Slashdot Mirror
Crack LinuxPPC Day 3:It Gets Better
So this ought to amuse ya: Its Day 3 of the Crack LinuxPPC, Win
PPC Contest that Jeff Carr has been doing. During that time, The
Win2k crack box has gone down several times... yet the LinuxPPC box
remains stable. Jeff has decided to make the game more interesting.
The machine is still crack.linuxppc.org, but the world now may know
that the Root Password is "linuxppc". If you can crack the stock
LinuxPPC box in a reproducable manner, you get the machine.
Its a stock linux install, so I doubt this is in place, but it can also be set up so su doesn't work for certain (or for that matter ANY users). If this IS set up, then there would be no way to log in as root unless you were at the console or you find an exploit.
But, being a stock install, this is probably not the case and therefore getting access to any shell account would be sufficient.
-Restil
Play with my webcams and lights here
Why so much? How do they expect you to run StarOffice if Linux takes up 160MB? Another example of Linux Bloatware...
Nonsense. Just like a web browser, the Win2000 guest book is an integral part of the operating system.
You could try to use traceroute.
Jeez, the guy cat'ed 2 /proc files in the bottom of the page! And one of them is cpuinfo (basic hardware info)! We also have /proc/meminfo and the result of the uptime command!
I wish. Silly firewall doesn't let it work from here. I'll have to try it from somewhere else.
Tried a number of times... can't get there. Still replies to pings, though.
You dumb twinky molester. How can you possibly use a web browser with your IQ? Are you high? Sick freak. Sick people.
Here you go
± 29 dB
NARC!
MS_COINTELPRO?
I wouldn't be the least bit surprised. It would only be a slightly more negative attitude than is often expressed in some of their AstroTurf campaigns they've run in the past over things like streaming media ("I can't use that Really Medium player or whatver. Why can't you use Windows Media Player instead? It always works for me!" (followed by M$ literally throwing money at the content company to as an 'incentive' to switch)).
Expanding a vast wasteland since 1996.
I think you may have misunderstood his point. Although It is possible to compromise the security of an individual user with these methods, it is not so for the OS/computer as a whole.
/' is usually the best way to completely destroy the system.
1. Because of protected memory, you don't have access to kernal memory as a user. So, any virus would have to somehow launch as ROOT.
2. A back orifice like tool would probably be able to compromise individual user security, but again, do little damage to the system as a whole, without adequate user permissions.
3. Same thing with macro attacks. Individual users only, unless the application did stupid 'suid' stuff.
Basically, to REALLY compromise security on a *nix boxc, you've got to have root access. When this is the case, I find the 'rm -rf
But that's just me.
____________/\ ____________ \/
--
Wonko the Sane
Look, myself and some others spent the last night scrutenizing this Windows box, here is what we found... 1) ONLY port 80 is active 2) The web server is only accepting "GET" requests. "PUT" appears to be disabled. and 3)it looks like they're truncating URL line length as their fix to overflow bugs. That's it.
Take one and two and tell me how this equates to any real world server. Sure I can put up any OS serving only port 80 and consider it secure!
What about realworld where your server is not on-site and must be remote administrated, or atleast, not on-site in your office, but in another building where your ISD group maintains it.
IMHO this whole set-up is a scam.
The goal is to get root priveliges not the root password. The root password doesn't give you crap if you can't figure out a way to log-in. There's more than one way to get there, ie buffer overflows, r00t kits etc.
---- sonoffreak
"The press are picking up on this, including some non-IT rags (see Linux Today). This is going to be a PR disaster of the finest water.
"Expect a(nother) name change for NT5/W2K sometime during the fall. That'll let them pretend it's a different product."
No, they'll merely change the slogan (drumroll please):
It just doesn't work.
a nice convention is:
DoS = Denial of Service
DOS = Disk Operating System
[root@slut /root]# nmap crack.linuxppc.org Starting nmap V. 2.12 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/) Interesting ports on (169.207.154.108): Port State Protocol Service 7 filtered tcp echo 19 filtered tcp chargen 80 open tcp http Nmap run completed -- 1 IP address (1 host up) scanned in 148 seconds [root@slut /root]# Anybody have ideas? I'll be in #cracklinuxppc on efnet if you do.. Saurus
Oh I don't know about that... nobody cares too much about the Win2000 machine, but if I had any cracking skills whatsoever I'd try my hand at the linuxppc in order to win the machine.
Doug
Venn ist das nurnstuck git und Slotermeyer? Ya! Beigerhund das oder die Flipperwaldt gersput!
now all you need to crack it is its physical location, a crowbar, lockpick, and possibly a spare monitor/keyboard.
He's kidding, right?
Has ESR forgotten that the internet worm of the late 80's used a bug in sendmail?
How is that any different than the Melissa virus on Windows? Both problems spread via an insecurity in the mail program.
Linux will disconnect you if you don't successfully login within a certain time. You didn't take down the box by pinging it.
I'm sure if they ask Bill real nice he could shell out some dough for a server and an NT4 license...
The only people stopping Microsoft from putting out a non-beta crack test is Microsoft. We can only guess why they aren't. My guess is that they think that W2K is more secure than NT4.
--The basis of all love is respect
>assuming that the jpeg wasn't put thru the GIMP first...)?
Well, I posted the link straight from crack.linuxppc.org so I can't vouch for how it was created. The link from the main page mentions SheepShaver.
I don't remember any of my Linux installs asking for a user account name and password at install, just a root password. Did it, and I'm just forgetting it?
Actually, they didn't change any real programs either. They just spoofed the (poorly written) bboard program. They tricked it to play back javascript code.
Lowmag.net
and what's up with that score=1?
It seems that Linux is winning this round against Windows. When Mindcraft did those benchmarks, those were under controlled conditions where the MS guys could tweak to their hearts desire and take advantage of what they knew would work right. The problem with the test was that it simulated network usage which is unreal when you compare it to a regular server hooked up to the Internet. Here we finally get a test of real server usage and Microsoft seems to be losing on this benchmark. I hope the media picks up on this just as it did on Mindcraft so that it can be said that just because Windows may transfer crazy amounts of information better than Linux, it doesn;t mean its a reliable server for hosting services on the Internet.
Andy Grove would kick Bill Gates in the nuts if they did that.
"The number of suckers born each minute doubles every 18 months."
-jafac's law
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
But it's DEAD now.
Damn, third day of thunder or what..?
If only the stock LinuxPPC install came with secure shell. :)
for the rest of this go to whatis.com
..."
"Bogomips is a measurement provided in the Linux operating system that indicates in a relative way how fast the computer processor runs. The program that provides the measurement is called BogoMips. Written by Linus Torvalds, the main developer of Linux,
To force reload even of cached pages and cached inline images in Netscape Navigator/Communicator, use Shift-Reload, or View|Reload.
Netscape's Reload button is crippled by design. Also see this page for more details.
1:00pm - Tuned IIS' performance options reset application protection to Medium, and rebooted.
8:54am - Changed IIS' application protection to Low and rebooted, site back up
In other words, "Dragged slider bar in IIS window to a different setting, and waited five minutes while the system rebooted and restarted most of the services."
"Tuned" my ass.
Wah!
No, it won't slow down sales a bit. It might improve them. I wasn't even going to think of Win2K before. but if it is released before the first snow, I'll buy half a dozen, grind up the CDs, and scatter them over my lawn. Should come up nice and green next spring;^>
--The basis of all love is respect
Actually, not the flipdown model (introduced with the 9600) or IDE (introduced in non-performas with the G3 towers), just plainol' 50 pin fast SCSI and possibly the worst case ever made by Apple. unscrew, yank case, rip out every cable and pull M/B to fiddle with RAM. ugh. still pretty nice machines, though.
What a slap in the face to M$. Genius. Even with the root password you still have to be better than the average script kiddie to get into this box. Of course it is all over if he opens up fingerd.
I believe that He's using BOCHS to run Win95 in this shot...
keep acting shocked and move slowly towards the cake.
The Windows 2000 server must be getting much more attention than the LinuxPPC server, so we aren't exactly comparing oranges and apples (macintoshes?). Of course, the LinuxPPC server has more service ports open and a well-known root password. :-) The web server at windows2000test.com is offline. The server responds to pings, but IIS doesn't serve any pages..
cpeterso
Ummm.... Shouldn't it be called osssh? (Open Source Secure SHell)
Pardon me for butting in... what do you mean, Windows 2000 is a relatively new operating system??? Correct me if I'm wrong (please!) but isn't Win2k a.k.a. NT 5? I'm pretty sure that it's "built on NT technology" (which is redundant, given what NT stands for, but that's okay, this is MS). What does this mean? Windows 2000 is not new, it's using a kernel that's been around for several years (I'm sure NT is at least as old as Linux, but I don't know, can anybody help me out here?). Of course, it has supposedly been improved over time, but I'm not sure...
-Matthead
I'm a bit confused now. How can it be called "cracking" when you have been given the root password by the owner? I thought the whole point of cracking was to *get* the root password (or some equivalent).
You are probably thinking that SSH allows remote root login, so you could get in with it.. That is an option in the config that anyone with security sence would turn off.
For example the Windows box is still pingable and the Linux box is not and thus not vulnerable to ping flooding/smurf attacks. Can W2K even be configured to deny icmp requests? I hope to god it can. If I put a box out on the Internet and asked people to break into it, this would be one of the first things I would do, along with disabling all services I didn't need. If it can't, then this is just another weakness in W2K.
Then what the hell is the contest about? Unless no daemons except http are running...
If this article were written about Linux we would be righteous in our anger
Non-Microsoft operating systems such as
Linux are invulnerable to macro attacks, immune to viruses, and can laugh at Back Orifice.
This is pure unadulterated bullshit and ESR knows it. I couldn't bring myself to read any further to see if he redeems himself so my apologies if he said "just kidding" later on. In his attempt to build up alternative OS's he has falsely stated that MS is vulnerable to attacks that are unthinkable in _all_ other OS's (or at leas Linux). What makes it all the worse is that Linux is far superior to Windows (especially 9x) in terms of real security. Let's stick to the facts and win on the level instead of trying to bead MS at their game of lies and half-truths.
