Slashdot Mirror
Script Kiddy HOWTO
Dan Cyr sent us a link to the
Script Kiddy HOWTO
which is actually quite amusing, and quite satirical about
its subject matter. As far as HOWTOs go, I don't think
you'll find it very useful.
← Back to Stories (view on slashdot.org)
I don't think that it was all that bad. It was just supposed to be a flame against script kiddies, right? Therefore, it couldn't be that long or complicated, or they wouldn't be able to hold their short attention spans to it, before they would go back to their pr0n and mp3s.
how about linux on a TI-83?
P.S. is there any way i can increase my memory through a bigger chip or something?
heheh its good though. they jsut need to improve it a lil.
and besides my virgin.HOWTO is bettah! http://members.xoom.com/SanityImp/
Fire up bitchx and log into effnet #linux. Incant the magic words: "S0M30N3 pLz DCC M3 GCC!!!!!!!!"
That should fix you right up.
And it doesn't have the huge influx of little-people that Linux has.
... because it's true.
The best way to bust a script kiddie, is to know how they think. Script kiddies have little knowledge of operating systems. Where do they get their stuff? www.rootshell.com, www.insecure.org, www.geek-girl.com/bugtraq, etc... Go there, read the exploits affecting your system, and patch them up before someone takes advantage of them. Install security programs like tripwire and nmap. Then use the exploits you found and run them on your system to see if you're vulnerable. Prevention is the best cure.
Oh yeah? Well, in my day we had cases made from rabbit skin, and we had to provide power for the machine by pedaling on an generator!
And then we'd get up from there and walk 19 miles uphill, in the snow, to school, where we were beaten mercilessly for 8 hours. We then had to walk 19 miles, barefoot, bleeding, in the snow, home!
(posting as AC because I am paranoid)
/..
I have been adminning here for about 2 years. Never had a single incident. We, too, are a small company (but we have a backup tape!!!). We have a web page but only get about 1k hits a month. I participate on-and-off here on
Anyway, in the past few weeks, we are continually hammered by kiddies. I want to thank them; I was getting lazy and impatient waiting for my vacation so I left a few holes open...
Anyway, we are getting hit. Catch them by using a decent syslog conf, tripwire, Satan scans, lots of hard work, and *hours* on the phone and email to their ISP. Expect to the most non-technical people ever. Plan on serious heartache as your calls go unanswered.
Most importantly, if you can't afford a tape backup, you will have to spend time 1)securing your box agressively and 2)rebuilding destroyed stuff. Sell some plasma, pawn your cat, stop your subscription to Wired, do whatever, just get something - a used Zip drive, anything - to back up critical files on. You can't have a business without them.
But I digress; long story short, its as much work to get them as it is to secure yourself.
And that sucks, I'm a kiddy too damnit, but no script kiddy, I HATE scripts (especially Perl, but that's another matter). But I know script kiddies, people in my class who are proud of their mailbombers.. But they still have social lifes. So us hackers are supposed to work all day/night for a bunch of kids to screw it up, get laid and get famous? WHY?! I'm serious, this is no joke post, you never thought about this? I'm seventeen, and coding C on friday night for FREE (as in free beer ;) and software ).. well, money means shit to me so that's not the problem. BUT, my^H^H OUR work shouldn't have to take the abuse it gets now.
People! I have found a new girlfriend, she is called: "Security through obscurity!". From FSF to NSA, that's about how I feel right now. I wish I worked at Menwith Hill, or better yet, I wish I was just another script kiddy.
Uhh. No. NT has a lot of shares with stupid default passwords running when it is installed.
Its very easy to gain write access to a NT box.
Hint: nat xxx.xxx.xxx.xxx
That will gain read/write to a NT default install.
It's okay, you're still lame
There are even better pages, but in French, at this place: http://www.multimania.com/azerty0/tdc.ht ml "You too become a real Cyber-Asshole". I don't know if it has been translated (but it really worth it :-).
Ummm. A cheapo IDE tape drive is probably under $150. Colocation is usually a few hundred dollars a month. Why not just buy a tape drive? Why not buy a CD-R and make an image of the system after install? You certainly don't deserve to be hacked but you need to take more precautions. Lax security on your part is just as much a part of the problem as the script kiddie cracking your system. Why does every service have to be available to everyone BTW? You should par it down to only the sites that your customers need to access it from for things like telnet and ftp and ssh!
Your satirical howto was funny, but you are a proven dufus. "Proven?" Yeah, by the way you present yourself.
Grow up and ramble less. Criticism and analysis of the content of your _parody_ shouldn't be taken personally, doof.
No.. lesbian trapped in mens body.. see Segfault.
If you liked this one, you should find and read
BEINGFOOL-HOWNOTTO, by WWWWolf, AKA Urpo Lankinen. It's rec.games.roguelike.nethack-centric (due to the large number of utterly clueless W4r3Z D00D and script kiddy posts r.g.r.n gets purely due to having 'hack' in the name), but it's pretty good all the same, and a bit more serious in style than this one.
I D1DN'T KN0\/\/ WH4T TH3 5CR1PT T00LZ W3R3 T1L I R34D THiZ 31337 4RT1CL3. TH4NX LuZ3Rz!!!!1!!|!!!
NT is an attractive nuisance. It's just that nobody has realized it yet, given all the folderol about BackOrifice, Melissa and the more abstruse 3xp101tz on Unix and Linux lately.
... then I nuked all those passwords and went with as strong as possible :)
NT ships in what I would call Absolutely Promiscuous mode. Let's take the tour:
(1) default account configuration; hmm, let's have fun with GUEST and ADMINISTRATOR, by the way, most NT admins don't seem to realize that the fact neither of these can be eliminated, and ADMINISTRATOR can only be renamed, is a pretty big problem
(2) the amazingly clumsy NT security model as implemented under Windows; NT itself isn't so bad, it's the crappy GUI tools those fun-loving Redmond kids foist on us (here's a Mortal Sin: Windows Explorer); sure you can use cacls but how many people even know it exists?!; if you read the NSA paper on NT security it recommends about 500 ACL changes on a standard system (and that's even before addressing application-specific issues) -- how is it remotely possible to manage such a mess over time?
(3) gaping password security holes (I cracked pretty decent dictionary passwords in 7 SECONDS and more complex mixed-case ones from my own system in about an hour using l0phtcrack
(4) share-level exploits; did you know that Samba can be used very effectively as an attack machine on a remote NT system?
(5) the lack of even brain-dead tools for monitoring traffic and portscans; sure there are lots of tools out on the net, but how many NT admins venture out beyond the safe confines of winntmag.com?? it turns out that the best way to run something like tcp wrappers for NT is . . . run tcp wrappers on a firewall in front of NT
(6) Just as many potential exploits were identified in Usenix papers and other research from the mid-1980s to early 1990s, but only began showing up as actual attacks years later, technical papers on NT vulnerabilities are showing now where future attacks may come; not all of these will pan out of course, but Word to the Wise; for example, recent speculation about use of the reserved memory areas for the POSIX and OS/2 subsystems in NT pose some interesting opportunities.
(7) W2K. Sorry, I'm not going there with you.
