Slashdot Mirror

← Back to Stories (view on slashdot.org)

LinuxPPC challenge rides again

Posted by ryuzaki0 on from the flight-of-the-valkiyres dept.

jacobm writes "According to an announcement on their site, AntiOnline is going to host the LinuxPPC challenge (crack an out-of-the-box LinuxPPC install and you can keep the computer), which was taken down a few weeks back because of bad guys doing mean things to LinuxPPC's network. Gentlemen, start your port scanners! "

7 of 56 comments (clear)

  1. Re:Scanning ports by Trepidity · · Score: 2

    It refers to the difficulty in spoofing a TCP connection. Basically, to spoof a TCP connection, you need to take down the host you're pretending to be (usually with SYN flooding or something of that nature), and then sent TCP packets with that host's IP address as the origin. However, since the return packets will be going back to the disabled host, not to you (TCP spoofing is a "blind" attach), you need to guess the sequence numbers to put in the TCP packets, and if you guess wrong, the other side will discard them as being out of order or random garbage data, thus disconnecting you (if you even got the connection negotiated in the first place) and messing up your attack.

    TCP sequence predition in nmap estimates the difficulty of guessing these TCP sequence numbers. In some OSs, such as Windows, it's a fixed increment between packets, so trivially easy to guess. In Linux, apparently, "random positive increments" are used, making it extremely difficult to guess the TCP sequence, thus making it extremely difficult to successfully spoof a TCP connection.

    I've read some on Bugtraq recently about other weird things in Linux that will allow you to get a more accurate guess of the sequence numbers on a host that's otherwise idle (i think the id field in the IP packet increments by one each time or something of that nature). However, it's still not nearly as easy as Windows.

    For a much more in-depth discussion, read daemon9's IP-Spoofing Demystified (Phrack Issue 48, Phile 14).

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
  2. Scanning ports by Tsk · · Score: 2
    Gentlemen, start your port scanners!
    This is not needed its been done alredy http://crack.linuxppc.org/nmap.results.d on't waste your time and bandwith .... Try something else.

    --
    none Yet.
  3. Re:wow by alhaz · · Score: 2

    I mean how to bring down the server.

    I guess you could alternate that with how to hack root, but that would be a matter of discovering a heretofore unknown rootshell exploit, which would require more resources than just crashing it.

    --
    This is just like television, only you can see much further.
  4. "Start your portscanners" by alhaz · · Score: 3

    I think this is a silly way to figure out how to hack a known configuration.

    I've often told people, if someone hacks your system and leaves you an obscene calling card, that was basicly a scriptkiddy who got lucky. A genuine, serious security cracker prefers to leave as little evidence as possible.

    Flailing away at this thing from remote isn't just a waste of time, it's embarrasing.

    If I had any interest in all in cracking this box, here's what I'd do.

    If i didn't already have access to a powermac, I'd borrow or rent one, as similar as possible to the one being used.

    I'd install linuxppc on it, staying as close to their known configuration as possible. if this is truly the default installation, that makes it much easier.

    I'd hook it up on a private segment with some other systems, and hammer away on it where noone can see, where noone else is generating traffic, examining the system for different sorts of problems depending on what i did to it.

    I'm sure eventually I'd find some way to at least cause the thing to die. It might take weeks, or days. Hard to say.

    As soon as i was 100% certian I'd found a way to kill it, then and only then would i begin to attack the machine in question.

    All this portscanning and flooding is just noise. Even if they do bring it down, they won't be able to reproduce it. In that respect, this is a pretty good PR stunt, given that linux is reasonably secure and stable.


    --
    This is just like television, only you can see much further.
  5. Publicity Stunt by dirty · · Score: 2

    I think this is nothing more than a publicity stunt on antionline's part. After the PacketStorm fiasco I'm sure that antionline took a lot of heat from the security community. The descission to host the box is probally a way of saying "Look we're on your side, really we are!" in an attempt to look good in the public's eye.

    --

    -matt
  6. Re:Anti-Online by Kaa · · Score: 2

    The guy that runs Antionline often talks about how he tracks various crackers and turns the info over to the authorities.

    Yep. I am sure that he is compiling a database of IP addresses from which attacks are being launched. Given his past behavior, I wouldn't be surprised to learn that this was the whole point of the exercise.

    Kaa

    --

    Kaa
    Kaa's Law: In any sufficiently large group of people most are idiots.
  7. Antionline?? by Kaa · · Score: 3

    Didn't Antionline (John Vranesevich) behave in a very unpleasant manner recently (PacketStorm -- Harvard)? I thought that he was relegated to the "don't touch with a 10-foot pole" category.

    Kaa

    --

    Kaa
    Kaa's Law: In any sufficiently large group of people most are idiots.