Slashdot Mirror
LinuxPPC challenge rides again
jacobm writes "According to an announcement on their site, AntiOnline is going to host the LinuxPPC challenge (crack an out-of-the-box LinuxPPC install and you can keep the computer), which was taken down a few weeks back because of bad guys doing mean things to LinuxPPC's network. Gentlemen, start your port scanners! "
I think that the packet storm thing was the last thing in his coffin .. he had lots of venture capital and wasted it while his site stagnated for over a year. he's been so hurting for hits lately that he's been adding more and more lame features (free email, free "Webpage", free portscan..) and now this? he only did this so he could get the attention of slashdot users. the timing is right. he gets on slashdot, slashdot effect happens -> everyone sees his new site. jp sucks. there are some really good security sites out there (securityfocus, technotronic, ntbugtraq). its too bad jp and his crew and all the script kids that he partially helps glorify make the security scene look so childish and immature.
I do NOT believe that we, the Linux community, want to be associated in any way with AntiOnline.
JP is shady and in my opinion disreputable. Packet Storm was an extremely useful source of information, and I certainly won't forget that he was the one responsible for it's shutdown.
http://linuxtoday.com/stories/7299.html www.attrition.org http://www.hack-net.com/antionline/ Stay away from anti-online. You have been warned!
okay look fag, i have way more skill than you can possibly fathom. antionline is gay. attrition is lame. i dont bother with this kids stuff. get a life you fucking cluebie.
No matter what the personal reputation of the owner of AntiOnline, I suggested to both himself and linuxppc.org that they host the linuxppc project within the happyhacker.org domain.
This was when linuxppc announced they would withdraw the contest due to the network hammering.
I have no idea if linuxppc's announcement has anything to do with this, but isn't it better to have the Linux box up and running for several years than the contest withdrawn?
We can then say, oh yeah it's still running, still not been cracked. Its a good advert that something can be secure in a certain configuration. (Assuming it doesn't get hacked!)
Those shouting at AntiOnline should well remember that he is the only one who has offered to open himself up to even more network jamming and cracking. If anyone else want's to host the contest, then let them speak up now!
If you hate the owner of AntiOnline then just be glad that all the script kiddies will be pointing their tools at his network and not yours!
If you think he's a narc and hands over logs to the government then think again, they don't need anyone to hand over logs, they already have them all. If I was the NSA I would be watching hack attacks on his network already!
you really sound like you work there. you're pretty retarded too. that's another clue, good indicator of people from antionline. BTW, what dothose 'staff members' listed on the 'staff page' actually do? do they even exist? where did the venture capital go? the original poster of 'antionline is doomed' made me wonder just why they have been adding new features every week for the last couple of weeks. looks like a pathetic attempt to get more users to me. i call for a boycott of antionline. want to see some really funny irony? :) :) :)
.. there was carolyin meinel's "quick tips" .. first off evreyone knows how much of a sik0ority w1zz she is.. but her tips? let's see here, "how 2 uze find to get suid files!!!!" .. is part two going to be how to remove the setuid bit???? how lame.
right above the "hacker tools" and 2000-day warez (exploits) you have, there's a link to a page where you can narc on yourself (or your friends)!!!!!! so let's support hacking, and let's support ratting!!! you kick ass, jp!!!!!!!
also i wanted to point out how pathetic the 'free email' antionline offers is. it's like, run by some welfare free service that anyone can sign up for. if you want a gay service like antionline's free email, just go to the webpage linked to at the bottom of his free-email site. he's not even doing it himself!! hahahahahahahahaha! i hope antionline can pay their bills!!!! face it stud, the damage has been done!!!
then
SCORE:
internet: 1
antionline: 0
GAME
OVER
like anyone cares loser
your bio says you are the vice president of a "rather large company"
like that says alot..
antionline is GAY.