NT is a very nice desktop system; it saved me from ever using Win 95/98 in my own shop and has proven to be reasonably stable in doing my database and other projects. I even think it's a big improvement over Netware for departmental serving. But as a box to do Web serving or gateway departmental computing to the net? Nein danke.
-------
phred
(rob will you PLEEZE fix the password lookups here?!)
-------
i thought i wood point out you're perfect punctuation and grammer two, since you are showing off your genius.
Are you formerly gay too?
There is a lot of things that you can do to clobber one if you have plenty of time. I personally have used traps, retrobution strikes and tracing down his backdoors in other systems. One poor guy lost at least 50 hacked sites one afternoon after he pissed me off. (Suggestion to BlH don't pass your passwords arround to friends, they aren't as careful about being detected as you.)
Tracing is by far the easiest and most useful techhinque. If they are an IRC haxor they will always leave you a bot code and a config script. Here is an example...
Here is a irc config record. From this we can extract that they have a daemon running on 118.95.80.38 on port 10097. You can confirm this by telnetting to that system on that port.Assuming that you have lots of time to spend, grep out all of the broken machine records and verify which are active. Mail all those machines both the postmaster of that machine and then registered controller for that domain. Expect to get lots of calls as there are a lot of clueless admins who won't believe their system is broken til you tell them exactly what it is. You should continue mailing them til the ports are deactivated or the system admin proves too clueless to deal with.
Now if you are real mean you go to the irc places where the haxor has been hanging out and look up all of the aliases that they used. Note the machines that those aliases are coming from and port scan them for more port daemons. Most script kiddies use the same port of many machines so your can quickly tell if it is another occurance of your haxor or just someone using his name. Continue this process until you run out of leads on him. This will make the haxors life very unpleasant as he will believe the entire universe is getting clued in to him.
If you are even meaner, you convence all the sysadmins at the other sites you get ahold of to send the configuration records of the haxor back to you. This will give you more leads and thus keep you going for longer. (I worked one guy for a month after he planted a sniffer in my network and came back a few times.) Eventually you end up trying to talk to some liberal arts professor in Italy who has a web server on his desk and then you know that you have taken it far enough.
Also use your login in records and find the sites that he came in from. A good way to have plenty of records to work with even if they try to trash the machine is to have the machine copy its records off to a secure place (2nd less exposed machine) on a regular basis. You should be able to knock him off his ISP if they are a responsible provider.
Then there is a whole art of laying down traps for the haxor so that you can extract more info to make your job easier. This can be as simple as adding identd and increasing the recording levels with the records going to non-standard places.
My favorite is retrobution strikes. That is where you place a script to watch your logs. When you see some script kiddy running an exploit against your system, you hit him with all of your favorite denial of service attacks. The poor haxor's machine with suddenly be flooded (especially when they are trying to take on my T3.)
But that is enough for now. Good luck!
Haxor-Killer
Or more importantly, what's your beef with perl..:)
fdisk c: That is funny...
Good Afternoon my name is Bill, Thank-you for calling Microsoft Support.
Fdisk and Format.
Once again my name is Bill and thank-you for calling Microsoft.
But rambling and ranting is just so fun.
With all due respect...even if you did write your little script-kiddie piece, which I very much doubt...
Anyone who uses the word "gay" as a generic derogatory adjective has little right to be telling others about "maturity" or "open-mindedness."
Sure they do.
Hell, I've still got the spade marks....
Nick
On a TI? Just buy an HP.
Maybe you can convince your employer to install OpenBSD-- both truly secure AND obscure (well, for SKs).
So you're comparing the most recent Red Hat release with an NT release of two years ago. Oh yeah, that's fair.
If you're going to bother to compare, use SP4.
kinda funny man..where have you been
any good server adming keeps his ass in gear and should know about the skripts before the kids do. and even so, there are countless measures that can be taken to prevent such attacks. TCP wrappers are a very quick and dirty way to do things. you could run COPS, SATAN or whatever exploit detection program you can find. keep watch on CERT, stay up to date on the latest patches for ALL your software, not just the OS, and if you have to, get a dam book on linux so you know the RIGHT way to use and NOT use inetd. (not using it at all would be best...)
but ultimately, it's the coders of the software who you should all be bitching about, not the people who crack it or exploit it. if a bug exists, it's going to be found and it's going to be exploited. period. the only REAL solution to skript kiddies and all their retard ways is to write secure programs from the get go. if that means coding in something other than C/C++ (which is ALWAYS a monster when it comes to proper memory management and such) then so be it. and if you're running any daemons or suid programs in perl... then it's your own dam fault to being with. who the hell would trust an interpeted language to begin with. now you've got TWO areas to exploit. the script, AND the language interpeter.
just god help us all when we're running server apps off java.
I've had the unfortunate pleasure of spending time online with the author of the HOWTO, both of us regulars in an efnet channel. He and a buddy suddenly appeared one day in full script kiddy mode, sweeping all hosts in the heavily Linux based channel for exploitable services. They "0wn3d" many unsecured boxes.
What a joy it is to try helping a newbie with software questions while some clown has rooted the box and is saying, "ooooh, you have a lot of partitions."
We bitched at him, tried banning him (try banning someone who can come from any host he has rooted), and even managed to get his ISP to nuke his account. He visited the channel a number of times afterwards, once claiming he haddgiven up his script kiddy ways and literally begging for help in finding a job because he was being thrown out of his house and the most recent time asking for help with an exploit script he was allegedly preparing for someone else.
Unfortunately, home Linux users generally are not experienced sysadmins and pay no attention to system security. Their systems are easily 0wn3d through services they probably don't even know about or use (like imapd and nfsd), services their Linux distributions setup.
This "HOWTO" brings up bitter memories.
actaully the kid who wrote this is just an ex-loser-skript-kiddy.. ;]
:/ hehe
not a hardup admin..
-- DrLazyAssHamstuh..
its late.. im tew lazy to fetch my strange ass password
out of my nsmail dir..
So he is one too, eh? How many of you are about to be "owned" ??
I tried the shit like they say in the HOWTO and i can't even get imapexploit.c to compile. gcc says "Segmentation fault". :(
/join #linuxwarez to brag about my l33t sk1llz. But I think they ban me or something because then my IRC freeze up and I can't type no more. :(((
So then I figured "so waht?" I don't have any elite r00t shellz, but I can just lie about taht part. So I startup BitchX and
I think this HOWTO really needs some more work before it's useful at all.
-/- pHEAR tHE pENGUIN -/-
for satisfaction?
Wrong.
I was once a script kiddie, and i tried all variants of linux, freebsd and openbsd.
I will admit to compiling and running public scripts to get into servers running more expensive software for my own research.
find / -perm 4000 -print | xargs chmod -s
S1KY00R1TY W1LL NEVUR KONCUHRN U AGAIN
The ease with which you can send BackOrifice or the NT equivalent of that to a Windows machine behind what may look like a secure network and then use that information to take down the "secure" NT server is giant.
The insecurity of 98 and NT clients against these Trojan Horse attacks means that NT networks are inherently un-secure. How many NT networks prevent the use of attached executables in mail: the easiest way to get take down a windows client behind even the toughest firewall. Every user on 98 is admin and most NT client setups have every local user with near admin abilities.
go to any high school or college and you will hear people who do stupid things and/or complete ...jerks... being called "gay"
...jerk...
example:
"Hey man, I just went n got drunk off my a$$ last night!"
