LinuxPPC Challenge: Crack the Box and Keep it!

Jeff Carr from LinuxPPC was so amused by yesterday's MS W2k crack challange that he figured he'd play too: By setting up a LinuxPPC box challanging the adept out there to get in... but if you can get in, you get to keep the box! Its a stock LinuxPPC install, and he even left telnet on. The url is crack.linuxppc.org. You must be able to reproduce your entry to win. Have fun.

NT is the most secure OS

[RelliK]

I can only imagine Microsoft's marketing geniuses saying:

"Windows NT is the most secure operating system. It has a feature called IntelliCrash, which causes the operating system to crash when it detects high network traffic. Such traffic is always caused by hacker's activities, but, since the system is down, any attempts to break in will be unsuccessful. This innovation puts us years ahead of the competition."

Re:NT is the most secure OS

[moeller]

Except they wouldn't use the term "crash." Rather, "Temporary Security Enhancement Through Service Restriction" or similar.
Hard to beat the name "IntelliCrash," though ;-)

Re:This could turn into "King of the Hill"

[bmetzler]

I love the idea, but I think you'd have a hard time finding anybody to host such a beast. Besides supporting what would probably be a huge amount of traffic - and some pretty funky looking packets, you've also got to consider what kind of collateral damage it could cause. Somebody mentioned that the MS test box has had it's DNS servers taken down already...

Nope, you're wrong. Someone has already hosted many servers just for the intent to be hacked. Check out http://www.happyhacker.org/hwargame.html . Yep, a real life hack that box challenge that never goes away.

-Brent

Interesting responses so far.

[Eric+Lai]

I find it interesting to see how few people are flaming the LinuxPPC guys. When Microsoft started up their contest, people were extremely quick to crusade their views, many of them with four-letter words and simple sentences with little content.

Of course, the Linux guys didn't make their web page incompatible with Netscape (or include unnecessary Javascript anyhow)...

However, look at the situation from another angle--look at how shoddy the crack.linuxppc.org webpage is. Imagine if the Windows site had looked remotely like the LinuxPPC site does. Microsoft would have had a hard time finding enough extinguishers for THAT one.

Imagine if the Windows guys had posted IP addresses on the main page.

Do Linux users expect less of themselves? Do they not mind sloppy work? Does this make them feel more comfortable? The LinuxPPC site is definitely not designed to appeal to anyone in a "commercial" sense--is this why it's acceptible?

In any case, it's good advertising for LinuxPPC I suppose...

Oh well. I just think it's interesting how much our biases get in the way of logical thought.

You break it, you keep it.

[SirSlud]

Sounds suspiciously like a contest I run everyday when I bike to work. It's called "break the bike lock and keep the bike!".

SirSlud

Re:You break it, you keep it.

[raistlinne]

Whiel you're correct, how many stolen bikes do you think are actually recovered every year? If someone actually managed to steal the guy's bike, what are the chances that he'd ever see it again or that the theif would ever be procecuted for it?

Maybe this server will actually be up...

[The+Silicon+Sorceror]

How are you supposed to crack a server that's only running on port 80? And how are you supposed to crack it if it's going on and off like a lightbulb? Somebody swamped microsoft2000test yesterday, then it crashed and they brought up a duplicate, then somebody took out both of the nameservers, then they went back up, but both servers were down...
Now they've switched nameservers totally, but the site's still out for the count. I think this is a pretty shoddy deal if you ask me.

--- pinging www.windows2000test.com, please wait...
--- sending to www.windows2000test.com [207.46.171.196],

error, ping 1 timed out...
error, ping 2 timed out...
error, ping 3 timed out...
error, ping 4 timed out...
error, ping 5 timed out...

--- ping statistics for www.windows2000test.com
5 packets transmitted, 0 received

Re:Mistake! Mistake!

[Hollis]

The difficulty is that LinuxPPC R5 comes with all inetd services disbled (for security). So it's not *really* a stock install - Jeff had to make it less secure. I believe the intent is to keep turning on services (like telnetd, which was already enabled) if no one breaks it quick enough.

Besides, if this server is cracked, then we will have found another hole to patch, which is the point of cracking, right?

