Slashdot Mirror
World's Smallest Web Server
NYC writes "
Definitely check out this site. The web site is running of a computer measuring 2.7" by
1.7" by .25" for a volume of about a cubic inch.
The processor is an AMD 486-SX with 16MB of RAM running RedHat 5.2.
Super Cool." Update: 01/25 01:12 by CT : Didn't take long: It got cracked and
taken down a few hours ago.
Check out JK Micro's FlashTCP Embedded Web Server . Remember that these things are designed to simply feed monitoring info up onto the net; they're not designed to be computing powerhouses...
Give it an 5x86-133 and a nice little heatsink? :)
Brian Fundakowski Feldman
So if it gets slashdotted, will it burst into flames?
This can't be good.. LINK
"A trivial degree of mischief was performed before the emulation was rendered unavailable to subsequent attackers due to institution of a root password."
/proc/kmem ...
...
Hah hah, your stupid story would've been semi-believable until I read this.
It wasn't because of a root password, it was because of a certain fun command involving
10 points for trying, anyway. Okay, make that 8, no 7
; -- the corruption of government starts with its secrets. a truly free people keep no secrets. --
Dude, those are low-end 486s. It would take at least five of them just to equal a single pentium... Not a very cost-effective beowulf.
...phil
"For a list of the ways which technology has failed to improve our quality of life, press 3."
Is that a porno website in your pocket or are you just happy to see me?
VENI! VIDI! VICI!
A AMD 486 SX chip? Sounds like it wouldn't have enough power to play MP3s... or would it?
How does this compare to PC104 hardware in terms of power consumption? Cost?
Posted by neuralfraud:
Damn straight. Its very upsetting to know people actually pride themselves on ruining someone elses computer, for no reason. and people who take the time to make kernel exploits, you can all rot! people think they're so el33t if they can make your box crash, its not elite, its destructive, and its a disgrace to the linux community! linux is ragged on for its lack of security because people like that.
so, is there a mirror of this page anywhere? =)
Hmm. An embedded PC running linux is the best we can do for a tiny web server. I don't think so.
How about a Motorola ColdFire(or 68360 or MPC82x) hooked up to an SMSC LAN91C96 ethernet chip and say 32MB of SDRAM. Total system cost $75 approx.
CPU is much much more powerful and wouldn't be saddled with a lame OS(for the job) like linux. A far better system to use would be RTEMS-4.0.0 with a nice select() based web server like thttpd. And there'd be plenty of power left to do something useful like run a control system.
Sounds like a pipe dream? Well I've got most of it already... just need to build a custom PCB.
The guy's at NetBurner(http://www.netburner.com) have it already.
http://www.cellcomputing.com/ These beauties come in up to P233MMX. Of course, the faster ones have a lot higher power consumption.
-- Too lazy to get a lower UID.
[~]:--telnet wearables.stanford.edu
Trying 171.64.78.242...
Connected to wearables.stanford.edu.
Escape character is '^]'.
Red Hat Linux release 5.2 (Apollo)
Kernel 2.0.36 on an i486
login: root
Password:
[root@wearables]$ ls
bin etc home mnt tmp var
boot files lib proc u vmlinuz
dev hdb2 lost+found sbin usr
[root@wearables]$ w
6:01pm up 14:40, 11 users, load average: 0.98, 1.85, 7.59
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
pratt ttyp0 Coraki.Stanford. 3:21am 7:52m 0.00s ? -
pratt ttyp1 Coraki.Stanford. 11:16am 6:39m 0.00s ? -
root ttyp2 ms01-31.vcr.ista 5:57pm 0.00s 0.00s ? -
root ttyp5 ip173.jackson3.m 5:58pm 5.00s 0.00s ? -
root ttyp3 x5-11.reshalls.u 6:00pm 9.00s 0.00s ? -
root ttyp6 209.67.232.125 6:00pm 1.00s 0.00s ? -
root ttyp4 ppp11-5.ftwotx.o 6:00pm 11.00s 0.00s ? -
root ttyp7 209.67.232.125 6:00pm 5.00s 0.00s ? -
root ttyp9 isdn1.arcon-inc. 6:00pm 1.00s 0.00s ? -
root ttypa xxxxxxxxx.xxxx.x 6:00pm 1.00s 0.00s ? -
root ttyp8 chernobyl.bitstr 6:00pm 6.00s 0.00s ? -
If anyone has a copy of the original Web page and related .gifs (e.g., in a cache), please e-mail the set to me (or ftp into my /incoming directory), so I can mirror it on http://linuxmafia.com/. The pictures and description are just too priceless to vanish from public view. Thanks.