"Uhhh...that was pretty gay"
it's just the common lingo so don't jump all over him for that
he's 16 so he is obviously around this crowed as am I.
People use slang all the time and to say someone is a "script kiddie" just because he says "gay" shows that you are a
I think most of the people who have insulted DrHamstuh are jumping to conclusions
lighten up a little people
it's obvious he's against hackers and to me, that means he's got to have some maturity
I agree... glFTPd seems to be a really nice server, security, speed caps, everything.
The only thing that worries me is is that glFTPd isnt GPLed, but then so far gl (GrayLine) is such a fine dude that its not too much relevant and most of us trust him..
To quote the geekcode P---:
Perl combines the power of sh, the clarity of sed, and the performance of awk with the simplicity of C. It should be banned.
I love guys who can code :p
Linux/fbsd guys turn me on too...lol
trying to get my b/f to learn linux but he's too much into his mac
oh well...
faith
Rules #1 and #2 are a little impractical. Most of these crackers are pretty clueless, they could come from anywhere and they have no special interest in your system.
I once found a couple of crackers on a Unix box, listened in on their IRC conversations, saved every trace I could find, then reinstalled the system and went back to work. It takes legal expertise and seas of unpaid overtime to deal with these cases properly.
Besides, why waste my time on 1 or 2 crackers when there are 10,000 others like them? It isn't worthwhile.
Rule #3 is the crucial one. Back up data on floppy disk if necessary. Make sure the system is easy to reinstall.
Question: If I just install Linux (for argument's sake let's say RedHat 5.2) and do nothing else in the way of configuration; then install NT Server and do nothing else to it, if I am totally clueless about security, then which one of these machines is more likely to get cracked?
My employer will never let me install Linux on one of our servers. He knows I do not have time to be a real sysadmin and he is convinced that NT is more secure right out of the box.
Is he right?
Would this guy's system have been cracked if he'd been running NT?
Why is this needed?
I thought it was pretty funny. Remember : it's a parody, the poor formatting is merely part of that parody.
I have yet to see a script kiddie who has linux installed on his(her) system.
Most have 95.
Because they're parents wont let them install *nix.
Others apparently do... Oh, now I understand, why RMS wants it to be called GNU/Linux -- to impress script kiddies!
Contrary to the popular belief, there indeed is no God.
I already had trouble getting through, so here's a mirror:
/script-kiddie.txt
http://www.urbanophile.com/arenn
So why are you assuming that the only way to get a root shell on more than one box is to be a script kiddie? Some of us administrate more than one box. I'm in the 20+ category, myself, and they're all legit...
Hmm... I've been meaning to update my resume... :)
Another little trick I like to do is to use chattr to make all the system log files append only (+a) on the filesystem level (at least with linux's ext2 partitions). A script kiddie can rm or edit them all he wants but they will not alter, just get appended to. Of course this will mess up log rotation a bit, so you will have to modifiy the rotation scripts so they modify the attributes before rotation and reset them afterwards. An addendum to this is to remove or rename lsattr and chattr to something else, this wont stop them ftping in a new copy if they do know what they are for but it will slow down the script kiddies which is the whole point.
If you didn't make backups in some form, if not even on your local computer, you deserved it....
Oh, thanks for your compelling insight. I guess I'll just take myself to court :P
Todd
Every 45 seconds, another arrest for Linux. 695000 last year. It's time for a change.
Posted by TRF:
:(
We had been running RedHat 4.2 but we have removed the server since I was in the middle of building the new server at the time anyway. The new one will be running RedHat 5.2 when the hard drives arrive.
I fortunately have a backup of my code (minus about 60 hours of work.) But no one else backed theirs up at all
Todd
Every 45 seconds, another arrest for Linux. 695000 last year. It's time for a change.
You have to have backups, even it it's just copying the files to another drive or to another computer on the network. You have
to use hosts.allow/hosts.deny, and you have to turn everything off you're not using - Red Hat is especially liberal with inetd by
default. Bare minimum, or you will get cracked sooner or later if you on a leased line.
It's unfortunate that we need to have so many things running, but we do. And the server has to be accessible to everyone. Since the machine is colocated at an ISP we're going to see if we can pay them to back it up to a tape drive on one of their servers. Unfortunately I think this will probably double what we are paying. Yes, it's our fault that we didn't invest the money for backups but the script kiddie still deserves to pay if we can catch him!
Todd
Every 45 seconds, another arrest for Linux. 695000 last year. It's time for a change.
Posted by Josefine K.:
Oh puh-leeze, boys. Have none of you ever ventured into an industrial night club? You FOOLS!
My best pick-up line is , "pardon me, are you a scientist?"
Course, it took months of lovelorn glances and flashing programming books around to catch the eye of my true love.
Posted by TRF:
/"
I need a howto on busting script kiddies. A script kiddie breaks into our server with the wu-ftp exploit, and sets up an irc bot. We immediately patch the holes and delete his bot (after making a copy of all the bot's config files.) It's too late though because the malicious little bastard has already set up a back door and he logs in as root and does "rm -rf
Well, I know the channel where he keeps his bots on IRC, but that's all I know about him. How do we locate him though? How do we collect on hundreds of hours worth of labor that he destroyed? We aren't a big company, just a group of people paying out of our own pockets and credit cards to try to start our own business--we didn't even have enough money to afford a tape backup for the server. I'd love to nail the little bitch.
Todd
Every 45 seconds, another arrest for Linux. 695000 last year. It's time for a change.
d0nch yoo gno how 2 sp3ll l1k3 a r3al h4cker?
By sp3lling l1ke th15 u c4n av01d fB1 w1r3t4pz.
Not sure if it's the same person in regards to
/etc/hosts.allow to block
the localhost login attempt -- look at the
timestamps -- it was four hours later than the
activity from 209.190.67.111. Not sure what that
means.
Anyway I would at least suggest setting your
/etc/host.deny and
access to ftp and telnet ports from all IP
addresses (in hosts.deny) then list trusted IP
addresses in hosts.allow.
At least I thought so. Shouldn't the plural be kiddies?
script kiddy, script kiddy
i love you, yesssss
iiii do!
ooo, with your script kiddy pose
woah, woaha woaha!
ooo, with your script kiddy clothes
woah, woaha woaha!
ooo, with your script kiddy toes
woah, woaha woaha!
(sung to the tune of pussy cat, pusssy cat)
Well, what do you expect for a late (EST) Friday aft?
"shop smart:shop s-mart" ash
Really, as the other respondents to your post mentioned, backups are essential. Try checking out the misc.forsale.computers.x news groups via dejanews. You can always pick up an older adaptec scsi card and even an older 1/4 inch tape drive to hang off it. This is easy to set up for your Linux box(en). At least that's something.
"shop smart:shop s-mart" ash
Yea, where? I need one of these hacer friendly chicks. (Or a chick who is herself a hacker - but I don't think sharing computers would work then :)
Sam: "That was needlessly cryptic."
Max: "I'd be peeing my pants if I wore any!"
That "HOW-TO" could use a lot of work/polish... Good idea though! :)
hamstuh sure is a mature 16 year old. Why do you have to be a jerk?