You talk about taking a week to secure a server, but it could be done in a few minutes by turning everything off except Apache (and disable CGI). "Secure" is kind of a tradeoff in that case.

Re:uh.... real nice ...not anymore

06-095.021.popsite.net
0wned.org
12.1.145.19
12.1.182.66
12.13.101.2
12.13.101.5
12.13.226.21
12.15.222.5
12.17.133.102
12.19.7.129
12.20.48.100
12.20.66.36
12.23.153.224
12.4.125.144
12.66.3.222
12.76.123.49
12.78.105.190
12.79.180.100
12.79.24.215
12.8.190.10
12.9.139.104
127.0.0.1
128.103.107.130
128.114.10.13
128.114.130.1
128.114.130.224
128.114.22.163
128.115.134.64
128.118.206.34
128.119.198.30
128.135.47.228
128.138.129.12
128.143.2.47
128.146.156.242
128.146.190.30
128.163.161.148
128.165.209.115
128.165.88.132
128.173.12.137
128.173.17.87
128.174.154.139
128.174.5.39
128.174.5.62
128.183.105.37
128.187.21.178
128.197.73.220
128.2.121.189
128.2.15.12
128.2.15.9
129.133.28.203
129.142.196.41
129.176.201.45
129.186.46.116
129.187.26.51
129.21.142.164
129.22.240.140
129.237.125.61
129.237.97.63
129.57.8.76
129.57.9.170
129.57.9.179
129.6.61.57
129.6.61.64
129.6.61.65
129.64.8.30
129.65.242.5
129.69.166.243
129.69.192.144
129.93.33.1
130.115.255.113
130.127.112.40
130.149.82.47
130.160.4.114
130.160.7.39
130.216.93.17
130.231.6.20
130.244.106.141
130.244.175.90
130.244.58.19
130.64.1.30
130.67.198.209
130.67.50.88
130.67.96.162
130.68.1.26
131.104.238.101
131.128.23.171
131.130.104.58
131.151.6.34
131.155.20.128
131.155.209.82
131.174.116.100
131.174.97.67
131.179.192.137
131.215.86.119
131.216.128.150
131.216.136.173
131.238.221.93
131.238.3.50
141.201.222.106
141.201.53.23
141.211.63.82
141.213.8.81
141.215.10.193
141.31.147.253
141.44.136.32
141.69.150.240
141.82.18.72
142.104.124.69
143.166.173.56
143.195.1.4
144.15.26.94
144.32.178.46
144.41.19.78
144.74.19.216
144.74.69.107
144.74.69.67
144.92.108.95
144.92.112.142
145.228.129.71
145.253.2.35
145.253.2.36
145.253.71.163
145.253.72.145
145.253.74.131
145.253.76.21
145.253.94.137
146.145.249.135
146.186.226.167
147.11.41.19
147.253.80.10
147.26.62.159
147.86.141.72
148.100.215.108
149.136.185.159
149.138.16.3
149.225.11.73
149.44.3.33
150.135.83.151
150.216.63.62
151.140.22.53
151.198.200.161
151.199.124.10
151.23.0.215
152.1.9.115
152.174.207.47
152.19.5.73
152.2.205.95
166.72.196.67
166.84.144.9
168.122.16.231
168.159.218.165
168.175.254.62
168.191.209.196
168.191.82.165
168.191.91.103
168.58.110.4
169.197.54.146
169.207.131.61
169.207.134.6
169.207.154.107
169.207.62.79
169.207.85.200
169.229.92.67
169.237.129.161
169.237.7.61
169.244.19.131
170.142.111.15
170.65.40.28
170.94.194.189
18.215.0.52
190.newark-23-24rs.nj.dial-access.att.net
192.100.81.126
192.101.159.1
192.124.43.73
192.127.94.7
192.131.1.4
