Remotely Crash OpenBSD
*no comment* writes "If you are running OpenBSD on your IPv6 install, it might be time to upgrade to -current. (just kidding) There is, however, a way to crash OpenBSD 3.4 with a couple of simple IPv6 commands. Georgi Guninski, found the problem. To quote Theo, 'it is just a crash.'" It is unknown if the bug could be used to execute arbitrary code, but it does require patching a Linux kernel (or rolling your own network stack) to exploit.
"Do not stand at my hard disk and forever weep.
I am not there; I do not sleep.
I am a thousand winds that blow.
I am the diamond glints on snow.
I am the sunlight on ripened grain.
I am the gentle autumn's rain.
When you reboot in the morning's hush
I am the swift uplifting rush
Of quiet birds in circled flight.
I am the soft stars that shine at night.
Do not stand at my hard disk and forever cry.
I am not there. "
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the first organization which
gathers GAY NIGGERS from all over America and abroad for one common goal - being GAY NIGGERS.
__vowov_ __vv___v_ ______vov_ ______vov__
_vow_wov _vow__wov _____vowov _____vowov_
_vow____ _voww_wov ____vowowv ____vowowv_
_vow_wov _vow_wwov ___vow_wov ___vow_wov_
_vow_wov _vow__wov __vow__wov __vow__wov_
__vowov_ _vow__wov _vow___wov _vow___wov_
_____GAY NIGGER ASSOCIATION of AMERICA_____
BE NIGGER!
BE GAY!
JOIN THE GNAA!
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the fastest-growing GAY NIGGER community with THOUSANDS of members all over United States of America. You, too, can be a part of GNAA if you join today!
Why not? It's quick and easy - only 3 simple steps!
First, you have to obtain a copy of GAY NIGGERS FROM OUTER SPACE THE MOVIE and watch it. (Click Here to download the ~280MB MPEG off of BitTorrent)
Second, you need to succeed in posting a GNAA "first post" on slashdot.org, a popular "news for trolls" website
Third, you need to join the official GNAA irc channel #GNAA on EFNet, and apply for membership.
Talk to one of the ops or any of the other members in the channel to sign up today!
Fourth, remind Lindsay Felton about Batman touching my junk liberally.
If you are having trouble locating #GNAA, the official GAY NIGGER ASSOCIATION OF AMERICA irc channel, you might be on a wrong irc network. The correct network is EFNet, and you can connect to irc.foxlink.net or irc.choopa.net as one of the EFNet servers. If these do not work, use irc.efnet.net.
If you do not have an IRC client handy, you are free to use the GNAA Java IRC client by clicking here.
If you have mod points and would like to support GNAA, please moderate this post up.
This post by GNAA member Lysol, another soul proud of his nigger fag heritage.
How do them apples taste now?
Extra point if you use Exploder!
Ya!
PLEASE KILL A DOG - Any dog. Support the Euthenasia for Canus Familiarous Assoc. today to benefit from the FULL BENEFITS of being a FULL TIME ECFA member.
Are you MAD?
Do you HATE DOGS?
Are you a MAD DOG HATER?
If you answered "yes" to any of the above questions, the ECFA is for you! The ECFA is the only animal humane group that supports the MAD KILLING OF DOGS.
Why kill dogs you ask? Because there are just TOO MANY of them. We don't have anything against the species, it's just that they are too overpopulated. Dog lovers from around the world spend LOADS of TIME attempting to save every member of this overcrowded species. To fix this imbalance, the overpopulated animals need to be eliminated. If the dog is not already in a home, or can be adopted in a short period of time... it's time to say goodbye.
Why MAD? Because they are costing us TAX DOLLARS to take care of? Over 100 million dollars is spent in the US each year alone on taking care of wild dogs. The health and safty concerns of this overpopulation are overwhelming. It is time to say goodbye.
We are looking forward to your membership. To join, first get a ECFA "first post" on slashdot.org. Then, give us a holler in our chatroom, #dogs on efnet. Then, simply post a sign outside your humane society for the humane destruction of dogs with euthanasia.
and then the devil rises.
mod -1 for being a troll post, openBSD is alive and well... and its not the linux kernel, its the BSD kernel you dumbshit.
Noone important uses BSD anyways...
It's "dago", you ignorant slice of turd.
If this was on fark, the title would be
BSD Exploit discovred, Linux users laugh, Flamewar ensures!
Nero-burning ROM for Linux!
With the attitude those guys have, it's almost as amusing to hear about an OpenBSD exploit than a WinXP one!
Still another awful blow has struck what's left of the *BSD community, as a soon-to-be-released report by an independent commission doing a year-long study concludes: *BSD is dead and mummified. Here are some of the commission's findings:
Fact: the *BSDs have balkanized yet again. There are now no less than twelve separate, competing *BSD projects, each of which has introduced fundamental incompatibilities with the other *BSDs, and frequently with Unix standards. Average number of developers in each project: fewer than five. Average number of users per project: there are no definitive numbers, but reports show that all projects are on the decline.
Fact: Apple is quietly changing the base kernel for OS X from *BSD to Linux. Insiders report that Apple's technical leadership has grown tired of the licensing battles and is seeking a more modern license; they find Linux's license more appealing. Many Apple technology experts -- from OS developers all the way up to Steve Jobs -- find Linux to be a more advanced OS, which will enable Apple to release a more mature product. The frequent hallway arguments and fistfights among the *BSD developers Apple has hired has also contributed to the decision.