To those who don't see the problems in ESR's statements, here's a quick rebuttal of the sentence above:
Vi has had macro attacks in the past and any application can have a design that allows macro attacks. They simply have to treat data files as scripts. While I can't think of an application that has such a vulnerability at the moment it does not make non-MS OS's immune since it is not an OS issue. MS has the responsibilty for Mellissa et al. not because they made the OS but because they made the programs (Outlook and Word) that were the vector for the worm.
Linux may be less vulnerable to viruses due to more attention to kernel security and memory protection, but it is also fair to say that not many people have tried. I would hesitate to call it invulnerable, but I'll concede the point if a security expert can convince me otherwise.
Laughing at Back Orifice is pure and complete BS. Crackers don't need to install BO, it's already there!!! Seriously, all BO is is a remote GUI. Most linux servers have X installed and everything can be configured with a terminal anyway, all they need is root access. BO may be a more stealthy, but a cracker needs to get Administrator access in the first place to install it and it is slightly easier to monitor for BO listening on one of your ports than it is to monitor all telnet and X connections for root activity.
In any case the name of the game is to prevent root access in the first place. I believe that Linux does a more comprehensive job of this, but we need real arguments, not lies, to win the fight.
--
"L'IT c'est moi!"
You gotta give M$ credit, W2K is very secure, if it can't stay up then no one can break into it! Tempest Unix System Administrator
Anyway, the only problem with this is the US export laws on encryption. Although it would be nice to have a free alternative... at least then non-US distros like SuSE could include it...
Idiot anonymous Crawford
In ANY context, "Denial of Service" is abbreviated DoS, not DOS. The poster made a mistake.
void post { post_random_comment("slashdot.org"); karma--; }
What would make a more interesting test is to have a competition between NT/2K and Linux where they would run a standard set of services (web, mail, maybe directory services). Then you unleash crackers on it and see what gets broken.
Really all this is doing is testing the security of TCP/IP stacks on both OS's, and the security of Apache vs. IIS serving up static pages. It's much more an Apache vs. IIS thing than a Linux vs. Windoze thing.
---
This sig has been temporarily disconnected or is no longer in service
Isn't exp(j*PI) = 1?
i.e. exp(j*PI) - 1 = 0
So you are giving -2 cents?
Share bicycle touring info worldwide: http://wheretocycle.com
> The /etc/securetty file contains a list of > terminals that root can login from. > By default (on Red Hat Linux) this is set to only > the local virtual consoles(vtys). Be very careful > of adding anything else to this file. You should > be able to login remotely as your regular user > account and then su if you need to (hopefully over >``ssh'' or other encrypted channel), so there is > no need to be able to login directly as root. Think before you flame. -- prodeje/too lazy to log in
>If they want the full range of skilled crackers
Who is 'they'? Lunux/PPC put one of their own boxes on the line for this. You were expecting maybe an PIII-500 running Slackware?
God I must be tired!
You're right of course!
I basically meant I wonder if Win2000 would run on a similar spec machine...
Yeah, you penis wrinkled mofo. Eat my fungus infested penis! Eat it!
I love that commercial. I couldn't believe my ears when I heard it...especially coming from HP!
> The /etc/securetty file contains a list of
> terminals that root can login from.
> By default (on Red Hat Linux) this is set to only
> the local virtual consoles(vtys). Be very careful
> of adding anything else to this file. You should
> be able to login remotely as your regular user
> account and then su if you need to (hopefully over
>``ssh'' or other encrypted channel), so there is
> no need to be able to login directly as root.
Think before you flame.
-- prodeje/too lazy to log in
We've had a lot of experience with these kind of DoS attacks. Our experience is that various NTs and Linux boxes bog down or eventually become non responsive; although the Linux doesn't usually crash per se. However, our BSDI boxes chug right along without even so much as a blink.
FWIW.
Meanwhile, the LinuxPPC has been chugging along, being attacked 2 million times an hour with no success. He's even tried to make it easier for people. No faltering, no crashing - even the Slashdot effect hasn't killed it. LinuxPPC has multiple processes open and even telnet - the W2K only had the webserver open. LinuxPPC is still cooking along, W2K couldn't even handle having one process happening and died multiple times.
"The router's down" - but a test confirmed that it was up. Weather? Other systems in the area at the same time were up, and the weather wasn't a factor in the entire time that the computer was crashing (what - 9 times now?). Excuses - if a company can't come out and say that they failed and will work to correct the problem, then they are dishonest and people shouldn't do business with them. You're going to trust your business and mission critical applications to these yokels? You never know when they're telling the truth or feeding you a line. At least with Linux you know exactly where you stand and where to go to fix any problem that may arise. No one is hiding anything in the Linux community - that's not how our software was developed. Open Source means Open. No lies, no deception. That's something I want to base my business on and something I want to base my mission critical apps on...
Get with the real world - dump your Microsoft fantasies and get on a real OS. Why do you think so many major computer manufacturers are supporting Linux? (Remember - Microsoft doesn't manufacture hardware - only software - so the industry leaders are still the hardware manufacturers that choose which OS to use). SGI is even talking about dumping Irix in favor of Linux. Can you seriously attempt to compare NT to Irix??? Sun is putting Linux alongside Solaris in their support. NT doesn't hold a candle to Solaris, regardless of what the proprietory benchmarks make out. The real world is Unix and Linux. The fantasy world is Microsoft. Sooner or later you're going to have to wake up and face reality...
Sure, that would make sense. But I checked at least a half-dozen web sites running LinuxPPC and none of the Apache's matched the behavior crack.linuxppc.org had.
--
The world is neither black nor white nor good nor evil, only many shades of CowboyNeal.
Hmmmm...nope!
You eigther have both boxes DoSed in equal measure to give us all a neat insight into how they cope under the same strain or you don't Dos either box at all.
Clearly the latter option is far easier to achieve, and is inherently more sensible as the entire competition is about cracking and not DoSing.
Anyone who attempts to DoS either machine is clearly a bit of a no-brainer as they're seeing a contest designed to be constructive and doing something destructive instead.
palantir:~> dlocate -s ssh
:)
Package: ssh
Status: install ok installed
Priority: optional
Section: non-US/non-free
Case closed
Daniel
Hurry up and jump on the individualist bandwagon!
Note the difference in loads:
linux ppc:
load average: 0.22, 0.25, 0.23 (equals about 25% processor usage, right?)
windows:
% Processor Time Avg: 30-47
Back in the old days on 42nd st, and still on the steps of the NYC library, you often hear that call. It's the answering cry to the "loose jay" bird.
For everything you ever wanted to know about this topic, visit the BogoMIPS mini-HOWTO
Melissa worked because it used actual features of the system, such as treating data files (spreadsheets, documents, etc.) as programs, and without any security checking. (You see how well warning the user that there is a macro worked.)
The difference is they fixed sendmail. Another Melissa can come along any day. Next time it probably won't be a Macro. There is now a problem in excel 97 that uses ODBC to take over the machine, without any warning.
There are some folks at stanford with an open source Secure Telnet and Secure FTP that they've built up around their Secure Remote Password protocol.. Give it a look http://srp.stanford.edu/srp/
> they are going to have a MAJOR PR coup.
/.!)
I disagree. Remember that the audience for these stunts is the world's PHBs. They don't know the difference between a crack and a DOS attack (or a crack on the DNServers).
Sure, MS will have some excuses -- maybe even some good ones -- but the outstanding fact for the PHBs will be that MS put up the challenge and the box did go down. Repeatedly. And after the fiasco of the DOJ trial, where they were repeatedly shown to be liars and falsifiers of evidence, those excuses/reasons are apt to ring slightly hollow in ears that don't know how to weigh them. The seeds of doubt have been sown.
Also, those PHBs will hear that the content of the Web site was changed by 'hackers'. We all know that it was a BFD, but the PHBs don't. Or, if some few happen to know it, they'll be asking themselves: Have I been buying software from a company that is stupid enough to leave such a simple and obvious leak when setting up a security challenge?
Ditto for all the other downs, even if a few PHBs believe MS's explanations and realize that none(?) of the problems really represent cracks [see, even I can't say 'none' with full confidence!]. PHB: Have I been buying software from a company stupid enough to leave so many simple and obvious failure modes when setting up a high profile demonstration of their newest flagship product?
No, the egg won't be on any penguins' faces.
The only question now is deniability. How will MS wriggle out of this one? My prediction is that they will say it was an unauthorized test by a subcontractor or a couple of rogue employees, that MS proper had nothing to do with it, and that besides, it wasn't an up-to-date build anyway. The real thang is secure and it don't never crash. (Remember, you heard it first on
Sheesh, evil *and* a jerk. -- Jade
Most buffer overflow exploits are incredibly platform-specific. This would be a more realistic contest if they were running an Intel / Linux box (which most exploits are designed for).
Nah... People will buy shit, even when they know its shit, especially from M$! '98 crashed during a big demo right before its release. Did that slow down sales?
You are a fscking moron who obvously doesn't have anything better to do than post anonymous messages on /. attempting to showcase his feeble intellect by being the tenth person to imply that he knows the difference between DoS and DOS.
You people make me downright nauseous.
void post { post_random_comment("slashdot.org"); karma--; }
Can't stop is if you can't start it, eh?
void post { post_random_comment("slashdot.org"); karma--; }
For my choice, I run Linux at home on my new AMD K6-III 450 toy.
Apparently its down again at 1855 CDT. Not much of a test on my part, I just followed the links from the news article. linuxppc replied and loaded immediately, whereas MS never even replied.
In the immortal words of Socrates, who said; 'I drank what?'
I think this "BOCHS Lite" you are talking about is known as Freemware. Find the link on the right side of bochs.com
Read the stats:
Memory Usage:
MemTotal: 158760 kB
MemFree: 19468 kB
MemShared: 123140 kB
Buffers: 9432 kB
Cached: 72416 kB
SwapTotal: 67468 kB
SwapFree: 67468 kB
There's 72M of memory being used as cache.
