×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Linux Server Break-in Challenge

CmdrTaco posted more than 9 years ago | from the g3t-r3ady-to-p3wn3z0rzasdkja dept.

Security 327

Sujit writes "Are you an Internet security expert at heart or by profession? Ever thought of trying your skill at a professionally set up server? If you are ready, enter. The Linux Server Break-in challenge. You will have a server available on the Internet 96 hours without interruption starting from 9 March 2005 2 AM IST. However, the server's life on the Net is in your hands."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

327 comments

Alternately, . . . (4, Funny)

Maradine (194191) | more than 9 years ago | (#11876970)

Post the IP address here. That'll compromise it.

Re:Alternately, . . . (1, Funny)

dtfinch (661405) | more than 9 years ago | (#11876995)

It's 192.168.0.103. Let the hacking begin!

Re:Alternately, . . . (5, Funny)

justforaday (560408) | more than 9 years ago | (#11877059)

It's 192.168.0.103. Let the hacking begin!

w00t!!! I got in! They used the same root password as I use on my box...What do I win???

Re:Alternately, . . . (4, Funny)

Council (514577) | more than 9 years ago | (#11877144)

Use the credit card numbers hidden on the box to buy absolutely anything you want.

Re:Alternately, . . . (0)

Anonymous Coward | more than 9 years ago | (#11877091)

According to my sources it's 66.35.250.150. Seems to be some kind of Linux based webserver running some guy's blog [slashdot.org]. ;-)

Re:Alternately, . . . (1)

Nuclear Elephant (700938) | more than 9 years ago | (#11877147)

The official IP address is 207.46.245.156 I know, it's a microsoft IP, but it's probably running FreeBSD. Is that close enough?

Isn't this illegal? (3, Insightful)

harris s newman (714436) | more than 9 years ago | (#11876997)

Even if it's with the system owner's permission, wouldn't this be considered illegal and prosecutable?

Re:Isn't this illegal? (1)

mahdi13 (660205) | more than 9 years ago | (#11877029)

I think it falls under the same rules that http://www.hackerslab.org/eorg/ uses

whatever those may be...offshore?

Re:Isn't this illegal? (5, Informative)

LordEd (840443) | more than 9 years ago | (#11877162)

Hacking isn't illegal. Hacking without permission is illegal. The distinction is unauthorized access. The owner of the box is giving free license to everyone to attack it.

Its just like corporations hiring security experts to attack their systems in order to find flaws (and strengthen their defenses)

Re:Isn't this illegal? (1)

gowen (141411) | more than 9 years ago | (#11877375)

Its just like corporations hiring security experts to attack their systems in order to find flaws (and strengthen their defenses)
Only, you know, cheaper.

And less effective.

Re:Isn't this illegal? (1)

northcat (827059) | more than 9 years ago | (#11877266)

Of course not. You can do whatever you want with your computer once you bought it. And you can do almost whatever you want with FOSS software. Of course, you can't do some things with proprietary software, like reverse engineering. But still, just exploiting a vulnerability on *your* machine with proprietary software is not illegal. And if you give permission to someone else, they can do this too. Your question is like asking whether it's illegal to hire a locksmith to break the lock on the door of *your own* house.

Challenge accepted! (4, Funny)

c0l0 (826165) | more than 9 years ago | (#11877013)

Now I'll just have to find that Sub7-thingie for Linux somewhere on the net...

Incentive? (3, Interesting)

virex (562720) | more than 9 years ago | (#11877014)

is there any reason to do this? you would think that the linux geeks out there wouldn't want it to be compremised. especially since there is no reward or prize of any sort. most people that are capable of doing this wouldn't want to.

Re:Incentive? (4, Insightful)

AArnott (751989) | more than 9 years ago | (#11877039)

most people that are capable of doing this wouldn't want to. Agreed. Microsoft has pulled this stunt with their Windows servers repeatedly. Of course bringing either of these down would result in the hack being logged and eventually corrected. Hackers don't want to give up their secrets.

Re:Incentive? (3, Informative)

SQLz (564901) | more than 9 years ago | (#11877095)

Actually, they would. For a couple reasons.

1. Contests like this make Linux more secure.
2. If your looking to find a job in the security industry, this a is a nice bullet on the resume.

You don't see MS having break in challenges do you? If they did and 17 unknown holes were found and fixed that would have gone unpatched otherwise, would Windows be more secure or less secure?