Fact: XFree86 is dropping support for *BSD. The remaining core group believes that the *BSDs have strayed too far from Unix standards and have become too difficult to support along with Linux and Solaris x86. "It's too much trouble," said one anonymous developer. "If they want to make their own standards, let them doing the porting for us."
Fact: Many user-level applications will no longer work under *BSD, and no one is working to change this. The GIMP, a Photoshop-like application, has not worked at all under *BSD since version 1.1 (sorry, too much trouble for such a small base, developers have said). OpenOffice, a Microsoft Office clone, has never worked under *BSD and never will. ("Why would we bother?" said developer Steven Andrews, an OpenOffice team lead.)
Fact: servers running OpenBSD, which claims to focus on security, are frequently compromised. According to Jim Markham, editor of the online security forum SecurityWatch, the few OpenBSD servers that exist on the internet have become a joke among the hacker community. "They make a game out of it," he says. "(OpenBSD leader) Theo [de Raadt] will scramble to make a new patch to fix one problem, and they've already compromised a bunch of boxes with a different exploit."
Fact: NetBSD, which claims to focus on portability (whatever that is supposed to mean), is slow, and cannot take advantage of multiple CPUs. "That about drove the last nail in the coffin for BSD use here," said Michael Curry, CTO of Amazon.com. "We took our NetBSD boxes out to the backyard and shot them in the head. We're much happier running Linux."
Fact: There are almost no FreeBSD developers left, and its use, according to Netcraft, is down to a sadly crippled
Fact: DragonflyBSD, yet another offshoot of the beleaguered FreeBSD "project", is already collapsing under the weight of internal power struggles and in-fighting. "They haven't done a single decent release," notes Mark Baron, an industry watcher and columnist. "Their mailing lists read like an online version of a Jerry Springer episode, complete with food fights, swearing, name-calling, and chair-throwing." Netcraft reports that DragonflyBSD is run on exactly 0% of internet servers.
With these incontroverible facts staring (what's left of) the *BSD community in the face, they can only draw one conclusion: *BSD is dead and mummified.
I was talking with some of my colleagues in network security this morning about the OpenBSD exploit and means by which future exploits may be avoided. One suggestion which was raised was that the OpenBSD 'ports' system may be to blame. After all, if you need to add packages on a BSD system, 'ports' must be opened, and when ports are open on firewall boxes, bad things happen. Debian's apt-get system for example does not require 'ports' to work properly, and therefore may be immune from this type of exploit. Is this a possible solution? I look forward to hearing the community's responses!
It is known for a Long time that the www.openbsd.org web server runs on solaris. I have always doubted their excuse for the bandwidth from sunsite. Surley they could co-located a OpenBSD server at sunsite, Now I know the real reason. OpenBSD's Security features are mostly academic and NOT READY for primtime in mission critical use, even the OpenBSD developers themselves wont use it as their main OS!
OpenBSD is still concidered a hobby security OS in the Security Industry by many. Most Military grade security systems run on Windows 2000, and is the most secure certified operating system. Sure the Applications such as IIS can be exploitable, the the Windows 2000 kernel has never been comprimised remotley. Microsoft has even challenaged hackers 10 million dollars to exploit Windows 2000 Military Security Edition!
So for now, as a Security Specialst who Specializes Windows security, I will keep using Windows, and I will use this toy security system on my isolated testing network.
Nero-burning ROM for Linux!
I poop on you
Since there are legions of people recompiling their TCP stacks right now to crash your OpenBSD boxes, you may have to switch to Linux, since Linux has proven to be much more secure in a networked environment that OpenBSD.
Or you can wait... it seems likely a fix will come to -stable.
For those who dont want to set up a Linux kernel, I have written a small Windows application for it. Since the BSD Zealots didnt like the fact that windows 2000 cant be remotley crash and modded my parent down, I thought I'd write a program to shock them. It only took about 15 minutes to write because the exploit was so glaring silly. You willl need Windows NT/2000/XP, Services For UNIX and the .net framework to run this program.
Instructions
Download
Double click the icon
Enter the IP address of the BSD box you want to crash
Download by Clicking here
Nero-burning ROM for Linux!
A hole would imply gaining access.
No, A hole would imply our president.
No one uses motherfucking IPV6. IT IS A DEAD AND USELESS NERDY ASS FAG TECH. Until corp america moves over to ipv6(which will never happen), it will just be you fucking nerds playing with it and wasting your fucking time.
Sheesh. I enjoy browsing at -1 as much as the next guy, but if you're going to post at -1 at least make it formatted and concise. It's one thing to make a point at -1, it's another entirely just to spout what looks like white noise.
"Only one remote hole in the default install, in more than 7 years!" -openbsd.org
but a billion local holes in default install...
--- any post that takes longer than 20 seconds to write, isn't worth writing
Ever since switching to Apple OS X, I have had significantly less security vulnerabilities than when I used OpenBSD. On top of that, I have a way bigger selection of great applications, I have a GUI that BSD and Linux users can only dream about, and I am confident in the knowledge that I am protecting AMERICAN jobs and AMERICAN know how.
So was it a hole in the default install or not?
(I strongly suspect that the same person does Security PR for both Microsoft and OpenBSD.)
You Are Smoking Crack.
Not Flamebait. Presiment George Butch of the Untied Status of 'Merka IS an A-hole.
And he's a fuckwad too.
And, No. I'm not the original AC.
not news really, but I thought that you'd love to hear about it.
This message has been confirmed by Netcraft.
Crash the corpse and get some good Tux action happening on your machines.