOOO WOW! VERY GOOD... so whats your point?
  • If i want your god damned opinion ill rattle your cage.

Computer programmers do it byte by byte.