Re:Incentive? (1)

operagost (62405) | more than 9 years ago | (#11877228)

Actually, MS had a break-in challenge for a beta version of Windows 2000 back in 1999. Strangely, it had lots of downtime which they blamed on "power outages."

Re:Incentive? (0)

Anonymous Coward | more than 9 years ago | (#11877298)

Well, nobody owned the box.

Which was meaningless because Win2000 shipped with several critical Index Server holes.

Re:Incentive? (1)

drnlm (533500) | more than 9 years ago | (#11877097)

On the other hand, the packet capture data would be interesting information on what current security holes people look to exploit, etc.

Of course, as linuxense offer a security service, this smells like a "to be spun into marketing copy" stunt.

Re:Incentive? (1)

virex (562720) | more than 9 years ago | (#11877142)

this smells like a "to be spun into marketing copy" stunt.
that's exactly what they're doing. They want to make it look like their security process is top notch, but by giving an incentive they would have had more people testing it and it would have looked a lot better. like i said, most linux geeks don't want to see linux compremised, so they probably wouldn't even try. and the people that do know how to compremise it wouldn't want to tip them off.

Re:Incentive? (1)

dubdays (410710) | more than 9 years ago | (#11877116)

you would think that the linux geeks out there wouldn't want it to be compremised

Actually, this is a very good test at the security of the system, and one that I believe we should welcome. The more of these contests we have, the more security bugs that will be found and then promptly patched. This has the potential for leading to a system with nearly un-crackable remote security (assuming all of the results are publically released). So I say hack the crap out of it!

Re:Incentive? (1)

automaticlarynx (747144) | more than 9 years ago | (#11877238)

The prize is glory and renoun. If you win, you get to say you're the most secure sysadmin in the world. If you lose, you just keep it quiet. That seems like a good gamble to me.

More Interesting (2, Funny)

Anonymous Coward | more than 9 years ago | (#11877015)

That server wont have a firewall or much secuirty... so how about 69.44.61.248 - the linuxense.com webserver :)

Tidal Wave (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11877016)

Phear the /. effect!

Selling some sort of hardened Linux, perhaps? (4, Insightful)

rfc1394 (155777) | more than 9 years ago | (#11877021)

It might be this company is selling some sort of very hardened Linux. If they are, this is exactly the right way to go about it. They are publicly inviiting people to attack it, meaning that if there are any holes, someone is likely to find them. And anyone who hacks on the box can do so with impunity. And if they really can build a bulletproof box then they deserve the rewards they can get by selling one which, on an open and public basis, has taken the worst anyone could throw at it and survived.

Re:Selling some sort of hardened Linux, perhaps? (1)

PyWiz (865118) | more than 9 years ago | (#11877048)

Quite the innovative way to get some free pen testing, huh?

Re:Selling some sort of hardened Linux, perhaps? (0, Funny)

Anonymous Coward | more than 9 years ago | (#11877131)

Alternatively, they could just register a Slashdot account, post "OMFG SCO rulez Linuz SUXX0Rz!!11" in every topic, and point the URL in the profile to a website saying "LOL get the facts LINUX SI FOR HIPPYS"

Re:Selling some sort of BS, perhaps? (0)

Anonymous Coward | more than 9 years ago | (#11877309)

Jig would be up the second the would-be hacker notices its a linux box. I know you're trying to be funny, but I really think that, as immature as a linux geek may be, underestimating his(her?) intelligence is never a good idea. Of course you're posting (flamebait?) as AC, so maybe you know this already.

Re:Selling some sort of hardened Linux, perhaps? (4, Insightful)

sirket (60694) | more than 9 years ago | (#11877132)

has taken the worst anyone could throw at it and survived.

Let me get this straight- 96 hours allows people to try "the worst anyone could throw at it?" In your wildest dreams perhaps. Furthermore how does this prove anything? Do you honestly think a real attacker would waste a 0-day exploit on such a lame contest? Why not wait until several banks have deployed this system and then make some money with such an attack :)

The hack contests are silly. Any admin with half a brain can set up a secure system and the only way to root it would be 0-day that no self respecting hacker would waste on this system.

If you are serious about security you pay for a full audit of the source code, professional penetration testing over a 2 week period, and you test for root exploits using a local account- on the assumption that somewhere down the line the system will be misconfigured and an attacker will gain non-root privileges.