192.135.215.35
192.138.149.4
192.148.249.74
192.150.11.14
192.160.145.62
192.17.17.130
192.195.249.21
192.195.85.210
192.197.71.189
192.219.29.174
192.233.136.11
192.245.102.11
192.246.229.214
192.25.214.6
192.28.2.11
192.31.106.1
192.33.12.69
192.68.228.2
192.76.134.33
192.9.51.3
194.152.172.114
194.162.145.35
194.17.41.1
194.18.101.34
194.197.215.2
194.198.101.1
194.208.80.90
194.208.92.67
194.221.140.149
194.222.63.202
194.222.8.242
194.231.246.180
194.231.50.144
194.236.213.123
194.236.215.94
194.242.196.203
194.252.1.200
194.51.167.7
194.64.39.28
194.65.230.81
194.65.231.252
194.7.44.225
194.7.44.226
194.72.42.56
194.94.24.15
194.94.27.35
194.94.72.124
194.94.72.126
194.94.79.146
194.95.210.55
194.97.8.164
195.114.68.138
195.14.233.244
195.143.133.82
195.143.28.45
195.144.66.11
195.162.211.19
195.162.214.217
195.166.139.131
195.166.17.18
195.17.73.6
195.179.182.249
195.179.84.182
195.186.49.140
195.188.192.3
195.190.20.5
195.190.20.8
195.193.71.12
195.2.169.34
199.179.168.21
199.217.179.162
199.222.102.24
199.232.225.18
199.232.56.155
199.240.131.6
199.34.138.5
199.44.121.100
199.45.180.168
199.72.63.2
199.77.241.57
199.80.64.7
1Cust246.tnt9.mobile.al.da.uu.net
1Cust254.tnt2.new-port-richey.fl.da.uu.net
200.246.133.232
200.30.36.4
202.175.36.13
202.239.129.98
203.101.8.186
203.141.89.167
204.101.128.170
204.116.105.201
204.116.105.203
204.120.86.79
204.123.9.76
204.133.76.235
204.143.88.170
204.146.167.237
204.157.28.119
204.171.56.12
204.186.132.220
204.200.26.249
204.201.36.60
204.209.13.16
204.209.13.50
204.233.149.15
204.233.33.63
204.244.79.129
204.247.248.254
204.254.20.134
204.254.26.24
204.26.82.5
204.50.58.21
204.50.73.2
204.57.230.98
204.71.94.223
204.73.77.78
204.92.192.254
204.92.92.4
206.235.208.2
206.239.230.70
206.243.225.122
206.246.132.18
206.249.10.9
206.25.87.88
206.250.128.222
206.251.162.36
206.251.228.219
206.29.141.237
206.32.221.66
206.40.108.228
206.48.122.153
206.58.2.63
206.58.25.245
206.6.238.10
206.66.13.105
206.66.99.144
206.68.204.37
206.86.154.23
206.97.151.44
206.97.175.184
206.97.65.17
206.97.88.159
207.108.173.122
207.110.37.52
207.111.212.178
207.126.105.147
207.127.69.20
207.134.168.101
207.135.116.245
207.135.131.153
207.136.14.73
207.138.231.95
207.138.232.149
207.139.178.34
207.140.74.130
207.15.170.31
207.153.9.81
207.155.143.117
207.155.96.37
207.159.105.131
207.159.93.20
207.16.153.157
207.16.5.140
207.161.224.43
207.161.225.114
207.168.73.180
207.171.209.66
208.15.173.3
208.150.70.131
208.151.7.175
208.152.101.253
208.152.187.140
208.152.187.163
208.152.24.17
208.157.22.219
208.16.29.139
208.16.9.92
208.161.201.178
208.165.34.242
208.166.162.61
208.17.58.196
208.19.193.169
208.201.134.2
208.204.227.13
208.205.182.1
208.206.247.152