Notice that the swap has not been touched. We
don't get a ps to see how many copies of httpd
or anything else are running...
Good judgement comes from experience, and experience comes from bad judgement.
- W. Wriston, former Citibank CEO
Well, based on the same logic Linux must be DOS because it also has a command line and I can use some DOS commands (like `dir' and `echo') there.
Well then, by your analogy, Microsoft should be running the test on a NT4.0 system, because as you said, "Many exploits are platform specific." W2K is different than NT4.0, and the same exploits most likely aren't going to work.
How many people use Linux on PPC versus the number of people who use W2K on Intel?
--
For every post, there is an equal and opposite re-post.
I for got my darned password. jlcooke@engsoc.carleton.ca I wrote a 20 line JAVA console app that makes continuous connections to port 80 of a vitim machine: import java.net.Socket; public class ports extends Thread { public static void main(String arg[]) throws Exception { int num = Integer.parseInt(arg[1]); Socket[] sock = new Socket[num]; System.out.println("!"+ arg[0] +"!"); sock = new Socket(arg[0], 80); for (int i=1; i The sleep bit at the end is if you asked for less than 0xffff ports and you want to keep them busy. It's not acctepting connections there any more. :) Note to all: I'm not a cracker. It's just my observation that that's all they're giving me and it takes memory to answer a call on the http port, this sould hurt them in some way. Am I right?
. . . never mind the 600 meg MINIMUM disk space required.
"The number of suckers born each minute doubles every 18 months."
-jafac's law
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
> "Microsoft killed DOS a long time ago!" DoS killed the Microsoft server a long time ago! And it's *still* down!
you stupid jackoff. DoS isn't cracking. You shouldn't DoS either box. I say again "DICKHEAD".
PowerMac 9500 132 Mhz 604 Processor Its a first generation PCI tower 6 PCI slots 12 DIMM slots 4 SCSI II wired bays Two 10BT ethernet ports SCSI I port printer/modem and ADB ports It was the top of the line PowerMac 3 years ago Upgraded to a G3 , very tasty!
Actually, you could argue that the console on NT *is* a DoS (not DOS). Try running a console program and watch it eat 100 percent of your CPU and still run slowly...you know, use the QuickBASIC editor or something.
No wonder Microsoft is so durn rich.. They have the largest software testing department on the planet and they don't pay them a dime. I wish I could hire free engineering, I'd be as rich as Bill Gates is ain no time. Way to go people! I need my lawn mowed, so maybe I will set my mower out on my front porch with a sign that reads "Betcha can't mow my lawn, betcha, betcha!"
This type of Media Stunts(tm) have no ``real industry value''. It just takes a couple of losers with DoS scripts to completely wreck the comparison, and there seems to be pretty many of that kind around...
I wouldn't be surprised if someone at M$ could predict this outcome, only to be trampled by marketoids.
____
ZZ
shift+reload I just did it 10 time in a row, hee hee I hope they weren't loggin my ip address.
You're welcome. :)
--Tom
Tom Geller
Hun? Acording to MS's webpage W2k requires PII350+ and 64megs ram+
Try posting some pro-M$ blather
Blather really should get moderated down. Now if someone posts something thoughtful and intelligent that is pro-MS and they get moderated down, then something is wrong. I don't see that happen much (people posting anything intelligent that is pro-MS, let alone it getting moderated down), and when it does happen, someone else will usually moderate it back up.
no one here owns MicroSloth stock
I certainly don't own any, but I'd bet there are quite a few people who read and even post on Slashdot that own Microsoft stock. And I'm not just talking AC's or obvious Microsoft apologists either.
As for your assertation that people aren't working as hard to get into the Linux box, I don't know if that is true. They are offering a real, tangible incentive (you get to keep the box if you get in). That is a pretty good reason. And unlike Microsoft, whom many wouldn't care to do debugging work for gratis, lots of people are happy to help out Linux developers.
It would be kinda hard for the LinuxPPC people to run LinuxPPC on a non-PPC platform, wouldn't it?
not mad or anything, but last I checked LinuxPPC ran on non-intel processors.
In case you ["didn\'t notice","have no sense of humour"] this message was posted completely out of fun.
Lowmag.net
Know one can crack either box really, because they are closed up tight. Everyone is Dosing the boxes, and chances are that MS has a better box than the 604 with 160 megs of ram that linuxppc is on. This is getting fun, why can't someone set up a box with a beta of w2000, linux(whatever dist or multi distri), MACOS X, FREEBSD, Solaris, whatever. Then post it on Slashdot and see who wins.
As has been stated before, ssh allows root login by default, but that can easily be disabled in /etc/sshd_config. just say "PermitRootLogin no" Easy...
As a matter of fact, I could care less if some kid breaks out a bunch of spray cans and does a graffiti mural - provided it's tasteful and not just a bunch of gang/hatred symbols thrown together. I could care less if someone wants to throw a DoS attack at a box or spoof their IP all day long.
Hackers hack, crackers crack, and me... I write code and manage the systems here at where I work. Never once have I had break out a DoS or Spoof to do something productive. Do I know how to do these things? Yes. Do I see a need to do these things? No. Am I going to campaign to take away someone's rights to do these things? Hell no. It's a free country - do whatever the hell you want. Just don't come bitching to me if you do something illegal and the law clamps down on you...
"You did WHAT to WHO for BEER MONEY?!? Jeez, man - you don't even like beer..."
the Windows box is still pingable
Pretty hard to ping it if the network interface is down due to reboots... the Linux box is not
Really, tell me where i can disable the "ping service"? You can stop pings by setting up firewalling, but MS chose not to do that.
As for the percentage of DoS attacks vs cracking attempts, what do you think the chances are of being able to figure out an exploit remotely, from one service, with no source or core dumps to get information from? Also, Microsoft offers no reward for your effort, you actually get something if you crack the Linux box.
But they never once manage to compromise the security and access information they were not supposed to be able to."
Like so many others have said. you can't compromise security if the box isn't up.
If I could post something good about Microsoft I would.
Let me say they are on my mind, but Linux is on my computer. That is good enough for me, was it good for you?
see subject.
Could some kind soul point me toward a link with an explanation of this whole port number thing? I'm assuming this is something entirely else than serial or parallel ports.
I see even classic Slashdot is now pretty much unusable on dial up anymore.
hmm - you raise an interesting point rebooting is also a way of dropping connections that are getting close
Oh, knock off the BSD FUD. So what. It's a bit more efficient or whatever. You only have so many CPU cycles. Either the box a) becomes less responsive b) drops packets c) crashes (bleh) So the BSD might be a bit more efficient and have a higher (constant) margin before a, b, or c start happening. So what. I can add a bit of margin on Linux by pumping up the CPU or adding some RAM, too. You *can* overload a BSD box with a certain amount of packets. Same goes for *any* OS. May not crash, but it can't handle unlimited network load. We still don't know that the BSD box doesn't crash when it gets overloaded...
let me say right off that I'm a Linux fan just to get that out of the way so take what I have to say as you will If I had the "skeelz" to hack a server I'd be trying to hack the PPCLinux box more than the Windows2000 box even tho I hate MS with a passion There's not a whole lot of hackers who would rather say, "I hacked a Windows2000 box" than say "I hacked that PPCLinux box and I got that baby sittin in my bedroom now" If you ever jump into a channel filled with "hackers", you'll find that 90% of them will laugh at you if you said you hacked a Windows box because in their eyes, hacking a Windows box is child's play. Hacking into a *nix box gets more respect. And that's what hackers want, they hack because they get respect from their peers. Not only do they have this reason to hack the PPCLinux box, but they also have the chance to bring home a pretty hefty piece of hardware. that's just my 2 cents
Maybe "platform specific" wasn't the correct term. "Architecture specific" might have been a better choice. I'm talking about the underlying hardware.
Most buffer overrun exploits (for example) rely on assembly language level techniques. Such an exploit for x86 is not going to work on a PPC.
- Speed
DoS against the Windows machine is encouraged because it camplies with the stated objective of the "contest" - to stress-test the machine. DoS against the Linux machine is discouraged because it does not comply with the objective - to break into the machine.
Ok, so that was sort of weak because Microsoft only asked us to stress test it in a specific way which did not include DoS, but my next point is better.
DoS against the Linux machine impedes the ability of others to attack it, and thereby reduces their ability to get a free machine.
DoS against the Windows machine impedes the ability of others to attack it, and thereby reduces the amount of free testing Microsoft gets (of the kind it wants).
If the cracker's aim is not to work for Microsoft for free, he or she should aim DoS attacks against the Windows machine, but not against the Linux machine.
This is probably a stunt for LinuxPPC to show that it's more secure than Linux x86 - for that very reason. Not a bad argument.
"The number of suckers born each minute doubles every 18 months."
-jafac's law
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
Hey, Geek Boy knows how to spoof IPs. He's sure 3lit3. Wow. ("You probably don't even have a clue of what the real use of denial of service is"...and you do.) Gee, I'm impressed. No one mess with Geek Boy. Slamming newbies is poor behavior. You were once one. Compared to some, you still are. Don't rag on those that know less than you.
The Linux deathmatch is delayed so we're watching a pirated copy of Star Wars on a projected screen right now. Au revoir!
"That's an application, not Windows 2000," he said.
"It's been up for most of the day today," he added.
Now that's comedy.
Ivan.
I guess there's some argument for threaded webservers, then...
I am just curious. What's a BFD? Do you have more info on what was actually done to the guestbook? All I know is that it was compromised. (Seems to me that at this point, if they had a prise to give they should have given it. but they don't, so that point is moot)
--- Tao
The test used four NIC, with one bound to each processor. With an unbalanced workload on the networks, or an unequal count of NICs and processors NT would have done dramatically worse! That's what is meant by a "cooked benchmark". Microsoft selected a configuration that that was optimal for their latest release. The same configuration would have sucked with their earlier releases.
I try logging in with linuxppc as the pw and it says "login incorect". what gives?
hahahahhahaha.... *8-)) almost fell off the chair when I saw this...
Unixen, actually. I wish I knew why...
It's not a bug, it's a feature...
No, NT is based on VAX.