Rick Moenrick@hugin.imat.com
Mein Gott! The latency on PLIP would CRUSH a cluster of these things. Besides, Beowulf is a listing of specs that these little dippies certainly don't meet.
--
--
I noticed
It's getting about time to leave everywhere
Nah, it won't crash.
Of course, they will need to replace the broken Perl that comes with 5.2....
--
--
I noticed
It's getting about time to leave everywhere
What would be the point really? What would it cost for a 10 system cluster? About $10,000 or so dollars according to prices I have seen posted here. Geez, just buy a Dual PII 450MHz and be done with it...
That was a great story. What does "-boupo2384" mean, though?
Yes, but I can't very well spell it with an SX.
Ahh - My eye!
The doctor said I'm not supposed to get Slashdot in it!
It would be cool to get a whole rack of these little things, say 20 or so per 18 inch rack? Who knows, maybe more.. You could buy them by the stack, and have a single jack for the network card that would connect all of them. I'm still itching to play with the rack mount sidewinders and cobalt servers.
--
-- Knowledge shared is power lost. -- Aleister Crowley
Why are they using a small Red Hat installation. There is this cool thing called PicoBSD for shit like this? No need to reinvent the wheel. PicoBSD is even tuned for the small processor, small memory, diskless configuration.
Read the page some time. The owner of the machine didn't care if people logged in. He purposely left root wide open so that people could explore. He however didn't expect the slashdot effect. Apparently somebody worried about the machine shut it down so that others wouldn't cause harm via root (the somebody was a person who had noticed root was wide open, not the authors) Since the hard drive exists in a flash ROM restore was very simple.
This is pretty cool though, it may not be useful as an industrial strength web server but its still a really impressive hack of available technology. There are a lot of applications where it could be perfectly suited though. Hook up a bank of CCD cameras to one, write some simple code to serve the frames up as a web page and voila, instant security system.
I dont understand this. Most 486 is not enough, X11AMP uses about 20% CPU on my p100 and 0.4% on my Celeron 300A. But it cant be 50 times faster, can it? (the bogomips dont think so either)
when you install redhat it MAKES you set a root PW...and it also sets it up so u cant telnet in and log in as root.
I have to return some videotapes...
Oh, the possibilities!
.. "I'm playing with my SCSI Ultra Wide!"
- You've heard of "Internet in a BOX"? Try THIS!
- "What are you doing?"
- I got all the fsck I need, right here in my pants!
..oh dear..
As of 6 pm PST, someone had gotten on there and changed the page,
basically saying they didn't set a pw for root.
Wow, this sure reinforces their credentials.
Adam "Fogie" Fogler -- Professional Paid College Student
... but check your grammar next time...
further investigation and prosecution of the individuals concerned will handled in conjunction with the FBI.
... and stop watching those eighties flics.
contacted as possible recruits for the NISC Task Force currently being assembled.
Do you have a
...or something. It's down.
I think there is a world market for maybe five personal web logs.
what was served by bringing it down? the guy had something nifty and he wanted to let the world see it. fine, he apparently left it wide open, *must* people go in?
every time i get into my car, open the door to my house, or all the other key/pin/card requiring thing i do in life i resent it. i resent that the assholes of the world require me to carry around a little piece of useless metal. that i need to bend over backwards to have the p.o. deliver a package rather then just open my door, and leave it inside. that i can't just lend my friend my car when i'm not around to give them the keys.
right now we use technology, from locks to crypto, to protect ourselves from our own lack of respect of each other.
US Citizen living abroad? Register to vote!
In essence, I agree. People need to respect the property of another.
Unfortunately, this isn't a realistic expectation. There's ALWAYS going to be people going where they're not "supposed to go."
About the most responsible thing that can and should be done if such an instance is discovered is to log in, initiate a shutdown of the server and fire off an e-mail to the domain holders/server admin address.
Yes, this IS a form of vandalism. But what would you rather have?
Oh well. Hopefully these guys get their software-side shit together. Their hardware-side stuff is pretty killer.
Chas - The one, the only.
THANK GOD!!!
Chas - The one, the only.