208.207.65.236
208.207.65.6
208.207.65.7
208.21.27.6
208.210.111.70
208.210.85.198
208.219.4.235
208.219.70.3
208.220.46.111
208.221.102.251
208.228.132.188
208.229.121.42
208.229.229.167
208.241.97.130
208.242.126.233
208.242.162.61
208.243.144.10
208.244.148.253
208.246.233.5
208.249.36.2
208.251.243.254
208.253.11.185
208.254.169.221
208.26.231.61
208.3.135.29
208.32.204.3
208.32.204.5
208.44.102.21
208.8.63.7
209-122-217-50.s50.tnt1.atn.pa.dialup.rcn.com
209.182.66.6
209.185.85.59
209.186.43.132
209.192.217.21
209.195.11.176
209.197.144.15
209.197.144.33
209.198.142.194
209.213.94.232
209.214.88.43
209.214.98.118
209.215.153.34
209.218.241.162
209.218.67.132
209.218.86.11
209.219.204.2
209.220.27.250
209.224.199.240
209.226.46.92
209.226.82.199
209.232.222.1
209.239.142.234
209.241.234.5
209.242.84.12
209.242.9.3
209.245.5.148
209.250.40.237
209.250.78.231
209.251.79.107
209.30.101.230
209.31.36.209
209.36.104.6
209.36.105.132
209.45.132.3
209.49.1.57
209.49.185.208
209.5.245.146
209.5.75.40
209.50.4.73
209.54.54.166
209.57.142.27
209.57.145.206
209.57.224.15
209.57.91.134
209.58.32.49
209.58.5.165
209.58.5.166
209.6.0.151
209.63.10.104
212.32.172.115
212.43.207.16
212.49.139.18
212.53.197.174
212.63.145.237
212.7.167.253
212.7.167.6
212.72.80.74
212.72.85.148
212.76.145.211
212.81.150.228
212.81.159.190
212.81.171.145
212.81.172.169
212.83.79.166
212.94.193.116
212.97.194.55
215.morristown-06-07rs.nj.dial-access.att.net
216-32-34-252.irv0.flashcom.net
216-53-137ppp144.mpinet.net
216.1.114.68
216.101.194.195
216.103.105.213
216.118.25.150
216.13.50.10
216.132.201.1
216.132.81.82
216.14.11.106
216.155.28.194
216.168.238.199
216.180.14.7
216.180.30.62
216.192.59.132
216.206.203.245
216.207.212.160
216.208.135.237
216.211.97.40
216.221.32.68
216.26.5.45
216.27.11.84
216.3.68.2
216.32.34.252
216.34.100.231
216.41.30.77
216.53.137.144
216.61.88.225
216.70.158.187
216.78.144.14
216.78.184.96
24.64.185.179.on.wave.home.com
24.64.28.172
24.66.41.94
24.66.41.94.mb.wave.home.com
24.66.45.250
24.7.131.186
24.8.188.136
24.92.239.104
24.93.12.164
24.93.22.133
24.93.242.192
24.95.24.108
32.100.141.128
33-29.H.dial.o-tel-o.net
35.8.4.89
36.51.0.54
38.151.156.129
38.182.104.66
38.183.48.74
38.202.145.254
38.222.98.240
38.246.96.2
38.28.97.248
39-116.egginc.com
4.17.192.55
4048b06.specent.com
45.frankfurt.dialup.cybernet-ag.de
48-216.B.dial.o-tel-o.net
49.columbus-05-10rs.oh.dial-access.att.net
53.122.2.31
62.0.150.20
62.104.64.66
62.108.24.27
62.136.28.22
62.144.250.67
62.156.16.68
62.157.19.250
62.157.202.242
62.157.21.6
62.157.68.21
62.158.120.205
62.158.126.94
62.158.18.117
62.158.20.99
62.158.85.222
62.172.107.140
62.52.129.145
62.52.130.143
62.52.138.48
atmax-4-9.enter.net
av209x177x21x43.aero-vision.com
