Linuxense Break-in Challenge Over

← Back to Stories (view on slashdot.org)

Linuxense Break-in Challenge Over

Posted by timothy on Saturday March 19, 2005 @09:15AM from the aw-they-werent dept.

hot_Karls_bad_cavern writes "As previously mentioned on Slashdot, the Linuxense Break-In Challenge has ended and some results posted, including a torrent link to the packet capture dump. The great Linux guru winner: no one. After the 96 hours, the machine was still safe and sound. Distro on the target machine: Adamantix."

29 of 42 comments (clear)

Min score:

Reason:

Sort:

In this case i believe by A+beautiful+mind · 2005-03-19 09:25 · Score: 4, Interesting

the timeframe was too short to do anything high profile. In other words, the distro was more secure than it could be hacked in 96 hours. However, with servers online years, you have a much better situation from the attacker's viewpoint, even if your box is fully patched.

--
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
1. Re:In this case i believe by cfavader · 2005-03-19 09:47 · Score: 5, Insightful
  
  I fully agree.
  
  Apparently they expected people to whip out their magic wands of hax0ring skillz.
  
  Personally, I would have kept the server up until someone finally broke through (although for a lesser prize?) just out of curiosity.
2. Re:In this case i believe by mindstormpt · 2005-03-19 10:37 · Score: 1
  
  And, quoting from the FAQ
  
  This is how nmap would report if you run it against a server which is under (D)DoS attack (the Challenge server was overwhelmed by port scans, brute-force attacks, etc. most of the time).
  That makes it yet a little harder.
3. Re:In this case i believe by cgenman · 2005-03-19 12:53 · Score: 1
  
  I wonder if the point was to get a list of IP's to deny access to.
  
  However, it looks like the weakest link wasn't exploited. There were no regular clueless users onboard to steal passwords from. There were no janitors to impersonate or locks to pick. There were no unannounced maintenence men from DELL to swap in a new redundant RAID disk. It was all too clean.
  
  --
  The ______ Agenda
Coolest. Name. Ever. by datastalker · 2005-03-19 09:27 · Score: 1

Wolverine would be proud. :)

--
Find out about the Lexus Rx400h Hybrid!
Pffft by Anonymous Coward · 2005-03-19 09:34 · Score: 3, Insightful

Anyone capabile of breaking that machine isn't about to announce that little bit of information to the whole world.

Public security "tests" are useless (from a security standpoint) publicity shows.
Re:Another contest ... by KiloByte · 2005-03-19 09:47 · Score: 1

From the way their firewall is set up, I see a trivial DoS attack. After the first hundred or two of SYNs they completely drop all traffic coming from the source IP for quite a long time.

So, would anyone malicious with too much time on his hands want to give Netcraft a nice blackout on the Bad Guys? :p

But, I have an easier target for all you script kiddies out there. 127.0.0.1! Get this h4x0r3d!

--
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
interesting choice of distribution by cfavader · 2005-03-19 09:50 · Score: 2, Insightful

I must say I'm proud to see them distributing the packet dump via bittorrent. Every legit reason for p2p helps.
1. Re:interesting choice of distribution by bcmm · 2005-03-19 09:59 · Score: 1
  
  Yes.
  
  Try and explain the concept of a "packet dump" to the PHB and you'll get BT allowed at work/school/collage!
  
  This is legit, but hopelessly obscure as a pro-BT argument.
  
  --
  # cat /dev/mem | strings | grep -i llama
  Damn, my RAM is full of llamas.
2. Re:interesting choice of distribution by Punboy · 2005-03-19 10:21 · Score: 2, Funny
  
  Oh yes. RIAA: Mr. Johnson, you say you have a legitimate use for P2P software? Johnson: Yes. I use it to distribute packet captures to help people break into computers. RIAA: ...
  
  --
  If you like what I've said here, and want to read more, go to http://www.krillrblog.com
3. Re:interesting choice of distribution by cfavader · 2005-03-19 17:06 · Score: 1
  
  I think it was fairly obvious I meant it in the way of distributing information about contest entries and results in general..
Re:Another contest ... by bcmm · 2005-03-19 09:51 · Score: 1

Are you the same guy that told this joke on /. when the contest was announced?

--
# cat /dev/mem | strings | grep -i llama
Damn, my RAM is full of llamas.
Forkbomb... by bcmm · 2005-03-19 09:54 · Score: 2, Insightful

So, was this because it was down the whole time because of people trying to DOS it instead of taking control?

When they gave a user account, didn't the first person to log in change the account password?
And was it susceptable to forkbombing?