THANK GOD!!!
This is just SO good for a website's credibility. Invite the whole friggin' world in, and (apparently) not even set a root password.
Get off my lawn.
If only this thing have good video card
and ethernet, I could hide it inside case
of my monitor and have an X-terminal.
Just plug mouse and keyboard into monitor
and attach it to your server with ethernet
cable and you have one more workplace.
16Mb 486 is quite enough for X-terminal,
I'm currently have one with 12.
And lot of desk space saved.
Hide another one inside printer and you have
print-server.
Yet another in external modem to serve as
router.
Voila - no more hell of cables -all the perepherials are connected directly to your local
net. (Including scanners with sane-net)
Of course $419 is too much for thing to be
embedded into each and every piece of hardware.
But, I hope that if this thing would be produced
in millions, it would be comparable to match box
in price too.
Already 2630 hits and still quitte fast ....
Very cool!
*(Another peace of cloth removed from this man
The little bastard just survived hits
from 2600 to 2900 in one minute.
*(Another peace of cloth removed from this man
I can't wait to check it back tomorrow. :)
Maybe it'll have 10000 hits by than. Let's
go to bed. Sleep well all you nasty geeks
*(Another peace of cloth removed from this man
What'll happen when the
btw- to the above-poster - grow up.
--
What the hell were they thinking?
Can't telnet, cant ping, the little guy must be tuckered out. Next time, buy a door. Not just the lock.
Does it even exist? =[ There goes my day.
This is pretty cool. Is an AMD processor the smallest one they could get, or were they just using inexpensive parts?
...to run 'shutdown -h now'
Actually I bet we'll find that those sturdy russian matches are the size of 2 by 4's
I've finally had it: until slashdot gets article moderation, I am not coming back.
But next time remember, less is more ;-)
DrDev
Cool, CmdrTaco posted my story. Early today I was visitor #78. After /. it is now up to 1255 and still going strong.
Sorry to the Standford guys since I posted the story to Slashdot.
--weenie NT4 user: bite me!
"Computers are nothing but a perfect illusion of order" -- Iggy Pop
"To attract subjects, a web page purporting to be hosted by a miniature computer was posted on the web and the address submitted to Slashdot, a known hacker web site."
/., not some FBI Task Force. I first learned about the web server from a mailing list discussing Future Computing Environments (I forgot who posted it).
This is bull. I submitted the story to
--weenie NT4 user: bite me!
"Computers are nothing but a perfect illusion of order" -- Iggy Pop
If you take a look at the size specs again, you'd realize that this little puppy is less than half the size. Of course, that isn't including a display or power supply. The real item of interest is that it is essentially a tiny AT-style motherboard, unlike the Pilot, which is a strange little beast to most x86 programmers.
;)
Come call us when you get linux running on your pilot.
I can see it now... shoebox.com.
Jay (=
but it still works... though i'm on the same subnet...
<^>_<(ô ô)>_<^>
How many jerks will log in before they shut it down behind a password... I wonder.
<^>_<(ô ô)>_<^>
you are talking about? Downfall? Does it matter what system they were using?
MS systems are plaqued by THOUSAND of viruses and vulnerabilities. How did you like "Russian New Year" Is it MS downfall? They did not seem to even notice.
sheesh..
<^>_<(ô ô)>_<^>
and says it is not good...
<^>_<(ô ô)>_<^>
and working fast.
<^>_<(ô ô)>_<^>
Stanford University Whois Service
o ry/whois/whois.faq.html
Do "whois help" for general info. Do "whois update" for entry update info.
For answers to frequently asked questions, see the Web page at URL
http://www.stanford.edu/group/networking/direct
name: wearables
node-type: Host
cpu: pc 486
op-sys: Linux (Redhat 5.2)
department: Computer Science
organization: Theory
building: Gates Computer Science Building
user: Vaughan
protocol: IP
net-software: Built-in
interface:
ip-number: 171.64.78.242
active: YES
use-bootp: YES
administrator:
1) name: Action
e-mail: action@theory
phone: 51451
2) name: Vaughan Pratt
e-mail: pratt@cs
phone: 3-2943
title: Professor
updated-by: me
date-updated: Jan 23 1999 10:42AM
<^>_<(ô ô)>_<^>
I remember it. It was long time ago, but I definitely remember this particular design. ;(
Funny.