avalon.dpc.com
b61580.STUDENT.CWRU.Edu
baycity-0164.wcnet.net
bc77-253.jacksonville.net
beavis.eng.techline.com
begate.boeing.com
bftir.lanl.gov
blacker-119.caltech.edu
blah
blndi4-145-253-076-021.arcor-ip.net
bo.oca.udayton.edu
boeing.infocom.com
br-d-215.agrinet.ch
brain-dead.pa.uky.edu
brenne.swm.uni-mannheim.de
burns.cmf.nrl.navy.mil
bw6.bivwood.com
c221812-a.olmpi1.wa.home.com
c71114-a.potlnd1.or.home.com
caard1-p29.telepac.pt
cable-195-162-214-217.customer.chello.be
cacta95.phil.unc.edu
catv6100.extern.kun.nl
cc493382-b.whmh1.md.home.com
chef.ecs.soton.ac.uk
chevrons.demon.co.uk
ci594222-a.ruthfd1.tn.home.com
client-151-199-124-10.bellatlantic.net
cm116-2.evhr.net
cobol.mtsu.edu
coke.imsa.edu
coredump.novagate.com
corp.stamps.com
cow.imv.de
cr342197-a.hnsn1.on.wave.home.com
creature.Crew-KG.NET
crescent.bitwrench.com
cronus.oanet.com
cx275569-a.msnv1.occa.home.com
cx337747-b.wwck1.ri.home.com
cx38442-a.santab1.ca.home.com
cx87325-a.nwptn1.va.home.com
d142-h036.rh.rit.edu
d185d0ca4.rochester.rr.com
d185d1685.rochester.rr.com
d8-31.dyn.telerama.com
dante.gsfc.nasa.gov
firewall.weltman.com
foxboro-bh.foxboro.com
fw-02.microage.com
fw240.smed.net
g76.jlab.org
gate.mcc.net
gatekeeper.tripos.com
gatekeeper.westar.com
gateway.dievision.de
geekport.be.com
geminga.Berkeley.EDU
gemini.clide.howard.edu
get
gleung.llnl.gov
global.mactemps.com
global.sl.se
glympton.airtime.co.uk
gow068.graddosten.ac.se
gps-fddi.leeds.ac.uk
greenbay.shoreland.com
gtng-m130-143.pool.mediaways.net
gw-31.wh.uni-stuttgart.de
gw.varesearch.com
h135-3-84-10.outland.lucent.com
ha1.ntr.net
hadrian.guardian.co.uk
handi4-145-253-094-137.arcor-ip.net
harold.sierraweb.com
hawk-a-047.resnet.purdue.edu
hdcnet.com
helium.dcs.kcl.ac.uk
hephaestos.cs.ucdavis.edu
hercules.regi.ubc.ca
heretic.Sunquest.COM
hitchhiker.ltnb.lu
hlt8-m156-51.pool.cww.de
hmbdi3-145-253-071-163.arcor-ip.net
host-15.edinc.org
host-209-214-88-43.atl.bellsouth.net
host-209-214-98-118.sav.bellsouth.net
host-212.121.137.56.de.colt.net
host-212.121.137.60.de.colt.net
host-62.96.13.148.inetservice.de
host.159-142-112-5.gsa.gov
host113-sub66.symantec.com
host178.wbg.logicon.com
i48-13-45.pdx.du.teleport.com
indigo3.igpm.RWTH-Aachen.DE
ip23.boanxr11.ras.tele.dk
modemcable011.85-200-24.mtl.mc.videotron.net
modemcable148.13-200-24.que.mc.videotron.net
moe.apci.com
monsoon.ssec.wisc.edu
ms02-377.tor.istar.ca
mueata-e1-wan029.citykom.de
n016.nijmegen.telekabel.euronet.nl
n1-h254.isgtec.com
n20057.telekabel.chello.nl
n23-c209-c149-c50.bs.xlate.ufl.edu
nas1-03.dialup.neca.com
nat3.densonreed.com
nd026094.global.medtronic.COM
netblk-10-152.netapp.com
netcom14.netcom.com
newport32.aiconnect.com
node181b.a2000.nl
obsession.logics.de
onh1-168.twcny.rr.com
