Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

LinuxPPC Challenge: Crack the Box and Keep it!

CmdrTaco posted more than 14 years ago | from the contests-with-incentive dept.

Apple 161

Jeff Carr from LinuxPPC was so amused by yesterday's MS W2k crack challange that he figured he'd play too: By setting up a LinuxPPC box challanging the adept out there to get in... but if you can get in, you get to keep the box! Its a stock LinuxPPC install, and he even left telnet on. The url is crack.linuxppc.org. You must be able to reproduce your entry to win. Have fun.

cancel ×

161 comments

Re:uh.... real nice (1)

ricdef (57656) | more than 14 years ago | (#1765765)

I think it should be clarified what the "crack guestbook" really is!

I mean it does not seem as if it is impossible to crack if the "crack guestbook" shows several people actually cracking the system.

Even the computer cracked itself! (127.0.0.1)

Seriously, tongue in check and all, I believe the list should be removed to avoid any excess traffic on other sites (I would not believe /.ers would /. the guestbook list, would they?)

Where do you want to go today? http://www.windows2000test.com seems off bound to me ;^P

Re:hahaha (1)

quadong (52475) | more than 14 years ago | (#1765766)

I do believe that whoever moderated you down thought that you meant the "HAHAHAHAHA" in a nasty, flame provoking way. Also, moderators go kinda trigger happy on first posts, whether or not they are "first posts."

nmap scan :-) (1)

gsaraber (46165) | more than 14 years ago | (#1765767)

Starting nmap V. 2.12 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
Host (169.207.154.108) appears to be up ... good.
Initiating SYN half-open stealth scan against (169.207.154.108)
Adding TCP port 23 (state Open).
Adding TCP port 111 (state Open).
Adding TCP port 80 (state Open).
The SYN scan took 108 seconds to scan 1483 ports.
For OSScan assuming that port 23 is open and port 30569 is closed and neither are firewalled
Interesting ports on (169.207.154.108):
Port State Protocol Service
7 filtered tcp echo
19 filtered tcp chargen
23 open tcp telnet
80 open tcp http
111 open tcp sunrpc

TCP Sequence Prediction: Class=random positive increments
Difficulty=3004658 (Good luck!)

Sequence numbers: 56980630 56E19E58 5757E55E 56A2583F 5758D1B1
Remote operating system guess: Linux 2.1.122 - 2.1.132; 2.2.0-pre1 - 2.2.2

Nmap run completed -- 1 IP address (1 host up) scanned in 121 seconds

================================
check out that sunrpc port .. that looks promesing

enjoy :-)

NT is the most secure OS (2)

RelliK (4466) | more than 14 years ago | (#1765778)

I can only imagine Microsoft's marketing geniuses saying:

"Windows NT is the most secure operating system. It has a feature called IntelliCrash, which causes the operating system to crash when it detects high network traffic. Such traffic is always caused by hacker's activities, but, since the system is down, any attempts to break in will be unsuccessful. This innovation puts us years ahead of the competition."

Re:buffer overflows and script kiddies (1)

FigWig (10981) | more than 14 years ago | (#1765779)

I was under the impression that most buffer overruns were caused by overwriting the return address on the stack. So a function in a program run as root returns to exec /bin/sh. Different architectures might grow the stack in different directions, causing the buffer overflows to fail.

I know that there are also buffer overflows on the heap, but I don't know how that works.

Re:Maybe this server will actually be up... (1)

Patton (70344) | more than 14 years ago | (#1765780)

A team of us got together yesterday and we went bashing on it for a while. Judging from its reaction while we were after it I think we probably did bluescreen it or otherwise 'freaked it out' (to be technical). It came back up not too long after that though so nothing permanent. Probably just a reboot but no way for us to prove it was definitely our doing or someone else getting the KO punch in.

I think someone REALLY got a suckerpunch in on them judging by its current reaction (or lack there of apparently). Probably is bandwidth flooding though.

(The no-DOS attack method their rules were saying not do was for just swamping by the power of bandwidth. We just aimed at making it run out of ram and/or blue screening with as few packets as we could from multiple sites.)

