Slashdot Mirror

← Back to Stories (view on slashdot.org)

Crack LinuxPPC Contest Is Over

Posted by Roblimo on

BlueVelvet writes "The crack.linuxppc.org contest is over. Due to a waste of bandwith, illegal activities, and other reasons." Get the full story here. Seems some people were trying to crack other machines on their ISP. The folks at LinuxPPC say that if you send in a workable method to get into one configured like theirs, you can still win, but please stop eating up their ISP's bandwidth with crack attempts now, okay?

12 of 166 comments (clear)

  1. Linux cannot survive out-of-memory. by cpeterso · · Score: 2

    In a perfect world, Linux wouldn't crash when it runs of memory/swap. Unfortunately, there are (some) bugs in the Linux 2.2.x kernel where developers forget to check for memory allocation failures. For example, many device drivers call kmalloc() or get_free_page() without checking whether the returned pointer is NULL. These functions can return NULL, but will only do so under extreme stress. If these unchecked NULL pointers are used in the code, then BOOM!! I've reported these bugs to their owners. Alan Cox fixed a bunch for Linux 2.2.11, but some other developers didn't care, claiming the kmalloc() would "never" return NULL. If Linux is going to be taken seriously as an "enterprise-ready" OS, can Linux developers really have such a not-my-problem attitude to bugs?

    BTW, I've scanned the FreeBSD 3.1 source code with the same lint script and found ZERO unchecked malloc() calls. Linux 2.2.10 had a couple dozen...

    --
    cpeterso
    1. Re:Linux cannot survive out-of-memory. by tgd · · Score: 2

      So you reported the bugs to the owners, and you know enough about what you're looking for to find them.

      Why didn't you go ahead and fix them then? If there's only a dozen or two, why not fix the ones in the drivers that aren't getting fixed? Just because someone else wrote it doesn't mean you can't fix it.

    2. Re:Linux cannot survive out-of-memory. by raistlinne · · Score: 2

      Have you posted these problems to linux-kernel@vger.rutgers.edu? Public humiliation may take the place of conscience some times. :-)

      --
      They laughed at Einstein. They laughed at the Wright Brothers. But they also laughed at Bozo the Clown. -- C. Sagan
  2. Re:How heavy was the attacking? by edgy · · Score: 2

    On the other hand, the Windows 2000 box might have crashed after receiving 200+ packets/second, and never had a chance to go up to 417 packets/second.

    Wish we could know exactly what's happening, but MS is trying to spin this, not really gain anything from it.

  3. Re:More traffic on the Linux box? Kidding, right? by raistlinne · · Score: 2

    "After the first day or so (once everyone started finding out about the box), the Win2K status page reported frequently receiving over 6000 frames/sec (> 7000 datagrams/sec)."

    When did the box get this? It was down more than it was up as far as anyone could tell.

    "while we haven't seen any such whines from the Win2K group (as if the Win2K box attackers haven't been trying the same tricks)"

    No, they just blamed their downtime on the weather and power outages and the like. Can Microsoft really not afford a UPS? Besides, their complaints weren't nearly so much about their network being hurt as their net connection being flooded. Just a guess but linuxppc.org does have their bandwidth for something else than just to have it flooded. If you read the complaints, one of them was that other machines were getting obthered, true, but the biggest was that their network connection was so saturated that they couldn't do anything over it. That has nothing to do with the box involved, it has to do with the bandwidth that they can afford.

    "I'm not at all convinced that the LinuxPPC box could've stood up to the attacks that the Win2K box has received."

    Maybe, maybe not. They'd need a much bigger network connection to find out, which I doubt that they can afford. Either way, the linuxppc box was much smaller than the W2k box.

    "I hope every name that you were prepared to call the Win2K team had they dropped out, will now be applied to the LinuxPPC team."

    Since you don't seem to have read the article, I'll reiterate what it said. The contest is still going. If you can provide a workable crack into a similarly configured system, you still get the box. They just want their network connection back. As they mentioned, Microsoft can't do that, as W2K isn't purchaseable yet.

    Oh, and the linuxppc people never lied about anything going on. I'm curious, while the windows2000text box was being killed by the weather and power outages, was www.microsoft.com also down? If not, why not? Couldn't they afford to put the box on a UPS?

    --
    They laughed at Einstein. They laughed at the Wright Brothers. But they also laughed at Bozo the Clown. -- C. Sagan
  4. Re:Windows 2000 Is more Secure than Linux by Eccles · · Score: 2

    I mean, Since the machine is offline because it crashes half the time, it cannot be accessed globally, therefore higher security.

    Instead of "Security through obscurity", it's "Security through instability"?

    --
    Ooh, a sarcasm detector. Oh, that's a real useful invention.
  5. Re:WINDOWS WINS! by Jburkholder · · Score: 2

    >If you put LinuxPPC on a P2 450 though...

    Ooooh! What a great idea! A PowerPC version on an Intel box. Hmmmmm....

    Right after that I'm going to run out and try to install W2K on an iMac. =D

  6. From the other end of it by oNZeNeMo+(guns'n+amm · · Score: 2

    I have a clear picture of where the linuxppc folks were coming from when dealing with the bandwidth usage. I access the internet through execpc, their service provider, and was forced to use another service temporarily as establishing connections grew impossible. tcpdump was also picking up more than it's fair share of really odd packets as well. I never thought a mere modem user could feel the heat of traffic upstream, but it was certainly felt. If Microsoft were really sure of their product, they would offer to host the linuxppc machine at this point.

  7. Re:W2k? ...from the W2K status page... by Sun+Tzu · · Score: 3

    8/12/99 Events

    12:00 We are still trying to find the right configuration to handle the combination of legitimate connection requests and the flood of attack packets. The new TCPIP stack has a couple of different configuration values that affect how it responds. Yes, we will be publishing exactly how this server is configured.

    8:00 The server crashed again this morning. In the same part of the TCPIP stack as before. The TCPIP stack is still having difficulty with a prolonged attack. We are going to try some different configurations and see if we can bump up the connection rate.

    Configuration
    500MHz Pentium III with 256mb of RAM.

    --
    Geeky modern art T-shirts
  8. Re:I dunno. Install w2k first (was Re:WINDOWS WINS by Jburkholder · · Score: 2

    you mean the former?

  9. How heavy was the attacking? by Mike+A. · · Score: 2

    I'm curious as to whether www.windows2000test.com and crack.linuxppc.org were under similar loads.

    If the W2K box was getting 500 times the amount of traffic or something, it stands to reason that it would go down more often, quite aside from the relative stability of W2K vs. LinuxPPC; on the other hand, if the loads were similar, then this is a slam-dunk result in favor of Linux with regard to stability.

    Either way, of course, it doesn't prove anything about the relative security of the OSes.

    --

    --
    Do I look like I speak for my employer?
  10. Re:LinuxPPC kernel bugs? by dattaway · · Score: 2

    I did a fork bomb as a user once on my box and I got tired of waiting for it to crash, but when I came home from work 12 hours later, it was dead and not pingable. It was an older development kernel, but I'm wondering how Linux withstands these attacks currently. Anyone tried? I'd hate to kill my uptime...