orion.linuxbox.com
oub.daytontbrown.com
outbound.seic.com
p249.n03.fra.access.is-europe.net
p3E9C1044.dip.t-dialin.net
p3E9D13FA.dip0.t-ipconnect.de
p3E9D1506.dip.t-dialin.net
p3E9E1275.dip.t-dialin.net
p3E9E1463.dip.t-dialin.net
p3E9E78CD.dip0.t-ipconnect.de
p3E9E7E5E.dip.t-dialin.net
p798.as1.adl.dublin.tinet.ie
pC19F3868.dip.t-dialin.net
pC19F7E1C.dip.t-dialin.net
pC19F7FAD.dip.t-dialin.net
pa1.cantor.com
packetway.MPI-SoftTech.Com
pages.sssnet.com
paix-alg-gw9-51.ncal.verio.com
panache.ernie.org
panther.uwo.ca
paris.ncsl.nist.gov
pc15.cybersurf.net
pc33.cybersurf.net
pc70.escient.com
pc83010.stofanet.dk
pcBaby.ACNS.Carleton.edu
pcbellet.imag.fr
pdx-0104.dip.internetcds.com
pec-11-73.tnt1.hh2.uunet.de
rocco.ngdc.noaa.gov
rodan.apollotrust.com
router.ddd.de
rtowster.state.lib.la.us
rz111.rz.hs-bremen.de
rzpc23.uni-trier.de
s152.paris-90.cybercable.fr
s4m097.dialup.RWTH-Aachen.DE
s5n81.hfx.andara.com
sass.thecomplex.com
saturn.bt.com
scuttlebutt.linuxcrypt.com
sdn-ar-002florlaP077.dialsprint.net
sdn-ar-002florlaP325.dialsprint.net
server.penfieldsmith.com
servo.msln.net
seven.cvconline.com
sg20.york.ac.uk
shell-sprint.global2000.net
shell.one.net
shell1.ncal.verio.com
shl-host1.shl.ca
siebert.kawo2.RWTH-Aachen.DE
skovarik.engl.iastate.edu
slip166-72-196-67.fl.us.ibm.net
socks1.clearlake.ibm.com
spjork.handeye.com
spmhc.org
staff.feldberg.brandeis.edu
station-132.vm.com
staudir7.cc.univie.ac.at
stgdi3-145-253-074-131.arcor-ip.net
surf0004.sybase.com
surf15-158.hhe.adelphia.net
swift.ukc.ac.uk
swizzle.imergy.com
swtc19.cc.swt.edu
system3.chordant.com
t3o35p3.telia.com
tarsis.ncsa.uiuc.edu
tcp-relay-4.adobe.com
therest.wholefoods.com
thunderclap.g-web.net
ti12a61-0066.dialup.online.no
tigger.splwg.com
times.cmgi.com
tlo40f9.swm.uni-mannheim.de
tnt1-182.toolcity.net
tnt2-28-119.iserv.net
tob0364e.is.rpslmc.edu
tpk-ppp-b63-KMC.networksplus.net
triton.uqtr.uquebec.ca
trustnoone.erols.com
ts03-116.dublin.indigo.ie
twoface.sep.com
tycho.osc.edu
u105-132.rose.net
ultra13.cs.umr.edu
unique.outlook.net
unknown
unknown-225-148.connectix.com
unknown-41-19.wrs.com
unknown.nbrhood.udayton.edu
unspacy.demon.co.uk
user.neteng.com
user2.infinet.com
users.newsregister.com
usi-phl-2.usinteractive.com
usr410-edi.cableinet.co.uk
vernetzt.at
walapai.telematik.informatik.uni-karlsruhe.de
wc153.ccsn.nevada.edu
we-24-130-86-171.we.mediaone.net
website.naples-online.com
wiley240h066.roadrunner.nf.net
wndnsvr02-26.mnsi.net
wnpgas10-p73.mts.net
wo-d-152.agrinet.ch
wo-d-171.agrinet.ch
wo-d-209.agrinet.ch
world-f.std.com
wrench.toolcity.net
www.linux.de
x149.mcis.de
xania.demon.co.uk
xlsa.kwantlen.bc.ca
xmission.xmission.com
zappa.neis.net
zelgadis.mich.com
zen.webmedia.co.nz
ziggy.bitstream.net
zoom11-106.telepath.com