-sirket

Re:Selling some sort of hardened Linux, perhaps? (1)

grasshoppa (657393) | more than 9 years ago | (#11877265)

Not disagreeing with you, but the longer you sit on a 0-day, the higher the chance someone else uses it, or something close enough to it, to negate your advantage.

Just a small note.

Re:Selling some sort of hardened Linux, perhaps? (3, Informative)

gowen (141411) | more than 9 years ago | (#11877275)

and you test for root exploits using a local account
Which is exactly what will happen if no-one has found a remote hole in 48 hours.

RTFA.

very handy. *cough* (2, Funny)

blue_adept (40915) | more than 9 years ago | (#11877133)

yes, very handy for those real-life applications where the server will be on the internet for more than 96 hours.

Re:very handy. *cough* (5, Informative)

Council (514577) | more than 9 years ago | (#11877198)

The Fallacy of Cracking Contests [schneier.com] (Bruce Schneier)

Contests are a terrible way to demonstrate security. A product/system/protocol/algorithm that has survived a contest unbroken is not obviously more trustworthy than one that has not been the subject of a contest. The best products/systems/protocols/algorithms available today have not been the subjects of any contests, and probably never will be. Contests generally don't produce useful data. There are three basic
reasons why this is so.
[see link for explanations]

Re:Selling some sort of hardened Linux, perhaps? (0)

TheKubrix (585297) | more than 9 years ago | (#11877220)

Thank you for stating the obvious, phew, at first I thought this was an FBI honeypot! :\

While I'm sure they're legit... (4, Interesting)

Xaroth (67516) | more than 9 years ago | (#11877032)

...this seems like it'd be a great way to try to take down your friend's (or enemy's) computer.

"Oh, we're putting up a box for the hacking at such and such time. We swear it's ours. No, really! Trust us. "

Few would be the wiser until it was too late.

Re:While I'm sure they're legit... (1)

saskboy (600063) | more than 9 years ago | (#11877083)

Odds are this company isn't going to publish their friend's IP address. But it would be insteresting if anyone's done that before, and advertised an IP of a foe they said wanted to be cracked.

Re:While I'm sure they're legit... (1)

Technician (215283) | more than 9 years ago | (#11877217)

If they are smart they will put the IP address on the block of IP addresses they own. Then it wouldn't be any provable intent to harm anyone else. It's their block, their assigned address space, their server. I wonder if most who take the challange will take the time to look up their address block ahead of time, just to be sure they are not attacking a competitor.

Re:While I'm sure they're legit... (0)

Anonymous Coward | more than 9 years ago | (#11877249)

Maybe they'll post SCO's address ;-). It'll give them more time to get together their finance report for the Securities and Exchange Commission.

break-in challenges (0, Insightful)

Anonymous Coward | more than 9 years ago | (#11877035)

These break-in challenges (for any OS) were interesting the first 50,000 times they were issued, but they're getting old now.

FTA (4, Funny)

mr_z_beeblebrox (591077) | more than 9 years ago | (#11877038)

I thought it was a nice touch that they give directions on how to stop network services for someone who gets root. Most people who root linux boxes have trouble with those advanced administrative functions

Rules (5, Insightful)

3770 (560838) | more than 9 years ago | (#11877050)

The rules say:

You need to leave your mark at ``/''. It could be your email address, GPG public key or something else with which we can verify your identity.


The root partition could be on a read only media such as a CD-ROM, right? In which case nobody could ever win.

Re:Rules (5, Insightful)

espo812 (261758) | more than 9 years ago | (#11877143)

Physical attacks are just as valid as network attacks. Now where did I put my Dell technician uniform...

Re:Rules (0)

Anonymous Coward | more than 9 years ago | (#11877183)

not true!
if that were the case then explain how on almost every unix like system I have ever seen, you can eaisly use mkdir as root... now what would be amusing is if they have / given like 5 mb or something trivially small and /etc /usr and so on as seperate partitions on different computers... or better yet if the whole thing was actually a windows box behind more layers of routers then one can count.

Re:Rules (0)

Anonymous Coward | more than 9 years ago | (#11877219)

The grandparent said the root dir could be on a *read-only* media. Think before you post.

Sheesh.