A deep unwavering belief is a sure sign you're missing something...
I don't have an axe to grind against Microsoft. I'm simply a business user looking for a secure and robust operating system for Internet applications. I've run both WinNT and Linux for years.
I look at the Windows 2K log and what I see mirrors my experience with WinNT: a lot of reboots for fairly minor things (tweaking the web server and tweaking tcp/ip). I look at the Linux log and I see stability.
The bottom line is that NT is not as stable as Linux for Internet applications.
was that supposed to be some weird subliminal racial slur in Arnold's name?
i wonder if for a day or two, since everyone is either trying to break CRACK or the windows box if therer are less people trying to crack other systems. just think, windows and ppc linux made the day a little safer for some of us. ; ) --mr.blank
Look at the Win98 kernel a little bit closer boy.
Using Mach's message passing is just as bad
as basing your OS on DOS, anyhow. Ick ick ick ick.
--
Care about electronic freedom? Consider donating to the EFF!
More accurately, that IIS uses multiple processors better than Apache.
Time flies like an arrow. Fruit flies like a banana.
Oh, I get it now, yer K3WL if u DOS the M$ box, but a "dickhead" if you do it to the Linux box... another shining example of Linux "objectivity".
Crack has not yet 'gone down', per say. It is, however, under an extremely heavy load. Because of that, sometimes you cant get through on one service, but more often than not if you cant get through on HTTP you can still ping it or telnet in. In any case, you also have to remember that Crack is a much, much slower box than the Windows 2000 test box. Its also more than likely on a slower line. Id be willing to bet that the people who have been DoSing Win2k are now turning their attention to Crack, and that is probably why you are having trouble getting through.
At least compared to capabilities system. Check http://www.eros-os.org/ for a really secure OS :)
AFAIK most companies pay for bandwidth for their service, as in a certain amount of money per certain amount of data coming across the line. Surely this episode must be costing M$ a fairly large sum of money, as 250 packets/second would add up pretty darn quick. I also hate to think of how much the average net lag has gone up because of this. One second? two?
ìì!
after this contest is over will the configuration be posted for public consumption?
Pork is not a verb
The last time I checked, it worked like this.
exp(j*PI) = cos(PI) + j*sin(PI)
= -1 + 0
= -1
It OK though. One of my systems professors repeatedly uses the "fact" that exp(j*0) = 0
:-)
--
"L'IT c'est moi!"
Some may be encouraged by peer respect, but anyone who hacks purely for the respect of their peers does not embody the true hacker spirit. The true spirit is the thirst and pursuit of knowledge.
Sorry to attack you on a tangent, but the misrepresentation of hackers hurts all of us.
Mitnick never jumped onto IRC and blabbed how 1337 he was by social engineering a copy of the Solaris source.
"Ahh... The net is vast..." - Maj. Motoko Kusanagi
I always thought that load average was the number of processes running, over any given amount of time (with 3 averages). I'm going to assume that I'm right, because it seems to be a pretty good definition.
Then again, NT==DOP (Denial of problem)
hahah you idiot.
Oh, please, showing that you know what DoS stands for proves you're inteligent, uh? Get a life, at least his posts was way funnier than yours.
Alejo.
Yeah, but lately it's way more slashdotted than usual. I can't even get into the main page for this topic(banner ad and topics banner loads, rest of page stays black and just sits there), I have to go in through my user page to the one comment I got in hours ago and thread hop from there. I've gotten several "no DNS entry" messages about the slashdot main page. Sumpin ain't right.
I see even classic Slashdot is now pretty much unusable on dial up anymore.
Dont ask me why, its true. I have a 98se box at home and a NT4 box at work, and every memcheck prog available always shows all memory as used. I have 96megs of RAM on my home box, and despite the fact that all these progs say all the mem is used (with no progs running), I can start up about 10 ftp uploads and downloads, be playing an mp3, and still play q3test at 800x600 smoothly(20-30fps)! yeah it crashes 1nce a day, but hey, I'm simpleminded!
And additionally that DoS attacks aren't restricted to pingflooding a machine, but are globally defined as any method which makes the machine lose its connection, or further screw it up remotely, which would be a valid test of linux's security (something wouldn't be too secure if people can easily do the same thing as when reboot is run on a root shell)
There are more pieces of complete, utter, tinfoil crap driving around on the roads than, say, Okas or Saabs... but does that make foil-wrapped death-traps better than well-engineered vehicles?
:-P
> WHat's the reality with Microsoft now?
The reality is that the carefully prepared W2Ktest site has died in the ass more often than I've had meals, and that skulking along with one brain-dead service, and the stock-install multi-service Linux box has been plugging along happily for three days.
The reality is that MicroSoft LIE when it gets broken (or broken into) - the pitiful "weather" excuse being clearly visible on globally accessible weather-radar images for the farce that it is - and always have behaved like this, and (it seems) always will.
As for MindCraft, name (or URL) me just one commercial (i.e. real world) website that serves only static pages less than 4k bytes long from RAM, and needs to shove those out a pipe 4x100M bits wide. I betcha can't! Betcha, betcha, betcha! Nyaaah!
When you (anybody) can do that, I'll admit there's some point in their benchmarks - and did you notice that the second set of results were different in places by more than double? - and did you notice that all related bottlenecks in Linux or Apache were fixed within a week? - and did you notice that they didn't use khttpd for the test, which would have been much more appropriate for small flat pages? - and which real-world webmaster uses four logging partitions on their NT box? and... well, you get the idea... (-:
Got time? Spend some of it coding or testing
No http, traceroute dies after the router (.250)
How sad.
Got time? Spend some of it coding or testing
3:54 CST
The Linux box is under pretty heavy DoS. It is dropping about 25% of my pings but it is STILL up, no reboots and STILL serving web pages.
There is almost no packet loss on the Windows end of things, indicating that no one is saturating their network, though it is probably suffering DoS attacks of its own. The machine is pingable but the web service is D-E-A-D.
Just thought I'd post this since M$ seems to edit the boo-boos out of its "Status Log" every few hours.
--- Tao
And if bad weather hasn't been enough for the Microsoft team, there is also a total eclipse coming up. Oooooh! Bad omen! :-)
-------
Warning: Slashdot may contain traces of nuts.
Im no l33t d00d or nothing, But i did a traceroute to www.windows2000test.com and it seems that they have a firewall between there server and the internet. I think that is what is repling to the pings. check port 80 of the f/w...its not even running MS software.
I have to return some videotapes...
Hey dude, I ain't defendin' Windows here, but if I had a dollar for everytime a salesman demoed my software before it was ready to be demoed I'd be a rich man.
Someone on BugTraq speculated, quite correctly IMHO, that one reason LinuxPPC may be holding up so well is that nobody has yet ported existing buffer overflow exploits for Linux apps to the PPC architecture. Thus, a large class of potential holes is less likely to be exploited than if the machine were running x86 Linux (any flavor).
Can someone who has experience writing exploits evaluate whether this hypothesis is reasonable? Are buffer overflows sufficiently easy to exploit that known holes would have been used by now?
No shit sherlock.
Not so cheap a machine...that 9500 will take a 400 mHz G3 upgrade just fine, and it's the last of the 6-slot motherboards, with 8 ram slots. That's a box with a lot of potential. True, the box goes for about $1000 or so on the market, but linuxPPC.org doesn't exactly have the financial resources of a MicroShaft :-/
It's really not any kind of straight across comparison. All the BogoMIPS count indicates is the length of a particular timing loop used in the kernel. If you take the BogoMIPS rating from even a pre-MMX Pentium and compare it to a Pentium/MMX, they will not match up MHz-for-MHz, neither processor or system bus speed. The same applies for all other families of processors as well. It's really not very meaningful at all. That's what the 'Bogo' means - as in 'bogus'.
Sam: "That was needlessly cryptic."
Max: "I'd be peeing my pants if I wore any!"
If they want the full range of skilled crackers, they need to set up a box on Intel architecture. Many exploits are platform specific. Since x86 is most widespread, exploits for this platform are more widespread also. Stupid example: most buffer overrun exploits aren't going to work on a PowerPC. Yeah one could argue that they should use the most secure platform available - even if this is a PowerPC. But if the comparison is to have real industry value, then it should be done with the most widely used hardware. And if an Intel / Linux box still withstands the attacks, then so much the better. - Speed
If they want the full range of skilled crackers, they need to set up a box on Intel architecture. Many exploits are platform specific. Since x86 is most widespread, exploits for this platform are more widespread also.
Stupid example: most buffer overrun exploits aren't going to work on a PowerPC.
Yeah one could argue that they should use the most secure platform available - even if this is a PowerPC. But if the comparison is to have real industry value, then it should be done with the most widely used hardware.
And if an Intel / Linux box still withstands the attacks, then so much the better.
- Speed
I am assuming BFD meand Big Fscking Deal
Could be Bitch Forgot Diaphragm though.. you never know
maybe even Booger Flicking Debian users
www.mp3.com/Undocumented
I've just spotted a "Crack crack win crack" at the bottom. Is it some kind of bait, or is it that someone did it but was too lazy to put up a nice web page?
-- Fast, Cheap, Well. Pick two.
Tell me how to crash a machine by overwhelming it with too many packets. I have a 486/20 Linux box on my ethernet and I can saturate it with complete garbage and only raise its load average. I have even tried injecting raw noise with a pulser and other nonsense and it had no problems. I was unable to find an exploit on one of my boxes. Perhaps you can?
Ah, I just loaded the home page of crack.linuxppc.org, and yep, they're using BOCHS. Sweet.
Gotta ask: is any1 using BOCHS out there? How do you like it? How is the performance?
And also: Could we convince its creator to come out with an Intel version, just so folks can use Windows apps under Linux without rebooting (or praying that WINE might actually do the job)?
Essentially, what I'm asking is: Would you think that a "BOCHS Lite" that doesn't bother emulating the Intel instruction set be worthwhile? It could allow alternative OSes to boot under it (just in case you actually needed Windows for something)..