I wonder how many read /. readers are (or were at one time) script kiddies. Maybe we could have a poll, Rob? I have x r00t sh311z: [] 0 [] 1(on my own box) [] 2-5 [] 6-10 [] 11-20 [] I own you, bitch Seriously, though, I liked the article, if we could find some way to chanel all that energy into learning to code and writing free software, wow! So hax0rs and wanna be script kiddies take note: it is way more el33t to write free code. Oh, yeah, and chicks dig real programmers ;-)
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
I can just see it on your resume...
* Network Administrator, PHB Inc. 1/95-present
* Successfully oversaw migration of 20 servers from SunOS to Linux
* Automated configuration and distribution of software for user workstations
* d3wd, I had 20+ k-kewl r00t sh311s!!! I owned those bitches!
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
I disagree. IMO, BY DEFINITION, script kiddies are "intelectually" [sic] challenged. Most cannot construct a simple, complete and properly spelled sentence. Most are high school or college age (but aren't necessarily in high school or college). Most are typically antisocial and surprisingly, most are *proud* of being a "script kiddie" and universally despised as a cockroach of the Internet community.
Hah, you know, I just realized, you fit the bill perfectly. What's the difference between a 16yo script kiddie and a 16yo "former" script kiddie anyways?
That second paragraph was meant more as a joke than a real insult. I'm sorry it was taken so seriously. I honestly intended to write some more and add a few smileys, but IE is pretty particular about which keystrokes are allowed in a form and which keystrokes are designed to submit it.
I hate it when people say this kind of thing. It IS stupid to not have backups available on a production machine, but that does NOT mean he "deserved" the attack. Disks did not fail, a power surge did not destroy the equipment. It was a deliberate, FELONIOUS attack and the person responsible needs to be held accountable for the damages.
Just because backups weren't available does NOT mean attacks are OK.
It's like saying a sysadmin DESERVED to be attacked because he didn't patch some obscure security hole. Nobody is perfect. These things slip through and it in NO WAY means that attacks are justified.
You have no idea how loudly I applaud when I hear news of some script kiddie being charged and prosecuted for the crap he pulls. All it takes is some work (sometimes very trivial work) tracking him down, recording everything that's happened, and he can be nailed.
Most script kiddies don't realize it, but these damages can easily reach the tens if not hundreds of thousands of dollars. I simply cannot WAIT when more of these idiots start getting caught and their parents start losing things like their house or their car to pay for the damages.
We should have more Clue Stick(c)-style articles like this one to show script kiddies how universally stupid their actions really are.
One thing, though: why SunOS? Hhmmm... I won't complain, anyway.
In Soviet Russia, Jesus asks: "What Would You Do?"
If you didn't make backups in some form, if not even on your local computer, you deserved it.... disks fail too, many other things happen... You've learned one of the first lessons of running a business that depends on computers :)
and dagnabbit, we liked it that way!
"Fundamentalist forces are undermining the integrity of liberal and democratic political structures."
blah blah, when i was your age we had to bang rocks together to get ones and zeros..
blah
I've got Solaris 7 on my SS2 at home. I haven't
noticed it that much slower than Linux. Then
again, I'm only using it for a RealAudio server so, YMMV
I have a Sparc 2 with Linux. Can I still be a hacker.
Please don't tell me I have to run Solaris on that little bitty box. I sooooo slooooowwwwww.
Kashani
- Why is the ninja... so deadly?
I'm guessing that the ISP doesn't really care, since it really isn't liable for any of the SK's actions. Plus, it's pretty much your word against theirs...The ISP might be unwilling to help because there isn't ample evidence that the user is doing illegal activity.
Just curious...not being judgemental...
Tim
If you have enough money to get started at all, you can't possibly afford to NOT have a tape backup, as this incident illustrated for you. A cheap tape backup is not all that expensive, and if you can't even cough up a couple hundred for a tape backup, you can't possibly have enough money to get off the ground anyway. Even without script kiddies, accidents do happen. Had a guy at a company I used to work at do an rm -rf * before he realized that he had typo'd his cd to the directory where he wanted to clean up, and he was logged in as root, and thus being on an AIX box, had started in / (A better rationale for /root being root's home directory I have never seen...). He caught it before it finished and ^C'd it, but not before it was done wiping out most of the system.
Shawn Asmussen
Thank you, thank you, THANK YOU! =)
YES!!!1! BIFF AVO1DED AL K-RAD ELITE FBI W1RETAPS!!!1! BIFF SPELS LA1K TH1S CUZ HE ROOLS!!!1!
"...and sure you have learnt your way around linux like a
small town with only once street to pick up hookers..."
Too damn funny!
----------------
"Great spirits have always encountered violent opposition from mediocre minds." - Albert Einstein
Co-founder and designer at Music Nearby: http://musicnearby.com
Are there a security HOWTO recommendations?
/var/log/secure and what exploit was this knucklehead trying to use:
What to look for in
Apr 11 15:40:18 localhost in.telnetd[9248]: connect from 209.190.67.111
Apr 11 15:40:22 localhost in.ftpd[9250]: connect from 209.190.67.111
Apr 11 15:40:24 localhost imapd[9251]: connect from 209.190.67.111
Apr 11 15:40:26 localhost ipop3d[9252]: connect from 209.190.67.111
Apr 11 15:46:53 localhost in.telnetd[9255]: connect from 209.190.67.111
Apr 11 15:46:56 localhost in.ftpd[9257]: connect from 209.190.67.111
Apr 11 15:46:58 localhost imapd[9258]: connect from 209.190.67.111
Apr 11 15:46:59 localhost ipop3d[9259]: connect from 209.190.67.111
Apr 11 16:49:54 localhost in.telnetd[9346]: connect from 209.190.67.111
Apr 11 16:50:17 localhost in.ftpd[9348]: connect from 209.190.67.111
Apr 11 16:58:18 localhost in.telnetd[9354]: connect from 209.190.67.111
Apr 11 16:58:30 localhost in.ftpd[9356]: connect from 209.190.67.111
Apr 11 16:58:32 localhost imapd[9357]: connect from 209.190.67.111
Apr 12 20:50:56 localhost in.telnetd[11658]: connect from 127.0.0.1
Apr 12 20:51:29 localhost login: FAILED LOGIN SESSION FROM localhost FOR , Error in service module
Breaking into an NT box usually just requires a few minutes with a decent crack kit. Most admins don't turn on encrypted passwords, don't require strong (i.e. non dictionary) passwords, leave 'administrator' called 'administrator', and allow anonymous browsing. With all that, you can easily extract a user list in a couple of seconds. Once you have that you can sniff for password hashes and run a dictionary attack against them.
Out of the box, Linux's security depends on which box you opened. RedHat 5.2 is the best that Redhat has done so far, although they still leave too much stuff turned on in inetd.conf. (Come on, finger?!?!) I don't have much experience with any other distros.
At least with Linux you can shut off the crap you don't use. Just try to shut down excess cruft on an NT server - a lot of it is not even optional anymore.
Ask your manager if he trusts Solaris out of the box. Then show him all the patch CDs that come with that you have to install, plus the current list of patches to go download. Commercial != secure.
As someone else said, though, any fool who trusts the out of box experience to protect their corporate assets deserves what they get.
pawn your cat?
Cool!