Re:At least it's there... (1)

ajakk (29927) | more than 14 years ago | (#1765781)

I get to see the box, but only because IE5 has cached it. Go to the site and then hit the refresh button. 5 to 1 that it can't find the server.

Re:This could turn into King (1)

gocubs (21220) | more than 14 years ago | (#1765782)

Well... this is almost like the Happy Hacker wargames, except that it's worthwhile (prizes amounting to more than recognition). That, and it isn't intrisically flawed because it isn't run by Carolyn Meinel....

Re:This could turn into "King of the Hill" (2)

bmetzler (12546) | more than 14 years ago | (#1765783)

I love the idea, but I think you'd have a hard time finding anybody to host such a beast. Besides supporting what would probably be a huge amount of traffic - and some pretty funky looking packets, you've also got to consider what kind of collateral damage it could cause. Somebody mentioned that the MS test box has had it's DNS servers taken down already...

Nope, you're wrong. Someone has already hosted many servers just for the intent to be hacked. Check out http://www.happyhacker.org/hwargame.html . Yep, a real life hack that box challenge that never goes away. [happyhacker.org]

-Brent

Re:hahaha (1)

DanJose52 (55815) | more than 14 years ago | (#1765784)

oh, well...okay, but I still don't get it...I mean, it was very funny of them to do that...the first thing I thought when I saw the page was "it's sparse..." then I read that and started laughing...well, moderators, have fun with it..

Re:nmap scan :-) (0)

Anonymous Coward | more than 14 years ago | (#1765785)

Try again. Some goofball killed the telnet!

Phil

Mistake! Mistake! (1)

qnonsense (12235) | more than 14 years ago | (#1765786)

This challenge to break into a LinuxPPC stock install (with nothing running) is NOT anallagous to Microsoft's challenge.

There is no way in hell that the W2K server MS is putting up for this challenge is stock installed. It's probably been tweaked by MS engineers over the past two weeks to lock out any possible attack.

When this server is cracked and theirs isn't, they will point to this as an example of W2k being more secure than Linux (which I doubt very much). This can't be allowed. Someone (maybe from Red Hat or from Debian or from *BSD) should take a week and secure one of thier servers and then let anyone go at it. Then we'll see whose server lasts longer.

Interesting responses so far. (2)

Eric Lai (3216) | more than 14 years ago | (#1765787)

I find it interesting to see how few people are flaming the LinuxPPC guys. When Microsoft started up their contest, people were extremely quick to crusade their views, many of them with four-letter words and simple sentences with little content.

Of course, the Linux guys didn't make their web page incompatible with Netscape (or include unnecessary Javascript anyhow)...

However, look at the situation from another angle--look at how shoddy the crack.linuxppc.org webpage is. Imagine if the Windows site had looked remotely like the LinuxPPC site does. Microsoft would have had a hard time finding enough extinguishers for THAT one.

Imagine if the Windows guys had posted IP addresses on the main page.

Do Linux users expect less of themselves? Do they not mind sloppy work? Does this make them feel more comfortable? The LinuxPPC site is definitely not designed to appeal to anyone in a "commercial" sense--is this why it's acceptible?

In any case, it's good advertising for LinuxPPC I suppose...

Oh well. I just think it's interesting how much our biases get in the way of logical thought.

hahaha (1)

DanJose52 (55815) | more than 14 years ago | (#1765790)

"If you get in, please submit a better web page than this" HAHAHAHA

hahaha..
ha

Hmm... (1)

mdemeny (35326) | more than 14 years ago | (#1765792)

This looks more tempting than the cheesy MS "offer".

Note, their server is down. I wonder if it's a DoS attack. Against the rules, but funny though.

MS's server, that is.... (1)

mdemeny (35326) | more than 14 years ago | (#1765794)


I meant Microsoft's is down.