-----
".sig,
I can see where you're coming from, but let's look at it this way. If the LinuxPPC box were to install a version of WWWBOARD which still had that passwd.txt vulnerability in it, and someone cracked the password and took over the message board for a few hours, that doesn't mean someone owned the box, they owned the message board. Now I know one's a message board and one's a guestbook, but still. I dunno, maybe I'm totally wrong, but I'm gonna have to stick with the idea that it actually was an application that was changed, and doesn't mean the system was actually comprimised.
I will concur that it is ridiculous to flood a machine with packets in an attempt to bring it down - this is a valid point. There are other, more elegant ways to bring about the demise of a machine on the net.
However...
I misinterpreted your response? let's take a quick look at it:
"I hope all you fucking denial of service assholes get what's coming to you... a big bill from the telcos and isps and a trip to federal prison. I see that as no different than tying someone up in your basement and not letting them go to work. You probably don't even have a clue of what the real use of denial-of-service is."
It's no wonder I missed your point.
First off, if you were trying to make a rational argument then the inflammatory language was totally unnecessary. Secondly, I wouldn't call any use of a DoS, for whatever reason, actual and legitimate.
You yourself agree that there is no need for spoofing in any form and no need for DoS attacks in any form. If there is no need for DoS, and no need for spoofing, you just killed your own argument that there is an actual use for DoS.
Q.E.D.
"You did WHAT to WHO for BEER MONEY?!? Jeez, man - you don't even like beer..."
Execpc in Milwaukee had problems with onje of thier routers last nite. I use ISDN dialup thru them and wasn't to happy. Anyway, everything puked past this box: bash-2.02$ traceroute crack.linuxppc.org traceroute to crack.linuxppc.org (169.207.154.108), 30 hops max, 40 byte packets 1 208.212.81.1 (208.212.81.1) 0.936 ms 0.949 ms 0.864 ms 2 e0-supranet04.supranet.net (205.164.161.7) 7.226 ms 7.733 ms 7.280 ms 3 e1-supranet01.supranet.net (205.164.161.1) 8.014 ms 7.250 ms 8.417 ms 4 558.Hssi5-0-0.GW3.CHI1.ALTER.NET (137.39.130.65) 13.850 ms 13.837 ms 13.424 ms 5 104.ATM2-0.XR2.CHI4.ALTER.NET (146.188.208.62) 13.758 ms 14.926 ms 14.071 ms 6 194.ATM9-0-0.GW1.CHI1.ALTER.NET (146.188.208.157) 15.742 ms 14.623 ms 15.221 ms 7 norlight-gw.customer.ALTER.NET (137.39.130.178) 15.052 ms 14.686 ms 14.740 ms 8 inet-gw300.execpc.norlight.net (207.170.6.74) 19.209 ms 19.331 ms 19.009 ms 9 2-18.atm1-0-0.rtr0.nbl-wi.execpc.net (169.207.50.161) 23.259 ms 23.633 ms 21.658 ms 10 vl2.sw1.nbl-wi.execpc.net (169.207.50.250) 21.039 ms 20.432 ms 19.654 ms 11 dslmux0.execpc.net (169.207.36.202) 18.932 ms 20.632 ms 23.516 ms 12 169.207.154.108 (169.207.154.108) 38.815 ms 30.807 ms 27.400 ms Which would explain not being able to see the crackme box.
--- Think of it as evolution in action ---
I already posted possible user names, now try telneting in and guessing his password. -generic
I have had load avrg's of 8.0+. So does that mean im usinf 800% of my CPU? I sure as hell dont know. BUT i think a load avg of 100.0 = 100% of the CPU and RAM is used...and the computer stops doing anything.
I have to return some videotapes...
Over 1 million NEW copies of DOS were purchased in 1998! This software came from Caldera (DR-DOS), IBM (PC-DOS) and Microsoft (MS-DOS). In the case of PC-DOS and MS-DOS, these shipments were the result of large organizations installing old software on new machines for some dedicated purpose.
There is a project called lsh with the goal of implementing the ssh protocols in open source. Is anyone familiar with this project or the current quality of the software? This sounds like something that should eventually be in every distribution!
Geeky modern art T-shirts
>Well, based on the same logic Linux must be DOS >because it also has a command line and I can use >some DOS commands (like `dir' and `echo') there.
:)
:)
Um, no, that is a UNIX-like command line.
Now, pop up a GNOME-terminal and NT-cmd and lets see:
dir: Unlike dos/NT this just displays the directory, the closest Linux eqv. would be dir; df.
echo: yes this is similar
then try some dos commands in each like 'copy', 'move'. These will only work in NT/DoS.
And some unix commands:
grep, fgrep, egrep, which, etc... these will only work in Linux/UNIX
I don't see any shame in Linux being UNIX based.
UNIX is the close to being most powerful, flexible and mature OS in existance. It isn't really designed for end-users, but it could form a good basis for one.
There is also nothing wrong with NT being based on DOS. DOS is a little primative (no multi-tasking, no GUI, no security, 16-bit, etc.), but this also means that is simple. It is _very_ easy to admin a DOS box.
What is a little annoying is that MS tends to make such a noise about NT being more modern than UNIX, because it came later and because NT has now moved to 32-bit from 16-bit etc. The original UNIX's may have been 16-bit, but in the UNIX world 32-bits it considered a little behind the times. Every modern Unix (including Linux) supports 64-bits - even the Nintendo 64 (ahem) 'Enterprise Class Games Machine' is 64-bit.
OS's are not a static product, they are improved over time. So the 'newer' product is actually more primitive.
Also more bugs & holes will have been found and fixed, so... toast 'em linuxppc.
We use GNU/SunOS.
What about win9x? ~unyun~
The MS box is also taking a lot of packeting... multiple channels on IRC are bragging about how many packets they can hit the Win2k server with... Regardless of OS, without good firewalling, any sort of box will crash if it is packeted heavy enough...
:P
When i asked a few of them if they were going to packet the PPC box, they called me a blasphemer. Way to advocate linux.
(for the record, i run 2.2.10 with firewalling. so dont jump all over my case.)
"and no, im not the spot working for Transmeta, although i wish i was..." -- ~spot "i'm the epitome of public enemy..."
AFAIR the ssh v1 protocol is free and fully open. It has even been submitted as an internet standard and as such requires a second independend implementation to become one.
Only the software distribution has some restrictions on commercial use and redistribution of derived products. And I don't mind those restrictions in this case, because the software gets the job done and is more or less bug free (very important for security soft). If you want free beer, go somewhere else.
If you go follow the link that I gave it says that. :P
...the anniversary of Hiroshima and Nagasaki.
Boom!
Boom!
Good judgement comes from experience, and experience comes from bad judgement.
- W. Wriston, former Citibank CEO
It seems to me that what the OSS community should be doing with this is making the most of what this shows about Win2K's uptime. The server logs show that M$ still haven't understood that rebooting a server just because a change has been made to the TCP/IP config or the httpd config is not a good thing. So what you get when you buy an M$ product is: guaranteed downtime. So knowing this we need to ask the question: why does it work like this? The answer is of course that M$ do it on purpose so that you have to have one machine per service - one SMB server, one IIS server, one SQL server etc etc. That way they get more money. So is the Win2K box running SMB services to the internet? If all it's running is IIS, this is going to prove diddly about Win2K's security. It might prove something about IIS's security, but we shouldn't let M$ get away with pretending it says anything about the OS's security in general. Just my 3d.
Just go to DEFCON next year and play this. It's called capture the flag :P You get to fuck with all sorts of Server OS's.
(`._(`._( , , . JimmyPop[nL] . , , )_.)_.)
Hi guys, I was thinking about a way to hack the Linux box. The stock linuxppc install comes with X running by default. Hopefully it's still on. If it is, is there a way we could run a remote application to connect to the server? I know you can do this, but I havn't tried it and don't know if you need to add privledges on the server side. Well, just an idea.
-Ed
Not every application on NT has root access. If your machine is configured well (by default, it most definitely is NOT), no application can write to, say, c:\winnt, unless it is being run by a user with Administrator rights. Which your normal accounts should NOT have. However, people usually do not lock down NT workstations in this manner.
You just can't ping it (no ping floods/smurf attacks). Try telnet. It'll give you a login prompt (which reminds you that you can't telnet in as root).
I've been collating articles and various observations at
:) Please don't confuse them. ;)
www.linuxppc.com/crack/,
which is not the same as the crack target server, crack.linuxppc.org.
-- haaz.
I believe that crack.linuxppc.org is not on the connection as linuxppc.org, but on a smallish dsl connection of Jeff Carr. So that would help to explain the general hesitation of the site, but I am sure the old 604 132mhz doesn't help out... remember Microsoft2000test.com is on a fast T1 or T3, hooked up to a fast 350mhz PIII.
Don't you just love the way the headline reads "Microsoft hacker challenge foiled" in nice big letters and then in the fine print explains that it wasn't MS foiling hackers but the challenge itself that was foiled. (I said hacker 'cause they did)
("Foil Hackers, cover your equipment with Renyold's Wrap!")
I see even classic Slashdot is now pretty much unusable on dial up anymore.
The spelling you're looking for is "unices". Similar to "matrices", "indices" or "vertices" (the plurals of "matrix", "index" and "vertex", respectively).
BTW, I wouldn't normally have mentioned it, except that you put a "(sp?)" in. I took that as a request for the proper spelling.
(Just got off a week of copyediting at my volunteer job, and still haven't quite gotten out of copyediting mode!)
Kai MacTane: Web developer for hire in San Francisco
I was there at 2.40, or 1.40 my time.
Good judgement comes from experience, and experience comes from bad judgement.
- W. Wriston, former Citibank CEO
Subject says it all.
I think what you meant to say was "Microsoft themselves put W2K server out there for public display, knowing crackers wouldn't expose any new flaws." This way, they get to say W2K is secure because, gosh darn, it survived an onslaught from the worse of the worse of the baddies from the internet. However, nothing could be farther from the truth. These types of contests don't mean a damn thing. For a good expose on why, read The Fallacy of Cracking Contests.
BSD is supposed to be the most stable OS out there, right? but how can they tell? what are the tests or the methods with which they can claim it's more stable than linux for example?? should we put a "crack this BSD box" instead of a linuxppc box ?