gota love the article at http://www.antionline.com/cgi-bin/News?type=antion line&date=08-30-1999&story=ppc.news "LinuxPPC, a version of RedHat designed for Macintosh hardware" Umm try linux not redhat for the PPC. "Microsoft 2000 challenge." Its called Windows 2000 not microsoft 2000 shows you just how much thoes lamers know.
i wouldnt say that Anti* sucks. if you think that JP sucks (I DO, I DO) then check out www.antioffline.com an entertaining parody on JP and Carloyn "Crack Whore" Meiniel
Antionline says;
:) -jcarr
AntiOnline was approached by LinuxPPC, and has agreed to help out. The AntiOnline Network, which already suffers literally thousands of hack attempts a week, will become the new home of the Official Linux PPC Challenge.
Crack.linuxppc.com says;
15:29 CST: Lots of people are objecting to using Anti-online on slashdot. I don't know people - they just volunteered. I've never heard of them. Send objections to me then. And no, I don't log packets
Who's Idea was this?
And to linuxppc, I find it hard to believe you've never heard of antionline, especially after the packetstorm fiasco.
AntiOnline and thier actions are just one big pathetic attempt at an online publicity stunt.
Antionline can suck /dev/null. They took down the best security site (packetstorm) because they wanted to be number one. I'll avoid their network like the plague. Antionline is under attack for this, and I'd like to see them removed from the internet on account of their censorship of Packetstorm. They should have picked a better host for this.
Funny how most ppl agree with your opinion, antionline DOES sucks nuts.
okay .. apparently from the look of this you've been checking up on this thread throughout the day. what's wrong with you? you can be helped my friend. you need jesus.
i'll tell you right now: you're imbalanced and need help. you're erratic and like acting like a freak. i've never seen anyone this vocal and religious about defending antionline. and you're 37
btw antionline sucks
you suck
You seem a bit childish for a 37 year old executive. .. Unless you're 37 dog-years old and vice president of a "large" lemonade stand.
Ha Ha Ha
Loser
I can't wait until antionline is down
PHC DEN0UNC3Z ANT10NL!NE.
JP C4N SERV1CE US W1TH FELL8!O, HEZ PR3TTY G4Y TH4T WAY
EOF
Ahh, So JP and cmienle Ride again...ARG and anybody who thinks that antionline has been a "friend to the underground" check out attrition.org.
I'm quite suspicious about anti-online. Do you think there's a chance of them being involved with M$??? whatever scheme it could be, it could be tricking us all....just be aware....and don't try to crack it...
No, that's how many times you've posted in the last few WEEKS. Translation for those, like you, who are slow: you got this account yesterday so you could post bullshit defending an asshole.
Oh, and I'm 25, and a vice-president of IBM. You believe me, don't you? No? So why should I believe you're the vice-president of anything? Post a company, post a URL, post something we can verify, and we'll consider believing that you're not completely full of shit. Otherwise, shut up and crawl back in your hole.
Well, in the PacketStorm archive (which was resurrected in miscellaneous) there were strong personnal attacks against JP, and other bad taste photos.
Maybe JP is rather lame, but everyone I've seen attacking him was at least 10 times more lame (please re-read archives in Slashdot if you don't believe me).
It is not difficult to understand why AntiOnline is not black-listed for most slashdot readers with an IQ greater than the temperature of the room.
Because all the people attacking him have proven being 100 times more idiot maybe ?
Because all the people attacking him have proven being 100 times more idiot maybe ?
Wow, either you are jp himself, or a reasonable facsimile.
...to have posted this shitty story. Not Hemos.
It refers to the difficulty in spoofing a TCP connection. Basically, to spoof a TCP connection, you need to take down the host you're pretending to be (usually with SYN flooding or something of that nature), and then sent TCP packets with that host's IP address as the origin. However, since the return packets will be going back to the disabled host, not to you (TCP spoofing is a "blind" attach), you need to guess the sequence numbers to put in the TCP packets, and if you guess wrong, the other side will discard them as being out of order or random garbage data, thus disconnecting you (if you even got the connection negotiated in the first place) and messing up your attack.