Re:Rules (1)

caluml (551744) | more than 9 years ago | (#11877186)

Yeah, or just use GRSec or SELinux to disallow any process to write to /. I imagine that it won't get broken into. If it does, I expect it to be Brad Spengler, or some maintainer of SELinux, who happen to know a few bugs in the code that they maintain.

Re:Rules (0)

Anonymous Coward | more than 9 years ago | (#11877208)

It'd be more complicated, but I think they could mount a new filesystem over the top of root, or could crash and reboot the system from different media, rewrite parts of kernel memory, rewrite the NVRAM, etc. Once you have root you have quite a few options.

Re:Rules (1)

Sweetshark (696449) | more than 9 years ago | (#11877269)

The root partition could be on a read only media such as a CD-ROM, right? In which case nobody could ever win.
... unless you make a installation into a RW media and reboot into it.

Re:Rules (1)

delirium of disorder (701392) | more than 9 years ago | (#11877288)

Even if / is read only, if you have root, you should still be able to find some way to leave your mark.

For example, if you have root, you could probably use usermode linux to run an additional version of linux within itself with / on a ramdisk. Even if the system has no hard drive and loads everything from flash firmware or a cd, you need to have some ram. If you are root, you can write to that ram and label it with your identification information and subsequently make it a root partition in some way.

Re:Rules (1)

Technician (215283) | more than 9 years ago | (#11877355)

To win, make yourself an account. Stop network services. E-mail them that you did it. All they have to do is log on localy using the admin level account you created. Any questions? This dies after a reboot.

vanilla (5, Interesting)

jest3r (458429) | more than 9 years ago | (#11877056)

I would like to see a challenge like this with vanilla installs of the top 10 Linux distros.

As Linux gets closer to mainstream more and more people are installing without tweaks or recompiles. How well does Linux stand up without the expertise of a professional?

Re:vanilla (1)

loconet (415875) | more than 9 years ago | (#11877360)

Good idea, For a different test It would also be interesting to add a few windows boxes into the mix as well. WinXP, Win2k, Win 2003, maybe some bsds.

What's the point? (2, Interesting)

sirket (60694) | more than 9 years ago | (#11877057)

The server is not being set up as a production system so what is the point to a successful compromise. Furthermore- anyone with any sysadmin experience should be able to set up a server that can not be compromised except by 0-day - and honestly- who would waste 0-day on a lame contest?

-sirket

Re:What's the point? (0)

caluml (551744) | more than 9 years ago | (#11877235)

who would waste 0-day on a lame contest?

People that want to practice without being prosecuted?

Time zone? (2, Interesting)

KD7JZ (161218) | more than 9 years ago | (#11877067)

What time zone is IST?

Re:Time zone? (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11877101)

India.

Re:Time zone? (-1)

Anonymous Coward | more than 9 years ago | (#11877114)

Idiot Standard Time.

You should know, right?

Re:Time zone? (1, Informative)

Anonymous Coward | more than 9 years ago | (#11877139)

indian standard time

Re:Time zone? (0, Informative)

Anonymous Coward | more than 9 years ago | (#11877149)

This IST is in India. UTC+530

Re:Time zone? (0)

Anonymous Coward | more than 9 years ago | (#11877161)

posting this anon because it's so obvious it'd be karma whoring not too. let's see, a google for "IST time zone" produces this [timeanddate.com]

If you don't know, you can't play (1)

xtermin8 (719661) | more than 9 years ago | (#11877163)

I have no idea myself, but I assume if I had any knowledge about internet security I'd know international time zones better. Now that I've posted this on /. I'm going to also strap a big target mark to my forehead. Doh!

Uh, ok. (4, Interesting)

bigtallmofo (695287) | more than 9 years ago | (#11877074)

Break into a Linux server that has no services running presumably with some heretofore-unannounced buffer overflow in Linux's implementation of the ICMP protocol, all the while having every single packet sent to the system sniffed so that the sponsors of the challenge can know exactly how you did it.

Such a feat and sharing of knowledge should be worth about $1,000,000. I'm sure they'll get a lot of contenders with their offer of $0.

Re:Uh, ok. (3, Informative)

spectrokid (660550) | more than 9 years ago | (#11877188)

Break into a Linux server that has no services running[...]
From TFA: This server won't be protected by firewall. There won't be any fake demons or honeypots as well. It will be running all the services normally found in a regular Linux distribution and more.