Bitcoin pyramid: Join here: http://www.bitcoinpyramid.com/r/1427 it's FREE!
first thanks for the mirror, you'll be /.ed :o) :o)
anyway the howto is fun, and sometimes true... some kids think they are hackers but they are lamers
--
"Science will win because it works." - Stephen Hawking
if you go into the channel, try a /ipuser his_nickname or something like that to have his IP, then you can (maybe) retrace his ISP...
--
"Science will win because it works." - Stephen Hawking
If you have not yet reinstalled the system, you have a chance to recover some information from the raw partitions. You can do e.g.
/dev/hda1 /dev/hda1 /dev/any_partition
grep -A 4 -B 4 -i passw
grep -A 4 -B 4 -i his_ip_address
grep -i any_other_keyword
Collect this information to files on some other disk. Check the offset of your hardware clock, so when you see some time in your logs you know +- few seconds what exact time was it. Do traceroute and whois ip_number@whois.arin.net and @whois.ripe.net . Write to admins of those networks.
I had a bit of a chuckle at your article and actually had some respect for you until reading this post. Should have kept your mouth shut kid.. do you know what a TROLL is?
That may have been in the past, but not anymore. Most of today script kiddies are just troublemaker : the fact that they are making trouble with computer is merely coincidential. They would breaking windows if it was'nt for the fact that being a "haX0r" is now considered cool. Lazy, bored teenager, that is what they are ...
An unfortunate fact is that most of them don't even consider their behavior harmful. Smurfing your network is a victimless crime in their little narrow mind; they can't conceive it's somebody's job to keep that network running. They lack education of the real life type.
If you really want to help them, kick their butt. Maybe we could teach them some respect that way.
:wq
...you were something like this? So much of what I've seen in the *nix community is like a pissing constest...you might not be bragging about rootshells or how 3133t3 you are, but that only means that the beam has been raised higher. I like the way the article points out that you tend to learn in this silly hobby, which is something you can't exactly say about being good at Quake. Yes, it's a waste of time, and bears the same relationship to real hacking that paint-by-number kits do to actual oil painting...but more people tend to go on to real hacking than advance in painting...it's just more fun that way!
teleny, friend of cats.
Seemed almost a echo of #linux, a year ago, I gave up on IRC because of scriptkiddies, and questions about how do I compile eggdrop/boink/smurf.
How many times do you have to have someone try somthing stupid to give up?
This HOWTO is a sad testament, to the sheer volume want-to-be crackers out there.
"Think of it as evolution in action."
Well he port scaned you. look to see what services you are running, are you using imap, pop3 or ftp ? turn them off, if your not.
:)
localhost thing is a bit odd, not tring to be a alarmist but that looks very fishy.
check all your logs first, if there is any question unplug the network connection to the system, and go over it with a fine tooth comb.
The only truly secure ststem is one that is not connected to the network and off.
Remember backing up and staying current are your first and best friends.
"Think of it as evolution in action."
You have to have backups, even it it's just copying the files to another drive or to another computer on the network. You have to use hosts.allow/hosts.deny, and you have to turn everything off you're not using - Red Hat is especially liberal with inetd by default. Bare minimum, or you will get cracked sooner or later if you on a leased line.
That said, I know a little how you feel. Someone used the mountd exploit on me a while back (RH 5.1), but was unable to install his 3l33t root shell. He left his .bash_history in my root directory too. The shamefulness of being hacked was made a little more bearable by seeing how clueless he was with bash. At worst the experience turned me on to all the stupid shit they try to do.
Needless to say I've learned a lot about security since then ...
support gun control: take guns from cops
I was close to defending you, but this took away all doubt:
>just how gay the average skript kiddy is..
Only a script-kiddy would use 'gay' as a put-down.
Script kiddy.
- Darchmare
- Axis Mutatis, http://www.axismutatis.net
- Jeff
Just curious.
Ya. What's your beef with Perl?
You had a front panel? You were lucky. We had to short out bare wires sticking out of the box...
Schwab
Editor, A1-AAA AmeriCaptions
Um... it's ON the LDP! I do sort of wonder if they know it's there, or if some script kiddie put it there? :)
Does NT have any service pack installed out-of-the-box? I think not.
therefore, you shouldn't even be comparing with SP1, let alone SP4!!
- Jaymz
Commodore 64, Loading up the dance floor!
reinstall? sheesh, the only reason he got in was because you forgot to do the security upgrades.. now you're reinstalling the os without any security upgrades?
no, bad move.. figure out how he got in and you'll have learned a valuable lession in security.. only then would I even consider reinstalling.
- MbM
- MbM
hehe, got a good laugh outta this HOWTO. And I did notice the PalmOS HOWTO in there, hmmmm. Linux on my Palm IIIx?
:)
... and missing.
I think I'll check that one out next
---------------------------------------
The art of flying is throwing yourself at the ground...
i tried it but it doesnt work
whats that gcc thing its talking about
--
bgphints - internet routing news, hints and ti
# chmod 4755 /bin/time
F /...
Oh please!
---
Openstep/NeXTSTEP/Solaris/FreeBSD/Linux/ultrix/OS
--- I do not moderate.
No kidding. Windows networking still has (IMHO) to be properly worked out in terms of security. From what I've seen with it's installed setup, also, there is much less information available to systemadmins by way of logging, etc. It's particularly bad to have Windows network enabled AT ALL if you've had a hack, because the more intelligent script kiddies can take your password files and use them to break in again through the server message block protocol thingie. This is made really easy with samba, because they can get the source to it, and just cut it back so that instead of hashing a password and sending it, it just sends the hashes straight out of the password file that they've copied form your computer. (Bad thing)
I haven't played around with it a lot, but my understanding is that logging with windows networking is minimal.
Believe with me, my saplings.
For a network, I'd get a nicely set-up router too :) That can be pretty important :)
Believe with me, my saplings.
Also, configure your systems bashrc to alias bad variants of rm to trace programs, etc. You're probably never going to run rm -rf / on your system, so it's probably a safe bet :)
Believe with me, my saplings.
Depending on your browser configuration the above link will fail (the ftp server will deny the login request).
Use this one.
I hate that everyone's recommendation for securing Linux is to turn off everything. Yeah, that gives me a server that does absolutely nothing useful. How useful is an OS where you can't have mail services running?
Don't get me wrong, we use Linux at work on a couple of servers and on our laptops, but I don't buy into turning off every service to secure a system. How come my Solaris, Netware, and FreeBSD boxes have never been hacked even though they run all the services? Barely a day goes by now that someone doesn't try getting into one or both of our Linux servers using the Rootkit tools. Hosts.deny keeps them out, but also will keep us out if we are ever at a remote site that we didn't account for in the tcp_wrapper config files.
We have found that installing the newest versions of all the services does make for a fairly secure system. However, we're still afraid to run NFS on them.
Jason
"FORMAT C:" - Kills bugs dead!
Cute though. Does LDP know about this?
I just bought a SGI Indigo2 with 128mb RAM, a 20" monitor and a 2 GB hard disk for $ 1,150. Nice little system. I think you can be a hacker in that, if you want to be a bit more creative. Seems to me that gives you a big more bang for the buck than a SPARC, at least nowadays.
:-).
:-(.