Somehow... (0)

Anonymous Coward | more than 14 years ago | (#1765796)

I got the feeling he'll lose that box.

uh.... real nice (1)

Malacai[GDI] (48381) | more than 14 years ago | (#1765797)

Great. Hack into their site. They display your IP address for everyone else in the world to hack into.

No thanks. I already got stung by the last wuftpd exploit.

Where do you want to go tomorrow? (0)

Anonymous Coward | more than 14 years ago | (#1765800)

"Where do you want to go tomorrow?"

The day after Micro$oft makes its announcement, this. Perhaps this is the wrong interpretation of this classic Linux slogan.

-17x2

You break it, you keep it. (4)

SirSlud (67381) | more than 14 years ago | (#1765802)

Sounds suspiciously like a contest I run everyday when I bike to work. It's called "break the bike lock and keep the bike!".

SirSlud

Maybe this server will actually be up... (2)

The Silicon Sorceror (40289) | more than 14 years ago | (#1765804)

How are you supposed to crack a server that's only running on port 80? And how are you supposed to crack it if it's going on and off like a lightbulb? Somebody swamped microsoft2000test yesterday, then it crashed and they brought up a duplicate, then somebody took out both of the nameservers, then they went back up, but both servers were down...
Now they've switched nameservers totally, but the site's still out for the count. I think this is a pretty shoddy deal if you ask me.

--- pinging www.windows2000test.com, please wait...
--- sending to www.windows2000test.com [207.46.171.196],

error, ping 1 timed out...
error, ping 2 timed out...
error, ping 3 timed out...
error, ping 4 timed out...
error, ping 5 timed out...

--- ping statistics for www.windows2000test.com
5 packets transmitted, 0 received

At least it's there... (1)

Jafa (75430) | more than 14 years ago | (#1765806)

Compared to microsoft's test site, at least this one is reachable so far. After two days, I have been able to load microsoft's page only once.

Re:nmap scan :-) (1)

jnazario (7609) | more than 14 years ago | (#1765807)

so i did the rpcinfo scan for you folks:

$ /usr/sbin/rpcinfo -p crack.linuxppc.org
program vers proto port
100000 2 tcp 111 rpcbind
100000 2 udp 111 rpcbind

not much there other than bind... but that can be useful. i leave it as an exercise on what to do with that info. :)

Re:MS site is down (1)

Tim C (15259) | more than 14 years ago | (#1765808)

One of the machines we host websites on at work had a problem with SQLServer 6.5 filling up the application log - it was reporting that a connection could not be made (because the maximum number of simultaneous connections had been reached) 6 times a second.

Not very many services didn't crash, including IIS and SMTP (not good on a webserver!)

Only way to fix it was change the log settings and reboot....


Tim

No scriptss like MS (0)

Anonymous Coward | more than 14 years ago | (#1765809)

At least MS has an ASP based Guestbook that you can try and hack.

Re:You break it, you keep it. (2)

raistlinne (13725) | more than 14 years ago | (#1765810)

Whiel you're correct, how many stolen bikes do you think are actually recovered every year? If someone actually managed to steal the guy's bike, what are the chances that he'd ever see it again or that the theif would ever be procecuted for it?

Re:NT is the most secure OS (2)

moeller (57451) | more than 14 years ago | (#1765811)

Except they wouldn't use the term "crash." Rather, "Temporary Security Enhancement Through Service Restriction" or similar.
Hard to beat the name "IntelliCrash," though ;-)

They're just being cocky... (1)

Eric Lai (3216) | more than 14 years ago | (#1765812)

I think they're assuming that their system is more secure straight out of the box than anything Microsoft could put up. I guess only time will tell, eh?

In any case they win. If their system dies, they can still say, "but ours was a stock install," and they'll avoid most of the flack. The free toaster offer is good PR as well.

If their system survives, they get to shout out, "our stock installation was more secure than the Redmond boys' machine." Of course, that probably won't happen.

It doesn't look like they've got much to lose. Plus they're catering to the Linux crowd, not the Microsoft crowd, so they don't have to try all THAT hard to impress, I don't think.