I workedfor some time as coach in local school club - bodybuilding and boxing. Stupid Moscow 15-17 year old kids who consumed ungodly amount of various steroid shit - could not make'em stop - probably now can not even walk straight, say nothing about having a hard on.
<^>_<(ô ô)>_<^>
..bodybuilding was prohibited sport in good old SSSR.
<^>_<(ô ô)>_<^>
You shouldn't post those things on /. anymore - can you imagine how big of a load the little pecker is having right now? I suppose the cubic inch is now so overwhelmed and will need a total repair... :))
:)))
In a way that might be an interesting issue - how does a "slashdotting" of a server like that effects its productivity
We seem to have /.'ed the counter on the web page to death.....
When you leave a security hole big enough for the titanic to sail through, you should expect this stuff. It's like leaving your car unlocked, all the doors open, with the keys in the ignition. STUPID!
I thought Stanford kids were supposed to be brighter than this. Maybe this was good field experience for their computer security 200 class.
You can telnet into the darned thing, no root
password.
Does it have a CDRom drive?
(For those 2" CDs I have)
Just follow the link on the page to www.jumptec.de, then go to the components link at the top of the page and select Price List... After a couple other links you will find the data sheet with price list: 599.- DM (the manufacturer is in Germany) for one board.
This thread was really cool reading. I'm ROTFL from all the postings. I think all the hackers/anti-hackers should get a good geek laugh. Perhaps /. should start it's own talk show.
"Minature PC's, and the guys who love them"
-wilkinsm
It would be really cool if they could slip a dx4/133 in there and a dsp, then you could have a tiny little mp3 player. Sure the rio is probally smaller, but IMHO this would be infinitely cooler.
-matt
Are we trying to push the micro server to it's limit?
Vidi, Vici, Veni
NT wont run on just so little ram, let alone reside on 16 meg of rom, let alone run on those parameters, and still run on a 486. If you have ever tried to run NT on a 486, you would quickly come to realize how slow and inefficient NT is.
-Master Switch, one more element in the machine
I can get mp3's playing mono at half sample rate, sounds fine to me and I still have about 20% of my cycles to do other things.
486dx2 66MHz
That was the main impetus for my switch to Debian from windows two years ago.
I hope it wasn't used as a gateway to further malfeasance; no doubt this was reconnoitered by the root platoon.
Poor schmucks . . . lab sacked on the lord's day.
This was not 'nifty', it was not secure.
This whining along the line of "It never even occurs to me to telnet a host to logon as root because I'm such a benign guy/gal" is the most disturbing if these posts are being made by IT types. I hope I never have to enjoy the consequences of working with you. Here's an observation from my experiences-- equal opportunity laws don't really apply to systems and database admins. No one wants a finger-pointing idealist, optimist, or person of deep religious conviction in charge of systems (which extends to system/data integrity above all else). If this host was owned by actual Stanford CS students, they should consider it a tuition-free but priceless lesson.
Recently, I logged on with admin priv. to an engineering employees' NT box in order to update a driver a modify the swapfile. I immediately heard some lovely curses and my name called from the cubicle ajoining this workstation . . . very busy visualizer/drafter with a NT blue screen kernal crash. AGP cards were new on the market, his glide.dll thumped him, etc. In the time it took for two boots and a resoltion (seven minutes tops), the first employee had run a wildcard search for documents containing any part of her name and turned up plenty including a disciplinary recommend which she stashed away before meeting my return with a smile. It was, two hours later, emailed with annotations and grammery corrections about the company. I came forward and owned up immediately. That and NOT AN MITIGATION/EXPLANATION OF CIRCUMSTANCE saved my job. The employee was not disciplined. I had, in effect, delivered privledged company information to vendetta. I WAS THE ASSHOLE.
It's not the size of the wave, it's the motion of the ocean. Gotta say though, I think slash dot has brough this little guy to it's knees I can't hit it worth a damn.
This thing is based on an AMD Elan SC400...
these are also available in a 100MHz version,
drop-in compatible (err, solder-in...)
Additionally, the 66MHz version can be overclocked
by setting some bits in an internal register; it'll do 100MHz, but it might not be reliable.
The whole CPU uses a single 32KHz crystal; all
operating clocks are created by internal PLLs.
It's really a nice chip; more or less an AT-
motherboard on a single BGA device.
It has a flash disk on board. It has 16MB of storage.