No, not a completely new OS...
If your careful, you can get OS/2 SYS errors to pop up under NT4 still to this day.
Nuf'said
NT beat Linux on the single processor test too.
As long as "the weather" takes the Win2k box down you won t get known as the one who cracked win2k. Why should they (MS) admit they were cracked? Youll just be the dumb ass who points out security flaws to them (something they sholud do on their own). So why bother? (Still AC, couldnt get the registration to work for me:(( )
I don't believe they are running X on there, the box has been set up for security, after all, it's not someone who took the machine, installed LinuxPPC and Apache, and then left it on the net with only the essentials of configuration. The only real services running on there are telnet and http.
That's called a type. Geez... W
To be fair to Microsoft (not because they deserve it), shouldn't there be a non-beta to non-beta contest; in other words let Microsoft set up a server running ("the unstoppable")NT 4.0 for people to take a "crack" at, and compare the results of that to the Linux machine.
(NT 4.0 is out of beta, isn't it?)
I see even classic Slashdot is now pretty much unusable on dial up anymore.
Just to point this out: finger is disabled by default on LinuxPPC R5, and is usually not even installed by default.
;-)
Next?
I don't think many people are trying to actually get into the Windows box. I think you have tens of thousands of script-kiddies slamming it with denial of service attacks. I doubt very seriously that the Linux box is under the same DoS load as the Windows box. Most of what is going on there is trying to actually get into the box. Why would all the Linux loving script kiddies (I said script kiddies were Linux lovers, not all Linux lovers are script kiddies) want to DoS their precious Linux OS?
> and the K in KDE is just "K" now, no longer standing for "Kool."
Actually I was under the impression that it originally stood for "Kalle's Desktop Environment".
I've finally had it: until slashdot gets article moderation, I am not coming back.
Just doing some basic tests, the version of LinuxPPC on www.linuxppc.org doesn't match what's on crack.linuxppc.org.
For one thing the Apache server has been modified.
I thought this was supposed to be a clean install?
--
The world is neither black nor white nor good nor evil, only many shades of CowboyNeal.
Both Emacs and vi are vunerable to macro attacks. Virii for Linux can be written just as easily as for Windows. Windows users can laugh at Back Orifice as well, it's not a security problem any more than telnet is. Unix machines do have better user-level security than Win9x, but NT's is equivalent (some say better) than that in Unix. Then it just comes down to how well the administrator has set up the system. I remember the Morris worm. ESR should too. He's talking out his ass.
Well no, Unix is the OS, Unixen are several instances of the OS. Unix boxen are several boxes running perhaps one flavor of Unix or several Unixen (or "flavors of Unix" if that's your preference).
Unices sounds too much like Unisys.
I've finally had it: until slashdot gets article moderation, I am not coming back.
So explain why it is that NT 4 on ONE processor beat Linux with FOUR processors by 20%?
Look, guys. Linux get pounded. We LOST that round. We've won this round (so far), but I wouldn't get too cocky about that yet, either.
Here are some harsh realities. Linux has had 18 new root exploits published in the last six months. (By comparison, NT has had three published during the same time period. It doesn't matter that we can say, "yes, but that's because we can read the source." As a PHB myself, my answer to that is "Yeah, and you're just as dead if you knew you were being stalked." They're still exploits, and they still need a rebuild of sendmail or whatever.) It's only a matter of time before one of the root exploits for the x86 architecture is translated to the PPC -- and we all know the linuxppc is going to go down hard right then.
Moreover, we're going to get the second sucker punch at that moment. Mickeysoft is going to be able to smile and say, "You're right, we weren't running sendmail or pop3 or IMAP4...so why didn't somebody check WebDAV and Kerberos, though? FrontPage isn't the only way that IIS5 supports updates!"
And we are going to look really really bad.
Since nobody seems to be able to crack the Windows 2000 box, they've resorted to Denial of Service attacks. To be fair, it seems that we should be doing the same to the crack.linuxppc.org box. Especially if people are going to huff and puff about their greatness. I think when I get home tonight I'll pull out the scripts and see what can be done.
nt IS dos. and don't tell me everytime that you pop up one of those stoopid cmd windows that you aren't wondering that.
Never said that it was the version on the latest CD.
I still have nightmares about disassembling those and 8500s to install RAM in them at my old job.
;)
*yank out logic board*
*cringe* at sound of board bending wayyyy too far..
They're still pretty sweet boxes, especially if you upgrade 'em with a G3 and USB and.. hmm.. you could probably buy a new Blue G3 at that point and get the same stuff at the same price with a new warranty.
-- haaz.
I think the answer is that the guestbook wasn't compromised. Instead, someone took advantage of the fact that the guestbook let you put in arbitrary HTML. So they put in a to go to another site after a specified delay. So we had people sending us to crack.linuxppc.org, slashdot.org, etc. This was not a compromise of the system, just a sneaky use of the guestbook. They seem to have finally fixed this problem by stripping characters from the input.
However, I remember reading yesterday that someone got backorifice on it, and that's a genuine crack. I don't know the details, though.
D
----
> finger crack.linuxppc.org Login name: crack.linuxppc.org In real life: ???
Your mower probably is not safe if the "pull here" root password is printed on it.
Why would the MS server necessarilly be getting more hits? There's an incentive to crack the linux box - You get it.
With the MS server, it's only bragging rights while you've given your services away for free.
Why would they want to advertise the product that they will can as soon as WinFuckUp2k hits the streets? M$ is stupid a but they are also tight little bastards.
I know I didnt take it down from pinging it I was in telnet logged in ran a crack then tried to ping it when I didnt get a response. it didnt last long but something happened.
...and the third party should be armed with tcpdump and iptraf, and the two boxes should be in the same network. No box other than those four (incl. router) should be in the network. Hey let's see them faking it _with someone looking_...
Well, Win9x sucks.
The question might be why have Microsoft's business customers consistantly chose to run crappy DOS/Win over better alternatives such as OS/2 and Windows NT. (Although, everyone runs as root under OS/2 also.)
--
Business. Numbers. Money. People. Computer World.
If you look on the RPM site for linuxppc 4 you can download sshd and ssh. Also you can always 'su' to root.
it was writen by the same people, and uses some of the same ideas, but it is a completly new OS
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
any OS that *needs* (what is it... umm) 300MHz minimum and 64Mb ram??
Vindoz "u VILL uz dis end u vill have expect it suck vith such high demands" 2000
or
Vindoz "poorly designed so u need a 300MHz cpu" 2000
puhleez...
granted hardware prices are dropping etc etc but this seems a *bit* too much for requirements
Do your best, hope for the best, suspect the worst.
Works better without the comma. ;-) Profiles, including desktop, e-mail, etc. are stored in C:\WINNT\Profiles. Basically, the security is that if you can write to it with any application, you can write to it with _ANY_ application.
If no one with a roaming profile can logon, it should be secure enough
I hope all you fucking denial of service assholes get what's coming to you... a big bill from the telcos and isps and a trip to federal prison. I see that as no different than tying someone up in your basement and not letting them go to work. You probably don't even have a clue of what the real use of denial-of-service is.
Most companies do nut run their mission critical Web servers on intel machines exclusively.
Actually, it wasn't. The 9600 was. Now let me tell you, the 8600/9600 pair are damn nice machines. I have a 8600/300 and I'll *never* get rid of it. Its my baby... A nice overclockable G3 upgrade goes for very little now too. Mine will be here tomorrow! Yippee!!
> finger root@crack.linuxppc.org
[crack.linuxppc.org] connect: Connection refused
You could very well be right, but everything that I've seen has talked about "Kool" being the original word (Do a web search on "KDE" AND "Kool"). I've never seen any clarification from the KDE team, though.
Cheers,
ZicoKnows@hotmail.com
Just looked at the website, if you read the updates, it says that JCarr is playing xsoldier on the machine over the network, so that says that there is a user account, and even better, the machine has games installed!
Joshua Coombs
(AC 'cause I'm too lazy to creat an account)
Its gotta be called either one of those two. :) -ad
PermitRootLogin no
IgnoreRhosts yes
PermitEmptyPasswords no
--
Try loggin in as jcarr, jeff, carr, jeffrey, carr, jc,jef and mutilate his name as a password, then toss on a 30 meg dictionary file while your at it.
Unless someone has a remote buffer overflow for telnet or apache 1.3.6?
If his password is like Osd&j23O you loose.
Microsoft aggravates my tourettes syndrome.
They may have disabled long lines, but did they disable ^@ (null)? Maybe someone could create an xploit from this... Anyone?
I was one of them. I saw his posted, shot out an answer, and by the time I reloaded the page, another 6 or so were there. Poor guy. I hope he doesn't shy away from answering questions in the future. I'm sure I would be a little intimidated if I opened my mouth and in response 7 people turned immediately with the answer.
Why doesn't someone put Open BSD on an Intel machine and let people take a crack at it?
I don't think Unixen is the popular plural form. Its usually referred to as Unix boxen. The Jargon file also lists VAXen which is more or less dervied from oxen being the plural of ox. The Jargon file also says that VAXen might have been influenced by 'vixen'. I think Unices is correct if you are referring to Unix distributions, but Unix boxen if you are referring to the boxes themselves.
Suddenly, the hairy finger of a familiar monkey tapped me on the shoulder. It was time.--G. T.
"Linux Today" is not exactly what I would call mainstream press.
...who would have thunk?
This is morbidly cool
screenshot
because NT supports that configuration better. Just make sure people know the facts - if your machine has 1 nic, use Linux, if it has 4, use NT.
This is the last time I'll say this and I'll try to be nice. YOU CAN'T TELNET IN AS ROOT. NOBODY CAN TELNET IN AS ROOT. YOU NEED A NORMAL ACCOUNT AND THEN USE THE su COMMAND TO GET ROOT. But of course if you didn't figure out you can't use that password without entering the system first (do you thing that guy would be *that* dumb?) you are a clueless moron and deserves no real chance.
Was that enough?
Maybe the powerpc site should have a guestbook to bring up the load.