Re:buffer overflows and script kiddies (1)

TreesCanHurt (20666) | more than 14 years ago | (#1765813)

There is some discussion on this issue from linux-kernel here [tux.org] .

The short version: It's possible to execute arbitrary code even if the stack is marked non-executable. Oh, and Alan Cox says Intel machines can't mark the stack non-exec anyway.

So your point may be true, but it's of limited value.

Re:Mistake! Mistake! (2)

Hollis (2246) | more than 14 years ago | (#1765814)

The difficulty is that LinuxPPC R5 comes with all inetd services disbled (for security). So it's not *really* a stock install - Jeff had to make it less secure. I believe the intent is to keep turning on services (like telnetd, which was already enabled) if no one breaks it quick enough.

Besides, if this server is cracked, then we will have found another hole to patch, which is the point of cracking, right?

You talk about taking a week to secure a server, but it could be done in a few minutes by turning everything off except Apache (and disable CGI). "Secure" is kind of a tradeoff in that case.

Re:MS site is down (1)

Z0z (4050) | more than 14 years ago | (#1765815)

? - It damn well better. Some people actually need to keep complete logs. NT can be set to wrap around logging or halt when the log is full. Any installation with any security sense has NT to halt when logs fill, of course, they generally never let it get full either.

Re:uh.... real nice ...not anymore (1)

digitaldaniel (24033) | more than 14 years ago | (#1765816)

Looks like someone was reading ./ they have removed the IP list from the site (3:50 mdt) and made a few new comments about its configuration and stats, still telnet does not seem to be working.

Dan-

It's mine! (0)

Anonymous Coward | more than 14 years ago | (#1765820)

When I crack that machine and it becomes mine, I'm gonna erase Linux and install MacOs 8.5 on it. Yeah!

Re:buffer overflows and script kiddies (1)

Jonathan White (15086) | more than 14 years ago | (#1765821)

Yes some operating systems do have non-executable stacks, I am unsure if Digital UNIX is one of them but it wouldn't surprise me. I do know Solaris has this feature (though there are/were some flaws, search bugtraq archives [geek-girl.com] for more info). Linux does as well through Solar Designer's secure-linux patches (http://www.false.com/security/linux/ index.html [false.com] ). This may only work with Intel Linux, I haven't used it elsewhere. Gory details of how it works are include with the patches. Beware however that these are not perfect and can be defeated. Also note that there are good uses for executable stacks, search on "gcc trampolining" for some examples and discussion.

In redmond... (1)

jmpvm (6160) | more than 14 years ago | (#1765822)

"ps - the machine still has 29meg of ram FREE - not buffered or shared - free as in totally unused with 128 connections. (160 meg of ram total.) Love to see the windows2000test.com box do that. "

LOL! This is great. Actually, I'd love to see the W2Ktest machine do ANYTHING right now. It's been down most of the day.

Looks like they finally got the router loops fixed though, but the machine is still not up. I wonder who's head is gonna roll in Redmond for this one? I'm sure the marketing genius who came up with this one didn't clear it with ole Billy-Boy...

Re:Interesting responses so far. (1)

Breace (33955) | more than 14 years ago | (#1765823)

look at how shoddy the crack.linuxppc.org webpage is

Look at how much time it took for LinuxPPC site to appear. How much time and people do you think it took to put M$'s site up?

Breace.

How to telnet? (0)

Anonymous Coward | more than 14 years ago | (#1765824)

Forgive my ignorance, but how do I telnet into the thing? Like what's the URL and port #?

Re:uh.... real nice ...not anymore (1)

digitaldaniel (24033) | more than 14 years ago | (#1765825)

Nevermind, its still there its just been moved off to another page

Dan-

What is the box? (0)

Anonymous Coward | more than 14 years ago | (#1765826)

Has anyone seen any mention anywhere of what hardware this is?

I guess some might enjoy the effort for its own sake, but I'd hate to see others expending some herculean energy to win an old 6100/60 . . .