TCP sequence predition in nmap estimates the difficulty of guessing these TCP sequence numbers. In some OSs, such as Windows, it's a fixed increment between packets, so trivially easy to guess. In Linux, apparently, "random positive increments" are used, making it extremely difficult to guess the TCP sequence, thus making it extremely difficult to successfully spoof a TCP connection.
I've read some on Bugtraq recently about other weird things in Linux that will allow you to get a more accurate guess of the sequence numbers on a host that's otherwise idle (i think the id field in the IP packet increments by one each time or something of that nature). However, it's still not nearly as easy as Windows.
For a much more in-depth discussion, read daemon9's IP-Spoofing Demystified (Phrack Issue 48, Phile 14).
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
This is not needed its been done alredy http://crack.linuxppc.org/nmap.results.d on't waste your time and bandwith
none Yet.
Im sure JP is popping corks right now, just from the hits he's getting off this previously fine webpage. The fact that /. seems to be advocating any sort of Antionline project is revolting.
http://www.attrition.org/news/content/99-06-29.001 .html
1)Antionline has censored links. This means that if a site they dont like (hackernews.com, packetstorm, to name a mere few) links to them, you cannot follow that link to them. And censorship of any kind is bad.
2)John Vranesevich is a criminal. Proof:
http://www.attrition.org/negation/www/ao.040.html
http://www.attrition.org/negation/www/ao.030.html
http://www.attrition.org/news/content/ken.letter
http://www.attrition.org/negation/special/
He's no better than CPM. Hi Carolyn!
3)JP is a media whore, he'll say and do absolutely anything to get in your email or browser, even if it involves outright lies and breaking the law.
Yeah, im ranting, and im sure that some of you will claim that because i'm an NCState student, my rants are biased. However, I'm merely disappointed that slashdot would support anything antionline does. Makes me wonder if Hemos has some sort of Faustian deal signed with antionline....
Shoutouts to Ken Williams for coming out on top through all the bullshit, and all the ehap kids, especially zeno & dox.
"and no, im not the spot working for Transmeta, although i wish i was..." -- ~spot "i'm the epitome of public enemy..."
"AntiOnline is a great site"
That is your opinion. My opinion is that the
site is a really horrible one. Neither of us
are right nor wrong.
"John V is a really good guy"
Again opinion, however after the PacketStorm
situation, I personally will not support anything
associated with his name.
The rest of your post is immature, childish, and
deserves no comment.
Awesome!
...you better read those rules carefully. I wouldn't put it past AO to try and pin federal charges on anyone breaking them. I agree that it's extremely likely that they will be logging any information they get for future use against people. As a generally non-paranoid and trusting person, I trust AO about as far as I could comfortably hurl a Buick.
Leilah
~ Leilah
I mean how to bring down the server.
I guess you could alternate that with how to hack root, but that would be a matter of discovering a heretofore unknown rootshell exploit, which would require more resources than just crashing it.
This is just like television, only you can see much further.
I think this is a silly way to figure out how to hack a known configuration.
I've often told people, if someone hacks your system and leaves you an obscene calling card, that was basicly a scriptkiddy who got lucky. A genuine, serious security cracker prefers to leave as little evidence as possible.
Flailing away at this thing from remote isn't just a waste of time, it's embarrasing.
If I had any interest in all in cracking this box, here's what I'd do.
If i didn't already have access to a powermac, I'd borrow or rent one, as similar as possible to the one being used.
I'd install linuxppc on it, staying as close to their known configuration as possible. if this is truly the default installation, that makes it much easier.
I'd hook it up on a private segment with some other systems, and hammer away on it where noone can see, where noone else is generating traffic, examining the system for different sorts of problems depending on what i did to it.
I'm sure eventually I'd find some way to at least cause the thing to die. It might take weeks, or days. Hard to say.