Tin Foil Hat Contest! (1, Funny)

xtermin8 (719661) | more than 9 years ago | (#11877081)

If nobody can read your thoughts for 96 hours you win- a free tinfoil hat! Yay!

Re:Tin Foil Hat Contest! (0)

Anonymous Coward | more than 9 years ago | (#11877356)

Windows 2003 breakin challenge (3, Interesting)

mrm677 (456727) | more than 9 years ago | (#11877110)

I wonder if somebody could break into Windows 2003 in the same amount of time?

There are likely hidden exploits in both OSes, but these things take time to find. Stumbling upon something by luck is quite common.

Social engineering (3, Funny)

saskboy (600063) | more than 9 years ago | (#11877111)

Obviously the best way to crack this server is going to be to socially engineer the linux administrator at this company, and get the real root password.
It's probably something like: thislinuxis2coolforU2crax0r

Hmm, that sounds like something I should use as a root password. Forget I mentioned this.

Honeypots? (2, Interesting)

utlemming (654269) | more than 9 years ago | (#11877118)

Are honeypots legal? I mean if I put up a honey pot and the root system isn't compromised, do I win?

For crying out loud (1)

asliarun (636603) | more than 9 years ago | (#11877122)

at least give a t-shirt as a prize.

Altruistic intellectual pursuits are one thing, a penguin t-shirt is completely another.

On the other hand, could this be:-
1. A secret government program to ferret out crackers?
2. Google's latest recruitment drive?
3. Network Associates looking for a new CEO?

Re:For crying out loud (2, Funny)

PoprocksCk (756380) | more than 9 years ago | (#11877225)

"Altruistic intellectual pursuits are one thing, a penguin t-shirt is completely another."

I'd prefer Napoleon Dynamite's helicopter shirt. To each his own, I guess.

Outsourced (3, Funny)

Evil W1zard (832703) | more than 9 years ago | (#11877123)

Hey our Hacking Contests have been outsourced to India. Seriously though I am kind of wary about this because I don't know what legal implications there may be doing this since I am uneducated in Indian Cyber criminal law? Also the web site looks fairly hinkey (yes its a word and I'll use it!) It would be funny if they posted the IP address at the start of the contest and it turned out to be the IP of some major site or agency....

Just a hacking challenge (4, Insightful)

northcat (827059) | more than 9 years ago | (#11877125)

So, this is just another hacking challenge. Like the hundreds of others out there (many/most of which are on Linux). What qualifies this to make it to slashdot?

Re:Just a hacking challenge (1)

northcat (827059) | more than 9 years ago | (#11877200)

Of course this is a challenge and of course there many others out there. Whoever modded me as troll needs look around the internet more. Just google for "hacking challenge". There are a shit load of these on the net.

Re:Just a hacking challenge (2, Insightful)

tech_guru5182 (577981) | more than 9 years ago | (#11877397)

What would make a great challenge is to create a system and make a shell account public via telnet or ssh, to simulate an employee's account being obtained via social engineering, then having it tested. The system should have a typical set of programs runing that would be found on a production system. This would make for a great test of the system. You must remember taht at an orginization of any reasonable size there will be at least one or two accounts that can be accessed via social engineering the appropriate luser.

I know how to do it. (-1, Offtopic)

ben0207 (845105) | more than 9 years ago | (#11877146)

1. Find where the server is. 2. Break in. 3. Install Windows. 4. ??? 5. Profit!

Social Engineering (5, Funny)

Inkieminstrel (812132) | more than 9 years ago | (#11877182)

Dear Admin,

I am currently working on a project sponsored by you in which I need to break into your computer. In order to do this, I will need the root password. Also, my SSH signature is attached to this message. Please add me to the list of valid signatures.

Thank you,
Inkieminstrel
Social Engineer

Windows Server Break-in Counter-Challenge (0)

Anonymous Coward | more than 9 years ago | (#11877211)

To show you Linux geeks that Windows is every bit as secure as Linux, we will be hosting the Windows Server Break-in Counter Challenge. We too will make a professionally set up server available on the net for 96 hours, uninterrupted. We'll see who has the best security.


* For purposes of this test, "on the net" shall mean locked in faraday cage in a concrete bunker, powered down and with the hard drives removed.