Re:Somehow...

[B1FF]

1 KN0W!!!!!!!!!!!111

1'M JU5T G0NN4 K33P TRY1N6 2 6U355 R00T PA55W0RD.
S0 FAR, 1 KN0W IT'5 N0T BLANK, "ROOT" OR "SECRET" BUT 1'LL K33P TRY1NG! 1 W1LL 3V3NTUALLY GU3SS IT!!!!!!111111 1 W1LL TH3N HAV3 A PPC B0X ALL T0 MYS3LF!!!!1
:WQ
:wq
------ ------ ------
ALL HA1L B1FF, TH3 M05T 31337 D00D!!!!!1
------ ------ ------
ALL HA1L B1FF, TH3 M05T 31337 D00D!!!!!1

Re:This could turn into "King of the Hill"

[schematic]

I held root on 3 of the games in the happyhacker wargames. I'd really suggest not getting involved though, because it's just a big thing to get people's info to add to the "Hacker information Database" on antionline.com. Yup, that's right, a big list of people involved with hacking that JP shares with the feds.

Anyhoo, tg0d (www.tg0d.org) is going to be hosting something like this of it's own. We aren't gonna keep a log of people's IP's or anything like that. And if you root a box, it's your as long as you can defend it for. Our games aren't up yet, but we have 5 boxes that are schulded to go up soon. So bookmark www.tg0d.org and come back later for more info.

P.S. Yeah, our page sucks.. it's not complete yet, we've been busy.

schematic

The more you learn, the more you realize how little you know.

A very good idea to route back the efforts, indeed

[arieh]

Kudos to the PPC guys.

No better way to detract from the interest that
Microsoft may have generated than to divert back the efforts of the linux community to a more
worthy cause - improving the security of our own systems.

Let's eat our own (dog)food.

Arieh

This could turn into "King of the Hill"

[slothbait]

The comment:

If you get in, please submit a better webpage than this :)

...made me think. Whoever can make it into this box gets to replace the web page with whatever they want...they become owners and get to be "King of the Hill". Plus, if they acquire root access, then they presumably have the power to patch whatever hole they crawled through, making the box that much more secure.

But what could really prove interesting is if someone tried to break in and steal from the stealer...knocking off the old King and resulting in a King of the Hill, and so on...

All the while, people would be stress-testing the system. And people will have an ego-incentive to discover security holes because, if they find a way in, they get to be "King of the Mountain" until someone else finds a new way to crack the box.

Oh what a game this could become!!!
--Lenny

Re:This could turn into "King of the Hill"

[Signal+11]

I'm already working on this with a few of my friends. We will post something if/when we can find a ISP with the guts to try it.

--

Re:uh.... real nice

[aqua]

Pray don't confuse firewalls with security. Machines behind a firewall are only as secure (from the big bad net, assuming they're connected to it, as most firewalls are) as the TCP/IP stacks and services that answer on ports accessible through the firewall and/or its sockets. Most firewalls that I've had experience with have closed off all ports except the ones that people needed to use from the outside -- and half the time that included stuff like pop[23], imap, smtp, etc., and on which the servers answering those ports tended to be way behind on their updates because people had this sense of security lent by the firewall.

Also, firewalls don't work from people who can emit packets from inside your firewall -- and that's surprisingly easy to do, either through coercion of the firewall box's network stack, compromise of a machine behind the firewall through some open port, or simply being behind the firewall in the first place (as in many corporate environments). If a firewall is configured to permit connections to ports 22 (ssh) and 443 (SSL http), there's no particular reason why an attacker can't arrange for a root shell to answer on one of those ports, and with most network installations no one would be the wiser.

buffer overflows and script kiddies

[nickm]

Unfortunately, the box is partly relying on the fact that all the script kiddies have buffer overflows that were written for Intel Linux. This is one of the arguments I've always had for staying away from a Unix variant that only runs on one platform--homogeneity in systems hardware and software was what made the Internet worm possible.

When I set up my first Alpha box, I knew nothing about security, but the script kiddies kept failing on account of their buffer overflows just crashing and core-dumping. It bought me some time to get a clue, at least.
--
I noticed

slashdot DoS

[fdicostanzo]

isn't just posting this stuff on slashdot a DoS attack? :)

Re:MS site is down

[pmmay]

They have a status page up. This is only from yesterday's activities:

8/3/99 Events
3:22pm - Network connections down due to router failure, possibly related to thunderstorms and power failures in the area

2:59pm - Network connections intermittently up

12:40pm - Network connections down due to router failure

11:02am - Services restarted

10:47am - Some services failed after reboot

10:45am - Reboot because the System log was full

10:30am - Network connections down due to router failure