If you could simply telnet in as root then you didn't crack it; you just logged in. That's not very damn hard. It would be harder for you to wipe the crack of your ass than it would be to open a telnet session. /.'s has taken a nosedive lately. Anyone else?
It seems to me that the quality of
Simple. The monitor activity and when they get nervous about something they "have to reboot for maintenance" Hard to crack a computer that's not online, y'know?
exp(j*x) = sin(x) + j*cos(x) exp(j*PI) = sin(PI) + j* cos(PI) = 0 + j * (-1). = -j. the "Fat Bastard".
While trying to retrieve the URL: http://crack.linuxppc.org/guestboo k/status.shtml
The following error was encountered:
Squid did not receive any data for this request.
Generated Sun, 08 Aug 1999 00:28:51 GMT by xxx.xxx.xxx (Squid/2.1.PATCH1)haha
Sorry, just a bad link and apache dropping the connection instead of returning a 404.
/xxx HTTP/1.0
telnet crack.linuxppc.org 80
Trying 169.207.154.108...
Connected to crack.linuxppc.org.
Escape character is '^]'.
GET
Connection closed by foreign host.
crack is running LPPC 1999, the current glibc 2.1-based distro. it's a plain installation from the cd-rom, with the X-based installer. only difference is that telnet's been enabled; it's not on in the default install.
-- haaz.
Trust me. It really is stock, but with additions. The truly stock install has no httpd or telnet services running. So, you're right. Kinda. ;) The stock install includes X.
We haven't done anything to enhance its security. Bare box, running Linux and a few services. I'll ask Jeff if X is running on it.
-- haaz.
Did anyone find it amusing that the MSNBC article about the windows2000test server is listed under "Technology goofs and glitches"? First time in quite a while I've seen reporting so accurate.
I haven't managed to find any info anywhere about the hardware of crack.linuxppc.org.
I mean, if it's going to be a prize, we should know what we're getting, no?
crack is running LinuxPPC 1999 (glibc2.1, kernel 2.2.whatever). It's a default LPPC 1999 install, except telnet and httpd are active. Those are turned off by default in normal installs.
-- haaz.
By default, Win9x (and probably NT) allocates almost all free memory for disk cache, and dynamically allocates it down as the user opens up apps.
Just wait til Bill comes up with his own Linux distribution :)
ssh is in /contrib because of it's license. Just like *every*other*distribution*.
NT is officially just a designation, it no longer stands for "New Technology" or anything else. Just like the CE in Windows CE no longer stands for "Consumer Electronics," and the K in KDE is just "K" now, no longer standing for "Kool."
In other words, saying "NT technology" isn't redundant.
Cheers,
ZicoKnows@hotmail.com
You should also add a line `DenyUsers root' as well.
The reason is ssh for some reason will return "login incorrect" on a wrong root passwd and "Root login refused" on a correct root passwd, this essentailly lets you use ssh to try and guess the root passwd. maybe this does not matter, but I think its better to give out as little info as possible about WHY a login fails. adding the `DenyUsers root' line makes ssh say "login incorrect" to all root login attempts regardless of whether or not the password is correct or not.
Ethan (still too lazy to make account)
It seems like some people are getting a bit confused with terminology. When someone says a DoS attack, they mean a Denial Of Service attack. Not an attack on a Disk Operating System.
You were supposed to click the link and find additional story links there.
Actually, I've seen near-identical versions of the story in several places, so I'm wondering whether one of the newswires has picked it up. But none are prefixed with "AP" are anything like that.
Sheesh, evil *and* a jerk. -- Jade
They also beefed up the server, it's now a PIII 500 with 256MB RAM.
subject->read();
Hehe, that meant it runs faster so it can crash faster. Gee isn't M$ great (not!!!!). Patrick
----------
Just your ordinary BOFH
http://killertux.org
An act of God beat both hackers and beta testers to the punch this week when lightning crashed a Microsoft test site. - CNET News
Cool. God wins the contest! The greatest hacker of them all. Nobody ever taught me about this trick in kiddie hacker school.
Unless this is considered a DoS attack. Whoops. Guess He's disqualified.
Time flies like an arrow. Fruit flies like a banana.
I couldn't have phrased it better...
Then again, Microsoft software leaves me in a state of denial; how could such expensive software be that expensive? Am I the only non-idiot on this planet?
According to the virus scanner logs at the mail gateway, we haven't got a Windows virus mailed in for several months that wasn't either a MS Office macro virus or some sort of trojan that attacks IE or Netscape. These viruses all run on NT in user space -- If the workstations are properly set up (of course here they're not), NT is no more vulerable to these sorts of 'viruses' than a unix workstation. We haven't got a boot virus or any of the classic DOS types in a long time.
The attitude in the unix security community seems to be "oh that's only user space - the *system* wasn't comprimised", but that's litte condolence if some VP is pissed because lost all of his porn files and his account spammed the entire company.
Basically the only virus protection advantage that Linux has over NT is that MS Office doesn't run on Linux. You can get the same 'protection' on Windows by running corel, Lotus, Star or something else.
--
Business. Numbers. Money. People. Computer World.
I always assumed you could force a server to stop responding or drop packets with packeting, but I didn't know that you could crash all servers that way. Is this the case? If so, can it be fixed?
--
"L'IT c'est moi!"
Quite probably
It just isn't too reliable, but that could be because of other things.
plr@murasaki:~>
PING crack.linuxppc.org: 56 data bytes
64 bytes from 169.207.154.108: icmp_seq=0. time=504. ms
64 bytes from 169.207.154.108: icmp_seq=1. time=408. ms
64 bytes from 169.207.154.108: icmp_seq=2. time=514. ms
64 bytes from 169.207.154.108: icmp_seq=3. time=662. ms
64 bytes from 169.207.154.108: icmp_seq=4. time=526. ms
64 bytes from 169.207.154.108: icmp_seq=5. time=616. ms
64 bytes from 169.207.154.108: icmp_seq=6. time=511. ms
64 bytes from 169.207.154.108: icmp_seq=7. time=519. ms
64 bytes from 169.207.154.108: icmp_seq=9. time=463. ms
64 bytes from 169.207.154.108: icmp_seq=12. time=658. ms
64 bytes from 169.207.154.108: icmp_seq=13. time=575. ms
^C
----crack.linuxppc.org PING Statistics----
17 packets transmitted, 11 packets received, 35% packet loss
round-trip (ms) min/avg/max = 408/541/662
Trying the same with the W2Ktest box it pinged reliably even with 1KB packets, but for some reason didn't like 5KB packets. Again I don't know where on the link between here and there the deficiency would be.
plr@murasaki:~>
PING www.windows2000test.com: 1000 data bytes
1008 bytes from 207.46.171.196: icmp_seq=0. time=344. ms
1008 bytes from 207.46.171.196: icmp_seq=1. time=267. ms
1008 bytes from 207.46.171.196: icmp_seq=2. time=277. ms
1008 bytes from 207.46.171.196: icmp_seq=3. time=640. ms
1008 bytes from 207.46.171.196: icmp_seq=4. time=264. ms
1008 bytes from 207.46.171.196: icmp_seq=6. time=440. ms
1008 bytes from 207.46.171.196: icmp_seq=7. time=381. ms
1008 bytes from 207.46.171.196: icmp_seq=8. time=459. ms
1008 bytes from 207.46.171.196: icmp_seq=9. time=469. ms
1008 bytes from 207.46.171.196: icmp_seq=10. time=277. ms
1008 bytes from 207.46.171.196: icmp_seq=11. time=463. ms
1008 bytes from 207.46.171.196: icmp_seq=12. time=291. ms
1008 bytes from 207.46.171.196: icmp_seq=13. time=269. ms
^C
----www.windows2000test.com PING Statistics----
14 packets transmitted, 13 packets received, 7% packet loss
round-trip (ms) min/avg/max = 264/372/640
plr@murasaki:~>
PING www.windows2000test.com: 5000 data bytes
5008 bytes from 207.46.171.196: icmp_seq=1. time=745. ms
5008 bytes from 207.46.171.196: icmp_seq=2. time=958. ms
^C
----www.windows2000test.com PING Statistics----
43 packets transmitted, 2 packets received, 95% packet loss
round-trip (ms) min/avg/max = 745/851/958
Hmmmm..was this perhaps a "guarenteed to bring AOL to it's knees" 5CRIP7 via h4ck3r d00dz? You K1DD1E...hehehehehe
This is in reply to the guy with the title "Mindcraft again, but this time... " on his comment. I'm sorry, but you really didn't understand the whole deal with the MindCraft benching. It had nothing to do with transfer rates. That's mostly a hardware limitation. It did prove, however, that NT has vastly superior threading subsystems. I'm a very big fan of Linux...I think that it is the shit personally. I hate windows to no end, but I will admit that it won that battle. What's nice about it though is that there are probably countless numbers of programmers who are rushing to fix it right now.
Perhaps the AC means it's been a little slow. Right when it was first announced the /. effect slowed it down a bit, and it may have appeared to be down, but if you were patient it would eventually reply.
The w2k box, on the other hand, has almost always been slow, and appears to have spent more time down than up.
The reality is that MicroSoft LIE when it gets broken (or broken into) - the pitiful "weather" excuse being clearly visible on globally accessible weather-radar images for the farce that it is
_ ________________________________
Well, as a resident of the Seattle area I can attest to the unusual electrical storms we were having last week, but that doesn't explain all their downtime.
______________________________________
Auditing and dentistry are excellent career choices for people who don't like other people but aren't coordinated enough
The press are picking up on this, including some non-IT rags (see Linux Today). This is going to be a PR disaster of the finest water.
Expect a(nother) name change for NT5/W2K sometime during the fall. That'll let them pretend it's a different product.
Sheesh, evil *and* a jerk. -- Jade
A VAX is HARDWARE!
Helloooooooo!
I think you meant VMS. I also belive that discussion
is OLD. Let's face it.. if it IS based on VMS...
They did a royally screwed up job of it.
Friends don't let friends buy Compaq's. (Dell/Gateway... same same) You want a good computer? Build it yourself.