Re:Windows Server Break-in Counter-Challenge (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#11877293)

You're a fucking goof. I hate windows too but that joke you just posted has to be THE GAYEST thing I have ever read. Really? you thought it was funny? OMG you are teh gay! Get out of the bastment buddy. Jeeze.....wow. I am now dumber for having read such a fucking stupid post. I don't think I'll ever be the same after what you just wrote. A soviet Russia joke would have been funnier. Do you think ANYONE will find your "joke" funny?!? My god. Just an awful attempt at "humor" Crist, that was BAD man. The WORST post I have ever read on Slashdot. TEH GAY. If I were you I'd be so ashamed of myself I'd just die. HOLY FUCK THAT WAS BAD.

What about system crashes? (3, Interesting)

Begemot (38841) | more than 9 years ago | (#11877214)

From my experience, hacking attempts often end up with crashed OS. Double power supply and stable Internet won't help. Somebody is going to ping/reboot the system for 48 hours?

Lemee guess the "Catch" (2, Interesting)

Creepy Crawler (680178) | more than 9 years ago | (#11877223)

Its running Zen and using NSA security modules with USB rootplug.

Then they hand out root ;P and laugh.

Reminds me of Red Hat EL (4, Insightful)

svin (803162) | more than 9 years ago | (#11877248)

First time they did something similar, they appearently got hacked in 45 seconds [slashdot.org]

But as the old slashdot article also states the 2nd generation was able to stay afloat.

Seems like a great way to learn how to secure a system though - let the best hackers/crackers out there have a go, and learn what went wrong.

Oh the irony.. (2, Funny)

tod_miller (792541) | more than 9 years ago | (#11877254)

...if the admin uses Outlook (on a diff machine):

Subject: "I hax0r3d your box!11"

Dear adm1n, I hjax0red your l1nu> box, look at the attached screensh00t as pr00f!!!

h4x0r3d.vbs.exe.scr.pif.dll.bat

Look at the pic and I will hack^H^H^H^H show you!!

Yours

skr1pt k1|)|)1e

PS: I am tha l33ts7 I even misp4ll l36t words.

just use openbsd and fudge the uname (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#11877264)

because linux sucks

Take the easy way out (5, Funny)

tsmithnj (738472) | more than 9 years ago | (#11877318)

All the posts thus far are technical in nature. The easiest way into that machine is through the front door. Find the server, grab it, and run. If these guys are stupid enough to allow you to break into their property-- take them up on the challenge. AFter all, they did lay down the challenge.....

give away valuable skills (2, Insightful)

slartibart (669913) | more than 9 years ago | (#11877333)

Apparently, linuxense is saying, "Hey we don't have enough resources to test our OS's security. Let's stroke the egos of the hacker community and maybe we can trick them into working for us, for free. Free labor, woohoo!"

They know damn well that the expertise they're looking for is very valuable, and yet they're not even offering a token prize. Pathetic.

I hope they don't even get a single packet. "Hey everyone! Try to break into our server! It'll be FUN!!!" "...."

Sounds like... (1)

Myrkur (621981) | more than 9 years ago | (#11877376)

Who would enter a contest like this?

If you're good enough to find and write an 0-day exploit, which is probably what it's going to take to take over this box, why would you want to leave it in the logs of some contest-box just so someone else can make his claim to fame for finding it?

Seems to me that if you're whitehat you'd want to publish the vulnerability yourself, and if you're blackhat you wouldn't waste it on a contest.

So who exactly is this contest intended for?

Dear god.... (1)

Darkon06 (714661) | more than 9 years ago | (#11877385)

this is pathetic, they say that they will be running more than the usual number of service ( = more possible holes ) and expect this to last more than a couple hours?? Unless this company has some ungodly hard-linux distro up their sleeves, this will be short and pathetic. If you ever look at some of the so called "war games" online with this sort of thing you know how it goes. Even with 3 or so services running un-patched exploits are all too common to make breaking in hard.

If no one breaks in, I can only think of one good reason why

- This company really does have a very secure distro and the uber-hackers can't be convinced to try it (look at some of the posts above for the reasoning behind that one)

DOS Lamers (1)

dmaxwell (43234) | more than 9 years ago | (#11877391)

A few years back, the LinuxPPC guys ran a challenge this like. Even though DOS attacks were clearly against the rules as the only thing that counted was getting root, lamers doing them nearly ended the challenge.

I have to wonder if their hosting provider won't wind up throwing them out.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...