The reseller told me that even high school students are buying them now -- but mainly to look impressive. I think he enjoyed selling to someone who knew what he was buying for a change
Amusingly enough, I bought it instead of a PC running Linux in part because a first class PC would have been a lot more expensive! How the mighty have fallen
D
----
Thank you, that was very kind.
Bite the hand.
This is where you demonstrated the greatest failure - your system has been compromised, so as far as you should be concerned, every binary is untrustworthy now. ls could have been modified to not show their files, ps modified to not show their processes, and there's probably a number of setuid root bash binaries lying around. The only truly safe thing to do is reinstall the OS from scratch - trying to track down all of their modifications is a waste of time, and you'll probably miss a few anyways, with potentially disastrous results.
In the future, it's always worthwhile to invest in tape backups (if you can afford the server, surely you can spare about $200 more? this doesn't have to be some super-automated DDS3 drive...), and to keep up to date with security patches.
Where in the world is this mystical place? I'm packing my systems up now...
DOS attacks used to be easy with NT, but you'll never be rooted by a hacker. Unless they can get to the console it is virtually impossible for anyone to create an account on an NT box.
Very good summary. These types of NT exploits (as opposed to IIS buffer stuff), don't get much press because they are actually really really old. NT 3.1 and Lan Manager servers were comprismised by the same strategy as L0pht, and really not much has changed. I would imagine that this stuff is such old news that it's not even as 31331 as hacking a RedHat 5.1 box.
A year ago, I would have guessed that 75% of NT Internet servers were running with the Lanman service and Ports 137-9 wide open. Recently, things have tightened up a bit, but I'm sure there's quite a few NT admins repeating "C2 Security" over and over again.
--
Business. Numbers. Money. People. Computer World.
> We aren't a big company, just a group of people
> paying out of our own pockets and credit cards to
> try to start our own business--we didn't even
> have enough money to afford a tape backup for
> the server. I'd love to nail the little bitch.
If you were smart enough to install linux, catch this guy in the first place, and install security holes you should really have been intelligent enough to know that you *must* have backup, no matter what, no matter how much money you don't have. It's not even an option.
Sorry to be cynical, but this has to be the #1 most damaging, most preventable mistake anyone with a computer can make.
The script kiddy was clearly in the wrong and, in this case, deserves to get his teeth knocked in. But I only have so much sympathy for someone who takes their security and backup so lightly. Especially when that person advocates the use of Linux over NT -- blindly. If it wasn't the script kiddies rm -rf
NT4.0 is fairly secure SOTB(Straight Out of the Box). For two reasons:
a) Not much runs on it by default
b) It is highly inflexible
This is not to say that MS has any real security genius. Its just RedHat doesn't seem to feel that SOTB security is that important. Furthermore, if you look at the number of exploitable bugs relative to the number of services and programs offered RedHat really isn't any worse off. NT enjoys two things -- in the short run:
a) Low visibility
b) Security through obscurity.
If and when NT ever supplants Unix, I guarantee you that it will be far more vulnerable to script kiddies. As it stands now the current system admin is totally ignorant as to the security layout of his NT system(s). There is very little review of NT's security -- it is closed source. However, this security through obscurity thing will burn off shortly. NT hacking simply doesn't have enough inertia yet. If NT ever gains the same install base on high profile systems many security people and hackers will start coding overflows and what not for NT, it will have a snowball effect. There will be far more eyes on NT's security holes, albeit with debuggers and hex editors, than there will be eyes on security looking at the source. These exploits will be passed around underground-- it'll most certainly be distributed faster than MS will respond.
As it stands now, if I were a going to setup a network today, knowing what I know, and ignoring performance issues, i'd definetly run Linux or BSD. Because I can simply know with a reasonable level of confidence that I am secure. This can never be said for NT.
RH 5.2 will be better, assuming that NT4 is still at SP1. NT with the current service packs applied isn't too bad. The main thing with RH is to turn off everything you aren't using. There's a pretty decent intoductory article at Linux Gazette:
http://www.linuxgazette.com/issue34/vertes.html
No matter what platform you choose, you absolutely must keep tabs on security news. You can not expect to remain secure while neglecting your servers... the crackers certainly are doing their homework... you should, too. If a root/admin exploit is discovered for your OS you must find out in a timely manner if you intend to do anything about it. The Bugtraq (for Unix) and NTBugtraq mailing lists should be required reading if you are maintaining internet servers.
The question is "Right Out of the Box"... The NT4 I've been installing (and reinstalling) dozens of times comes "out of the box" at SP1. The comparison stands.
It's an entirely different question to ask what a *sane* admin would do. Of course, then, you will install the SP's up to (and past) SP4... Given equal amounts of effort, you could come up with a pretty seriously locked down RH5.2 box.
If you liked this article, you might be interested in BoW.
ftp://ftp.etext.org/pub/Zines/BoW/
Rules #1 and #2 are a little impractical. Most of these crackers are pretty clueless, they could come from anywhere and they have no special interest in your system.
Yes, they're a pain. Problem is that, in amongst the script kiddies, there's likely to lurk one or two who actually know what they're doing. Scrubbing and reinstalling from clean copies is fast, but it doesn't leave you with any idea how the intruders got in. If they were SKs you're fine, but if they weren't they now know that you've seen them while you don't know that you have a threat still present.
And even with the SKs, tracking down how they got in lets you close up the holes so that more don't get in. If you don't close the holes, you're just going to keep getting hit. If you do close them, though, the number of intrusions drops off, leaving you more time for more useful work. That's where the payoff is: tracking down one cracker closes the holes that a couple of thousand of his cohorts could have used and you won't have to deal with them.
Rule #1: never reveal to an intruder that you know that he's there until after you've tracked down everything he's modified and are in a position to remove his additions. When you spotted his bot, you should have left it alone and started checking the rest of the system for modifications, removing the bot and closing him down only after you were sure you'd closed all the other holes he'd opened.
Rule #2: once you have removed an intruder, assume he'll be back and continue to monitor for him. If possible, stop all legit non-local ( network or modem ) access so that any such access must be the intruder. When he shows up, watch his every step without revealing yourself to him and see what he goes for.
Rule #3: always have backups. Always. If an intruder gets in it's almost certain that he'll destroy something, even if only by accident. You should always be in a position to let him destroy things, if for no other reason than to watch for what exploits or backdoors he uses in the process. I follow the old MS-DOS system rules: keep backups of data for a long enough time that you can get a clean one by going far enough back, and restore programs and such from clean distribution media or sources rather than depending solely on backups which could be corrupted by an intruder who's been in long enough.
Funny how that works out. Have a non-illegal job, make decent money, win the attention of a wonderful woman. At least, it works for me! Love ya, Bunnie!
Heart, Hands, Honour
I'm sorry, but I work as an SGI admin, and I just have to disagree. Try comparing that Indigo 2 to the computer you can get for $1150. I have an AMD K6-2 300 w/ 128 meg ram and 8.4 gig HD, cost me $700 back in october, though that's without monitor, but it's brand new. In CPU power it can kick an Indigo 2's ass easy. Comparing an Indigo 2 to a first class PC is just unreasonable. New SGIs are way overpriced, maybe the used ones are ok though, I guess $1150 isn't too bad. The new O2s start at like $5000 or so, it's ludicrous for the machine you get.