4 NIC's is pretty much overkill for most systems out there. The only real setups that might benefit from a configuration like this is something like a router. The tests MS had were based on such radical ideas.
Damn...do these people have an unusually hard time keeping boxen up or what!!?? I guess they're lucky this isn't "break the ms campus network" because they seem to have done that already.
q 142/6/41.asp."
"8/6/99 Events
9:20am - Router back up, traffic hitting site. SYN attack filter appears to be working. Receiving an average of 600 datagrams/sec, 100 fragments/sec. 9:00am - Reset TCP to handle SYN attacks, and rebooted.
See http://support.microsoft.com/support/kb/articles/
Sure thing.
"Set Valid Retransmission Times Elapsed to 3 seconds
Set Enable Dynamic Backlog to 1 (enabled)
6:00am - All network traffic stopped. Router down."
BTW, is Slashdot slashdotted? terrible response time...
It's 10 PM. Do you know if you're un-American?
right now I can't even seem to get telnet access to the machine and even if I could I'd have no idea what to do?
how does one crack into a system anyways?
is there a "Cracking-FAQ" out there?
MJ
Why so much? How do they expect you to run office 2000 if win2k takes up 114MB? Another example of M$ Bloatware... I saw a friends computer with win2k server beta 3 on a p2-400 and it is noticably slower to boot up.
[the mindcraft study] did prove, however, that NT has vastly superior threading subsystems I wouldn't say vastly superior. NT beat out Linux, but the last study was closer than the first that was so lopsided. Whatever, just nitpicking.
Slashdot is ALWAYS slashdotted!!! What the hell, are we surrounded by a buncha losers???
Microsoft killed DOS a long time ago! How can DOS have anything to do with it. NT is NOT based on DOS!
Hey guys the microsoft server is back up. Just got in to see the web page.
Some people's kids...
crack.linuxppc.org looks to be a DSL connection which might help explain the packet loss and ping times, as well as the general speed of the site. DSL may have high throughput but the latencies are much higher than a T1 or other digital line since there is convolutional encoding to eliminate the effect of "spiky" noise.
/usr/sbin/traceroute crack.linuxppc.org
/usr/sbin/traceroute www.windows2000test.com
[mcope@PhatLinus ~]$
traceroute to crack.linuxppc.org (169.207.154.108), 30 hops max, 40 byte packets
.
.
.
9 mae-west.nap.net (198.32.136.13) 24.966 ms 40.785 ms 26.910 ms
10 NChicago2-core0.nap.net (207.112.247.150) 119.067 ms 108.029 ms 128.163 m
s
11 chi2-e3.execpc.com (207.112.240.178) 127.603 ms 151.088 ms 146.931 ms
12 2-20.atm1-0-0.rtr0.nbl-wi.execpc.net (169.207.50.165) 164.168 ms 176.232 m
s 159.049 ms
13 vl2.sw1.nbl-wi.execpc.net (169.207.50.250) 166.004 ms 172.551 ms 160.264
ms
14 dslmux0.execpc.net (169.207.36.202) 140.090 ms 189.482 ms 167.609 ms
15 169.207.154.108 (169.207.154.108) 704.637 ms 390.105 ms 438.217 ms
www.windows2000test.com is, needless to say hung straight off a fat pipe at microsoft.
[mcope@PhatLinus ~]$
traceroute to www.windows2000test.com (207.46.171.196), 30 hops max, 40 byte pac
kets
.
.
.
11 sl-microsoft-4-4-0.sprintlink.net (144.232.192.6) 38.162 ms 38.811 ms 38.
168 ms
12 iuscgsrfec7502-a4-00-1.cp.msft.net (207.46.190.46) 38.590 ms 39.038 ms 39
.998 ms
13 iuscb11ixc7502-a0-00-1.cp.msft.net (207.46.129.8) 39.729 ms 39.334 ms 40.
140 ms
14 iusd27nt5c7201-a2-0-1.cp.msft.net (207.46.168.68) 39.859 ms 40.737 ms 39.
445 ms
15 207.46.175.250 (207.46.175.250) 41.040 ms 44.067 ms 45.815 ms
16 * * *
--
"L'IT c'est moi!"
OK, so now we even have the root password. Great. We're definitely getting closer to cracking that baby! The only thing we need is for Jeff to enable remote root logins. And I'm sure he will. Just to make things interesting. Come on, Jeff! Then I'll be sure to crack it!
___
If you think big enough, you'll never have to do it.
I have to be honest and say I am unimpressed by both. For example the Windows box is still pingable and the Linux box is not and thus not vulnerable to ping flooding/smurf attacks. As a example (result?) of the configuration differences the bulk of the attacks on the Windows box also simply appear to be DOS attacks, not anything really effective at testing the security. I find myself wondering what the percentage of attacks on the Linux box are DOS boxes as opposed to the percentage on the MS box. When Microsoft can come out and say "all the attacks on the box were DOS attacks (which of course all OSes are vulnerable to in some way or another) they are going to have a MAJOR PR coup. I hope those crackers who are simply running DOS attacks on the Windows box stop, or else the Linux community is going to end up with egg on it's face big time, when MS can say: "But they never once managed to compromise the security and access information they were not supposed to be able to."
At this URL
http://linuxtoday.com/stories/8410.html
Gist is, Win anything is inherently insecure due to lack of ground up security architecture.
4 nics will only do any good for an intranet. Unless you have a 400mbit connection to the internet. It's not a very realistic setup.
-matt
Why do I only see ACs claiming this?
Good judgement comes from experience, and experience comes from bad judgement.
- W. Wriston, former Citibank CEO
Well I decided to rip down there web services with 30000 http requests at 500 at a time its now 3:36 est lets see how long it takes.. haha Gavin
I can't believe the stats on the Windoze box
s /q142/6/41.asp
:^P
It says memory usage around 114Mbs...
Perfmon info from 8/6/99 10:00am
Datagrams Received/sec Avg: 250
Fragments Received/sec Avg: 4
Total Fragment Reassembly Errors 30000 in the last hour
Connections Avg: 500
% Processor Time Avg: 40
Memory use steady at about 114000K
They also posted a new support document explaining how what is happening to the machine is normal :
http://support.microsoft.com/support/kb/article
I would like to learn some more on this mega server, more specs (steady size of the swap file, cpu idle time, if someone can use the machine to play minesweeper right now...)
This really is fun to see... Happy happy joy joy!!
Actually, yes. I was just kidding. I didn't expect everyone to jump on me like this. Ouch.
If he enables ssh everybody will go on since this protection is not in it. I believe this is borken.
This being a different use of the word "pingable" to the normal one?
# ping -s crack.linuxppc.org
PING crack.linuxppc.org: 56 data bytes
64 bytes from 169.207.154.108: icmp_seq=0. time=455. ms
64 bytes from 169.207.154.108: icmp_seq=1. time=373. ms
64 bytes from 169.207.154.108: icmp_seq=4. time=301. ms
64 bytes from 169.207.154.108: icmp_seq=5. time=427. ms
=DIVIDE BY CUCUMBER ERROR: REINSTALL UNIVERSE AND REBOOT=
I remeber reading somewhere (might be ESR's article on linuxtoday.com) that the holly MS box had been broken into (mentions of guestbook changes). Sorry don't have a URL but it still seems to be an interesting point
Linux is perfectly happy with multiple NICs - especially when being used in a router situation. That's no excuse for what is happening now with the W2K challenge. One or four NICs, Windows sucks. If Win98 crashing on Bill didn't expose it to the public, maybe this W2K challenge fiasco will - especially in light of a slower Linux-PowerPC setup (getting hit 2 million times an hour and still happy) being up consecutively and with no crack success for days now - this could go on for a while. This is the ultimate benchmark - can't beat real life for putting your systems to the test...
Really, who is going to keep M$ honest about the results of this PR event? Admitedly I don't know a whole lot about the subject (I do back-end almost exclusively), but it would seem easy enough to simply moniter the system and take it down when it was cracked. Redmond could claim a DoS, or fake the logs, or whatever. The Mindcraft imbroglio showed that there isn't much that they aren't willing to stoop to. Maybe I'm missing something here, but who in their right mind thinks that they would ever admit to being cracked?
...disciplining the ronkeys since 3/2000...
Really, who is going to keep M$ honest about the results of this PR event? Admitedly I don't know a whole lot about the subject, but it would seem easy enough to simply moniter the system and take it down when it was cracked. Redmond could claim a DoS, or fake the logs, or whatever. The Mindcraft imbroglio showed that there isn't much that they aren't willing to stoop to. Maybe I'm missing something here, but who in their right mind thinks that they would ever admit to being cracked?
...disciplining the ronkeys since 3/2000...
Okay. This is off-topic. What the hell'sa bogoMIP? I see it listed in the stats, there, and I see it zoom by in my kernel boot. Is it some simplistic benchmark?
Dirk
I keep trying to pick fights, but I can't shake this Excellent karma.
My guess is that Microsoft recommended 4x base100 cards because it has been reported that NT can't handle a single gigabit card properly, unlike Linux, Novell, etc etc. How about re-running the test with gigabit cards, eh ?
Of course it won't run on the same box. It's a Power PC chip, not an Intel, AMD, etc.
see above subject and above message
Good. ;-) I haven't been able to ping it all morning.
Well I never tried to crack something before today but it seemed after I used telnet to get in I tried a few cracks and when I tried to ping it started to go down and I lost the telnet connection.
You are totally right about this...
If we want this experiment to show that MickeySoft tool is not as secure as MickeySoft wants us to believe, we must not use known ways that will bring down almost any server (newest stable kernel has anti-DOS methods, still I do not know if this is enough to stop any attack, sorry).
We must show that it cannot support the same amount of traffic the surveys said it could.
Still, whatever press releases come out of this, you can rest assured that DOS attacks will be pointed out, and show that under normal climatic conditions nothing could crack the server... I can't wait to see MickeySoft having a linux box and saying that they want to redo the tests on the real live internet... What would you think of such a test being down... Let's redo the Mindcraft tests but on the web... and have some support teams available to support the servers...
Éric Desfonds