As soon as i was 100% certian I'd found a way to kill it, then and only then would i begin to attack the machine in question.
All this portscanning and flooding is just noise. Even if they do bring it down, they won't be able to reproduce it. In that respect, this is a pretty good PR stunt, given that linux is reasonably secure and stable.
This is just like television, only you can see much further.
I think this is nothing more than a publicity stunt on antionline's part. After the PacketStorm fiasco I'm sure that antionline took a lot of heat from the security community. The descission to host the box is probally a way of saying "Look we're on your side, really we are!" in an attempt to look good in the public's eye.
-matt
Yo I got my bros and my bro-ettes backin me up so you best step lest you wanna be hurting, youknowwhatimsayin?
/. story and rant about what a great guy you are and how many people got your back, at least sign it with your own name, alright?
No offence, my man, but this is really pitiful. If you're going to reply to a
God, what a loser!
Sorry for the flamage, but, god, somebody had to do it!
--Andrew Grossman
grossdog@dartmouth.edu
I think because of the recent actions of AntiOnline v Harvard/PacketStorm I'll be avoiding this challenge. I think it's probably just a publicity stunt to get some of the heat off him because of the previous affairs...
I personally will be avoiding this challenge, mainly because of the people hosting it.
- AMW
Well, according to crack.linuxppc.org they DO host it:
:)
August 30
--
"11:55 CST: Hello! Anti-online is about to host a new machine you can try to crack into. Please also send us information on any tests you might have done on your machines you may have tried to break into."
The next tidbit is also nice
"12:00 CST: Microsoft posted stats today: 427,597 GET requests. Our stats:1,880,138 (and cron already rotated out the first few days, so it probably is closer to 2.5 million)"
Floris
--- Your superiour intellect is no match for our puny weapons
The guy that runs Antionline often talks about how he tracks various crackers and turns the info over to the authorities.
Yep. I am sure that he is compiling a database of IP addresses from which attacks are being launched. Given his past behavior, I wouldn't be surprised to learn that this was the whole point of the exercise.
Kaa
Kaa
Kaa's Law: In any sufficiently large group of people most are idiots.
Didn't Antionline (John Vranesevich) behave in a very unpleasant manner recently (PacketStorm -- Harvard)? I thought that he was relegated to the "don't touch with a 10-foot pole" category.
Kaa
Kaa
Kaa's Law: In any sufficiently large group of people most are idiots.
I'm sure that the IP of anyone even viewing a web page on a host in that network is logged.
Duh. Every time you view a web page on any host on any network your IP is being logged. Apache, IIS and every other Web server since the dawn of time tracks it.
Do you even know anything about perl? -- AC Replying to Tom Christiansen post.
A few comments:
First, AntiOnline as others have mentioned has a nasty reputation. I'm sure that the IP of anyone even viewing a web page on a host in that network is logged.
Second, has anyone heard anything from the LinuxPPC folks confirming this? *I* certainly haven't, and as of the time of this posting, crack.linuxppc.org has no announcement about the box moving to AntiOnline's network. Until I see something offical from the LinuxPPC folks, I'm writing this off as another attempted publicity stunt by AntiOnline.
hhashd@juno.com
User Bio
I am a 36y/o in Georgia. I am a vice president for a rather large company. balh..blah..blah.. ADenton has posted 3 comments (this only counts the last few weeks)
1 Re:umm ok posted on Monday August 30, @08:41PM CDT (Score:1 Replies:1)
attached to LinuxPPC challenge rides again
2 Re:i can walk the walk posted on Monday August 30, @08:39PM CDT (Score:1)
attached to LinuxPPC challenge rides again
3 re: AntiOnline posted on Monday August 30, @06:32PM CDT (Score:1 Replies:4)
attached to LinuxPPC challenge rides again
Gee, I wonder who this could be??