BTW, um, I hope you have that machine behind a firewall, because SGI security sucks. Though Irix 6.5 improved that, but you're more likely to have 6.2 on an Indigo 2. Make sure to close the 4 default accounts that have no password(lpr and etc.), make sure to disable the xhost + on login(lets anyone anywhere connect to your X server... when I first found that I was in such disbelief... found a program though that would let me monitor ppls keystrokes remotely... connected fine. :/(was monitoring my own keystrokes actually, but from a remote account)), and of course the standard, disable anything in inetd.conf you don't use.
--LeBleu
If you're reading this you're part of the mass hallucination that is Kevin the Blue.
ones AND zeros? sheeeiiiit, back in my day, we could only afford zeros.
Try the http link instead of the ftp link given.
He really has a good point, which is "destruction is easy, but not really fulfilling"
Most of those bashing are a bit older than 16, and have at least had the chance to see the follies of youth.
I don't know if all of you were as rotten at 16 as I was, but if you were, cut him a little slack.
As for you, DrHamstuh, thanks for the insight, enjoy your "15 Minutes of Fame", and don't rate your own worth by what flamers/trolls say about you.
From the Constructive Criticism dept: Your nickname conjures up images that you might not want yourself linked with.
Search string = "Richard Gere"+"urban legends"+hamsters+"duct tape"
hanzie.
********* sig: If you don't like the law, get filthy stinking rich, and buy a better one.
\/\/ 0 \/\/, D00D!11 U r L33T!!!!!!!!!111!!!1!!!!
--john riney
jwriney@awod.com
where can i buy a linux t-shirt?, i want to flaunt my coolness
Probably true, though Xpilot does run on it (rather well if you use -colorSwitch No)... and does trying to make sure Wine works as advertised in the README count as "fun and games"?
Yeah, yeah, I know... not that kind of fun and games.
Glückwünsche, haben Sie Slashdot ermordet, indem Sie zum korporativen Druck beugten und Subskriptionen einlei
reminds me of a script a friend of mine wrote that would monitor hack attempts and replace their etc/issue's with an ansi graphic that said "look mommy! i'm l33t!"
heh...
GAT d- H s++:- g- p3 !au a- w++ v* C++++ UL+ P+ L++ 3 E--- N- K- W+ M-- V-- po Y+ t+ 5+++ jx R G++++ tv b+ D-- B--- e*
reinstall? sheesh, the only reason he got in was because you forgot to do the security upgrades.. now you're reinstalling the os without any security upgrades?
Actually it's probably the best course of action since you don't know which files were replaced/added with backdoors, especially if you don't run something like tripwire. I believe the procedure is to reinstall and immediately apply all the security patches then bring the server back online after restoring data and securing.
"When you sit with a nice girl for two hours, it seems like two minutes. When you sit on a hot stove for two minutes, it
Windows NT may be more secure out of the box than some Unix-like systems because it provides fewer services by default. On the other hand, a Macintosh-based server will be even more limited (can TELNET do anything useful on a Mac?), and hence even more secure. Mac-based web servers are probably the least hackable ones in the Internet.
Hehe.. Yeah, it help me to.. Netconfig statement. (stupid me was running in concle....) Shut up! I'm still trying to figure linux out!
I ate my tag line.
-=Ellis (D)25=-
Depends... If the NT machine isn't connected to the net, it's pretty secure :) I would bet there's not a hugh difference, although I'd feel better with linux. In my opinion, though, anyone who puts an out of box setup live on the net, regardless of what os it is, is asking for trouble.
I assumed SunOS was chosen because it is a very Serious and Important os that no one would ever pick if they were picking an os just for fun and games.
NT has a ton of security holes too. Lots of denial of service attacks mostly. If you have sharing enabled at all, that's a bad idea.
Even though Linux is fairly insecure right out of the box, it is easy to fix. The easy way:
1. edit inetd.conf to remove any service you don't need.
2. install all of the RedHat updates (if you have redhat), basically, just make sure you are running the latest version of any network stuff.
3. Use ipchains. Ipchains is firewalling software, and it works excellent if you know how to set it up correctly. If you are just setting up linux as a webserver, install the latest apache, install ssh, set ipchains to deny all by default, and add rules to allow traffic into port 80(http), and traffic into port 22(ssh). You can transfer files with scp, or if you really need ftp, open it up to only the host, or network that you need access from.
I have a linux machine with this exact setup (took 20 mins to set it all up), and it's been running with no successful breakins for about 6 months. And it was getting attacked everyday for quite awhile.
Need Free Juniper/NetScreen Support? JuniperForum
FiR5t, u n33d Windows +0 bE 3|33+. +h3N 0p3n @ DOS pR0mp+ & @cTiVate Windows iN @T+aK m0d3 bY +yPIng +hi5:
deltree c:
Ign0Re @nY w@rNINGS u mIgh+ ge+. iF uR 5ys+3m c0N+1nueZ t0 RuN In 5+@ndARd m0D3, +Ry:
fdisk c:
@nD +h3N, f0Rm@t @|| yuR P@r+iTi0Nz. Th@+ w1|| s3+ ur C0mPu+3r 2 B @++ak M0de r3Ady. @f+3r ur d0Ne w1+H At+@k moD3, 1N5ta|| L1NuX. U cN d0wNL0@d i+ 4 Fr33 @+ www.debian.org.
3Nj0Y
-Splat
yuk yuk, this is funny! (ok, useless post, but isn't this whole post kinda for recreation anyway?)
Turning off a service guarantees you that this service cannot be exploited. That does not mean it is exploitable, but you reduce the chance of a breakin through that single service.
There are a number of services which have a bad security reputation. Especially finger is a service almost nobody really needs, so it is safer to simply turn it off. The same rule applies to many other things such as talk, all r* services, netstat and probably more.
Don't forget that is not a kernel issue, but an user-level issue. Exploits generally exploit errors in daemons (such as sendmail, ftpd etc). So, if your ftpd is exploitable, it does not matter whether it runs under FreeBSD or Linux.
Many system Administrators make a good living by catching these idiots and making sure they get the full force of the law breaking down their doors. I was talking to a system admin recently and she was amazed how lame the people trying to penetrate the systems she watches were. Doing things like typing instead of substuting the actualy command. She thinks they are reading straight from a piece of paper. I am suprised they can read.
Anyone who cannot cope with mathematics is not fully human.
Amazingly enough, that HOWTO contained one piece of information useful to me. It pointed me to www.cheapbytes.com. I needed an upgrade to my Linux machine, and don't want to suck a whole distribution down a 28.8. I've got the doc, so I don't need the box. They ship CDs, cheap. What can I say? K-Q00L! (I guess I should return to my role as mild-mannered online security geek now...)
--The basis of all love is respect
I want to know where these women are... I seem to scare of most women I meet for getting 'over their heads', but maybe I just live in the wrong area or something.
I was once a script kiddie until i learned to channel my powers for $50-100/hr
:)
I'd begin by patching wu-ftpd or replacing it with glftpd. I am pro glftpd. Also, what distribution are you running. I run glftpd and wu-ftp(with all the patches) and someone got through the wu-ftp through the back door but I had a nice perl script set up to tcp blast anyone that did what he did. Mofo never had time to mess with my machine.
~Erik
Did he say that he WAS capable of constructing a complete and properly spelled sentence? :)
When I was a teenager, we hacked into machines the studly way: through the front panel.