--
# cat /dev/mem | strings | grep -i llama
Damn, my RAM is full of llamas.
1. Re:Forkbomb... by gl4ss · 2005-03-19 10:11 · Score: 1
  
  then nobody would have been able to break in.
  
  and actually from the faq...
  "6. nmap returns ``connection refused''/``filtered''. Your [Challenge] server seems to be behind a firewall.
  There was no firewall. This is how nmap would report if you run it against a server which is under (D)DoS attack (the Challenge server was overwhelmed by port scans, brute-force attacks, etc. most of the time)."
  
  pretty stupid challange if it's so short that there won't be time in it to get to the server even.
  
  --
  world was created 5 seconds before this post as it is.
2. Re:Forkbomb... by RALE007 · 2005-03-19 10:45 · Score: 3, Insightful
  
  I was just about to post the same thing from the faq. This "challenge" proves little to nil considering their server wasn't capable of handling the network traffic. There's a million analogies that come to mind, but I think a good one would be a boxing match. Their victory is tantamount to a boxer claiming to be the heavyweight championship because nobody beat them in a fight, but the reason nobody beat them is that all the potential challengers were stuck in the doorway into the arena. It doesn't prove a victory, it proves the doors need to be bigger. Bringing that thought back around to this hack challenge, all that was proved is their hardware is insufficient for any moderately high traffic load. I don't think a victory dance is in order.
  
  --
  Beware blue cats moving at .99c
3. Re:Forkbomb... by infonography · 2005-03-19 19:41 · Score: 1
  
  That is where Solaris beats Linux. Out of the box SUN boxen can pump more IO then the best configured Linux boxen. Security aside, this was a PR stunt what was orchestrated from the start. x86 boxes can be overwhelmed at defined load level. Overwhelmed equals a win to this test. It puts it beyond the reach of anyone to crack unless they can get access before the Sheeple get there. Like in the first 5 minutes. Posting to Slashdot triggers a slashdot effect and gets you that result for 95:50 hours.
  Nothing to see here, move along you lookieloos.
  
  --
  Sorry about the writing. Robot fingers, you know? Cliff Steele in DOOM PATROL #23
I Got In!!! by Anonymous Coward · 2005-03-19 10:01 · Score: 2, Funny

Wow. That was easy. That guy has no security at all. I'm going to delete his network files and terminate his internet connection right now!

NO CARRIER
I hacked it! by Lally+Singh · 2005-03-19 10:24 · Score: 4, Funny

I didn't report it, just b/c I thought it was too little a feat to mention. Password: Joshua.

--
Care about electronic freedom? Consider donating to the EFF!
1. Re:I hacked it! by suso · 2005-03-24 02:41 · Score: 1
  
  testing what happens if you don't close a link.
Re:Another contest ... by takeya · 2005-03-19 11:45 · Score: 1, Interesting

why don't we do this with windows and see how it goes? assuming adamantix is just secure, and wasn't touched, i wonder how an untouched install of XP Pro SP2 would handle.

It would certainly speak volumes of security.
Re:Another contest ... by FooAtWFU · 2005-03-19 12:36 · Score: 1, Funny

You can hack me too! My IP address is:

127.0.0.1
Best of luck!

--
The World Wide Web is dying. Soon, we shall have only the Internet.
Re:People sux0rz by BrynM · 2005-03-19 14:00 · Score: 3, Funny

What happened to all those claims from Micro$oft that Linux is more unsafe than Windows?
For comparisson, I just put a XP box online. Let's see how long it tak... damn. Never mind.

--
US Democracy:The best person for the job (among These pre-selected choices...)
Re:People sux0rz by dauthur · 2005-03-19 14:06 · Score: 1

My record is one hour. Then again, I was TRYING to kill it. But still. One hour. You should've seen what I could('nt) do when it was... not... working right. Fun fun.
Next up by dtfinch · 2005-03-19 17:40 · Score: 1

Microsoft will invite us to hack Windows XP SP2, with all the default services enabled, such as the firewall.
I posted this 2 days ago... by akjacob · 2005-03-20 05:20 · Score: 2, Informative

...and got rejected.
Re:Another contest ... by Jewelry+Mall · 2005-03-20 06:51 · Score: 1

I think unpatched boxes of windows last about 30 seconds .. without a contest.
Re:Another contest ... by HyperChicken · 2005-03-20 07:49 · Score: 1

Windows XP came out in about 2000/2001, as did Red Hat 7.0. Put them both up on a network, unpatched and unfirewalled, and both will get hacked quickly. OS has nothing to do with it; It's all about the patch level.

Now go back to the bridge you crawled out from under, you troll!!!

--
Free of Flash! Free of Flash!
Contest over? by cuteseal · 2005-03-20 12:07 · Score: 1

Ok everyone, get back to hacking into the FBI intranet... :D

--
The friendliest digital photography forums on the net!
Re:Another contest ... by freak4u · 2005-03-21 07:08 · Score: 1

Isn't there a site on the net that does just that? Sets up a default box and sees how long it takes to hack it. Windows was under 4 hours, there were some linux boxes running for months before anything happened to them.