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
ReadThe ReflectionEngine, a cyberpunk style n
The owner of AntiOnline pays people to crack servers in exchange for full coverage of the crack. It's a brilliant idea for making money.
But then he later gives information about the hackers to the government. Whatever his incentive is, this guy is a total idiot and potentially dangerous.
I bet he's letting some government acency have full access to this LinuxPPC box's logs. The person who cracks the box will probably get noticed by the government.
And even if that's not true, why support an idiot like this?
The guy that runs Antionline often talks about how he tracks various crackers and turns the info over to the authorities. While one can describe this as good citizenship, I would not attempt to crack something Antionline is concerned with, even if it is a game. They may at somepoint turn your info over as potential suspects in some future investigation.
I'm sure eventually I'd find some way to at least cause the thing to die. It might take weeks, or days. Hard to say. What do you mean by "the thing"? I had originally assumed that you meant, "killing" the PPC machine. Or did you mean, to kill the page? I changed my thought, of course, when I saw this statement:
As soon as i was 100% certian I'd found a way to kill it, then and only then would i begin to attack the machine in question. Apparently, I was mistaken on the "it," so I was wondering if someone could explain the "it" to a pitiful little ignorant person such as myself. Thank you. =)
Insert mind here.
Next, we'll see protesting sites publishing embarassing background and family histories of LinuxPPC coders.
because the whole "crack this box" thing doesn't seem to be anything but PR. Props to antionline for hosting it, i guess, they don't seem like they have been very friendly to the underground in the past.... Oh well, (instert fart noise here) first post, i think :)
There is another guy out there that is challenging people to crack his PWS running on NT. He told me that if you get in and explain thoroughly how it was done you get a spiffy T-Shirt sent to you to commemorate the event! Not a free PC, but heck it identifies you as one bad ass dude....i think... ;]
hack this dude's website and win a tshirt...
http://caffeinated.dynip.com
JP sucks.
Anti* sucks.
Don't view their web page, you might be sued.
Don't try to hack the machine, you might be sued.
Oops, he might try to sue me for saying he sucks. Well, he blows too.
8-bit monkeys, 4-bit ducks
What Linux community? I use FreeBSD.
Kspett
Kevin "Cash Money" Spett
Ignore your rights and they go away.
I'm not normally a cracker but. . . Yah! Ride 'em, Ping-Boy!
AntiOnline is a great site, John V is a really good guy. You guys who make these bullshit claims and comments have something to hide. And hell, you cant hack his shit, and here he is helping a website out by giving them a secure place to host a war games for decent people to learn, and you go on calling AntiOnline and JP names and saying bullshit claims..THAT goes to show that your pissed that you cant reak havoc on that Linux website anymore. Your just a bunch of jealous shit heads. I saw a post that is titled" AntiOnline is doomed".. we to the person who wrote that: I give you a big "FUCK YOU", and you can take that and fuck yourself till you bleed. I REALLY doubt that AntiOnline is doomed, trust me. Also to the person linking to that Attrition site: GET THE FUCK OFF THAT GUYS NUTSACK. Im sorry, there are a lot of people who just dont buy that bullshit, its god damned obvious what that guy tried to do. SOOOOOOOO.. thos of you trying to DEFAME and "take out" AntiOnline, i strongly suggest you stop, and i really hope you dont take things to another level, that would be bad, and you will loose. So stop with the bulshit and your utter lies. There ARE people out there who will stick up for JP and do something, even if JP doesnt his self. I PROMISE. =)
Dont talk the talk unless you can walk the walk.
yea whatever to you too dude.. i own a rather large company, read my bio dickweed.
Dont talk the talk unless you can walk the walk.
Ok. ands whats your fucking point? so you showed how many times i posted today.. OOOO WOW! VERY GOOD... so whats your point?
Dont talk the talk unless you can walk the walk.
If i want your god damned opinion ill rattle your cage.
Dont talk the talk unless you can walk the walk.