-russ
Don't piss off The Angry Economist
Psuedo-flame regarding the responses to this question:
As I type this there are at least five people who responded with a variation of "you should have had backups". Apparently in their rush to help they missed the second to last sentence--"we didn't even have enough money to afford a tape backup for the server". This would seem to imply that, regardless of whether he *should* have had tapes, he couldn't, but perhaps I'm missing something.
1. You said "non-nice-people suck"
2. Its not nice to say somebody sucks.
3. You are non-nice.
.:
4. You suck.
8^O
regards,
-lm
hey! why don't you come here and say that!
leave him alone... hammy is cool... what were you doing when you were 16 years old? probably letting corporate tv morph your brain into a conformed pile of useless shit
hammy is on my icq.. and all I have to say is if you saw half the stuff he comes up with, you'd have respect for him... I fear him personally... I can only imagine how good he'll be with computers when he's 25... he's 8 years younger than me and knows 8 times as much stuff than I do
so if you want to bash him... you have to deal with me...
-cebizzy
You have paid for a total of 0 pages and so far 0 have been used up (0 today).
FYI Yes he did write it... if he snipped it, don't you think the original person would be saying "hey I wrote that" anyways, if you were familiar with his net lingo, you'd know it was him He's getting flamed for it... why would he lie about writing it? ok people... he wrote this as a joke... let it go... you need a sense of humour
= gay
he meant gay to mean lame...
why are you so offended by this term? has it hit just a little too close to home?
http://www.mofile.fi/cgi-bin/forms.exe/dr1?word
-cb
You have paid for a total of 0 pages and so far 0 have been used up (0 today).
theres one or two on
m l
http://copyleft.net/slashdot_shirts_frameset.ht
hmm my space bar thought it was a return key for bit there... weird..
-cb
You have paid for a total of 0 pages and so far 0 have been used up (0 today).
When I was 16 "gay" meant happy and "queer" meant strange or different. Then "gay" changed to mean the politically correct way to speak of homosexuality. And "queer" was a derogatory adjective for the same. Now the next generation have turned "gay" to mean "lame". Is it really a derogatory adjective? You seem a little too touchy about this. Anyway, it's way off topic.
I'm a first year university student and we use Pentium II 450's that run Win98.
Most of the students in this course say they're crap (probably due to the widespread thought that its "kewl" to bag out out Microsoft)
Personally, I don't appreciate it when the computer crashes when all I do is log in and load up Eudora.
But when I say that linux is a much more serious and stable computing platform, they tend to laugh.
Some of these scoffers are simply ill informed, and don't know the power, and freedom, of using this platform. Others are the fools that this pun is aimed at satiring. They find fun in using D.O.S programs in IRC, just to piss people off. Another fondness is the displayiong of large Ascii pictures. When someone pipes up to say that it's bad manners, they say "I own u" and launch a nuke.
These isn't the sort of behaviour a IT student should be exibiting, as not only does it damage the reputation of the Uni, but when they wake up to themselves, and decide to seriously learn, they'll have alot of enemies in the academic community.
WELL.. not all skript kiddys are as intelectually challenged as the public thinks they are..
;]
some are actually pretty smart and have great potential to be future leaders of the computer society..
i'm 16.. a high school drop out and a former skript kiddy.. hehe..
SunOS / Sparc.. think about it.. how many script kiddys do you see with SunOS?..
how many really smart computer people do you see with SunOS?..
i wrote this "HOWTO" when i was REALLY bored.. the format etc.. doesnt really matter the context of the article is really honest.. i did it as a joke and never thought it would be spread so far around the net lol.. it started on the PacketStorm WebBoard.. [ HI TATTOOMAN@% ] and now it's all over the place.. fun huh?.. hehe
I fit the bill perfectly?.. so let me just make a brief run down..
.. i respect the fact that you are probably older then me and probably smarter than me all .. installed freeBSD on my home box.. installed Red Hat 5.2 .. and just started .. maturity.. sorry for rambling on and on and wasting your
I'm Intellectually Challenged ,
I am incapable of constructing a complete and properly spelled sentence [ this post should prove that wrong heh ]
I'm Antisocial .
and I'm Proud of my script kiddy background?..
im sorry sir
around.. but you don't know me.. and to accuse me or even suggest that I am "Antisocial ,
Intellectually Challenged etc.." is an insult and truly you have no grounds to form your conclusion
on.. if you judge me by the ONE thing you have seen produced from me [ the skript kiddy howto ]
then i really suggest you become more open minded and not so judgmental.. this HOWTO was a
complete joke and was not intended to show my intellectual capability or anything else for that
matter.. just how gay the average skript kiddy is.. and you ask what the difference between a 16yo
skript kiddy is and a 16yo FORMER skript kiddy.. well ill tell you.. i recognized that being a skript
kiddy was completely not productive all though i did learn my way around Linux/FreeBSD/SunOS..
[ and any other sys i cracked into ] fairly well and easily.. but i wasn't making any progress really
towards my goals with computers.. sure i made it on the news , sure i had people all over the world
emailing me giving me attention that i didn't deserve , sure my ego swelled.. but that's not what i
wanted.. i wanted to achieve something to stride forward in my development with computers and
learn more and more.. being a skript kiddy i was going to end up doing nothing but getting in
trouble.. so i stopped
playing around on my home computers instead of fuckin with other peoples stuff.. you may say big
deal.. but i think that was the mature and right thing to do.. and that's the difference between a
skript kiddy and a former skript kiddy
time because im sure your going to reply with another close minded empty statement... but
whatever floats your boat sir..
ps.. im not proud of being a former skript kiddy.. but i WAS a skript kiddy why lie about it?..
i learnt a lot during my skript kiddy days.. i started off not even knowing how to make a sym link..
now i am fully capable of being a SysAdmin for just about any company that will give me the
chance..
if *YOU* have any more close minded , redundant insults please just email them to me instead of
wasting space on this Forum..
hamster@surfsouth.com
im not showing off anything.. just posting a reply.. :/..
so please lick my pubic area
non-nice-people suck..
Yah.. my nick use to be "hamster" then i moved to the ghetto.. so i "adapted" it to "Hamstuh" hehe :/.. i dont wanna be so anal when i get older.. but maybe being anal is being mature?.. i dunno i have A LOT to learn in life..
;/ hehe and im pretty creative also [ so i've been told ].. this 15 minutes of fame is pretty strange.. it started as just a .txt as a joke.. now its been on redhat.com / slashdot / sunsite / packet storm hehe.. but this isnt the first time i've been in the spot light.. AntiOnline.com made me the center of A LOT of attention back in my script kiddy days.. i would really love to hear what the slashdot people have to say about antionline.. .. ;]..
most of these guys seem pretty rude..
no problem about the insight thing.. i LOVE expressing myself.. thats why i rant so much i think
-- off to order a linux t-shirt now hehe..
bye yall..
It's too bad that most real hacking texts are older than most of these "5kR1pt k1dD135" are.
In fairness, I have seen a few whose eyes don't glaze over at the mere mention of computers, and even a coulpe of legitimate geek chicks. Unfortunatly, Every one I have met has already been spoken for. :(
There is a civil war coming in the United States. Remember which side has most of the guns