Re:buffer overflows and script kiddies (1)

Jonathan White (15086) | more than 14 years ago | (#1765827)

Yes, the return address is modified to return to your evil code which you inserted in the buffer you overflowed. That code generally does something useful like give you a shell. See Smashing The Stack For Fun And Profit [phrack.com] for a much better explanation. Different architectures do grow the stack in different directions but that doesn't prevent the exploitation of overflows.

Heap based overflows are very similar but they occur in the data (bss) segment of a program. w00w00 on Heap Overflows [w00w00.org] has a pretty good explanation.

Is the guestbook a hole? (1)

Nathaniel (2984) | more than 14 years ago | (#1765828)

The guestbook is including hostnames, and it's an shtml page.

I'm not set up to change my hostname, but perhaps someone else would like to try changing their hostname to include a serverside include.

for instance.

Good Cause... (0)

Anonymous Coward | more than 14 years ago | (#1765829)

Since this is for a good cause, should we use the term 'hacking'?

Re:uh.... real nice ...not anymore (1)

znu (31198) | more than 14 years ago | (#1765830)

It's totally gone now. They removed in the last 10 minutes actually. I was just about to check how many people where on the list when it happened too. Damn.

Hey, LinuxPPC guys, how about doing an "attempted cracks" counter?

Re:uh.... real nice ...not anymore (2)

Anonymous Coward | more than 14 years ago | (#1765831)


06-095.021.popsite.net
0wned.org
12.1.145.19
12.1.182.66
12.13.101.2
12.13.101.5
12.13.226.21
12.15.222.5
12.17.133.102
12.19.7.129
12.20.48.100
12.20.66.36
12.23.153.224
12.4.125.144
12.66.3.222
12.76.123.49
12.78.105.190
12.79.180.100
12.79.24.215
12.8.190.10
12.9.139.104
127.0.0.1
128.103.107.130
128.114.10.13
128.114.130.1
128.114.130.224
128.114.22.163
128.115.134.64
128.118.206.34
128.119.198.30
128.135.47.228
128.138.129.12
128.143.2.47
128.146.156.242
128.146.190.30
128.163.161.148
128.165.209.115
128.165.88.132
128.173.12.137
128.173.17.87
128.174.154.139
128.174.5.39
128.174.5.62
128.183.105.37
128.187.21.178
128.197.73.220
128.2.121.189
128.2.15.12
128.2.15.9
129.133.28.203
129.142.196.41
129.176.201.45
129.186.46.116
129.187.26.51
129.21.142.164
129.22.240.140
129.237.125.61
129.237.97.63
129.57.8.76
129.57.9.170
129.57.9.179
129.6.61.57
129.6.61.64
129.6.61.65
129.64.8.30
129.65.242.5
129.69.166.243
129.69.192.144
129.93.33.1
130.115.255.113
130.127.112.40
130.149.82.47
130.160.4.114
130.160.7.39
130.216.93.17
130.231.6.20
130.244.106.141
130.244.175.90
130.244.58.19
130.64.1.30
130.67.198.209
130.67.50.88
130.67.96.162
130.68.1.26
131.104.238.101
131.128.23.171
131.130.104.58
131.151.6.34
131.155.20.128
131.155.209.82
131.174.116.100
131.174.97.67
131.179.192.137
131.215.86.119
131.216.128.150
131.216.136.173
131.238.221.93
131.238.3.50
141.201.222.106
141.201.53.23
141.211.63.82
141.213.8.81
141.215.10.193
141.31.147.253
141.44.136.32
141.69.150.240
141.82.18.72
142.104.124.69
143.166.173.56
143.195.1.4
144.15.26.94
144.32.178.46
144.41.19.78
144.74.19.216
144.74.69.107
144.74.69.67
144.92.108.95
144.92.112.142
145.228.129.71
145.253.2.35
145.253.2.36
145.253.71.163
145.253.72.145
145.253.74.131
145.253.76.21
145.253.94.137
146.145.249.135
146.186.226.167
147.11.41.19
147.253.80.10
147.26.62.159
147.86.141.72
148.100.215.108
149.136.185.159
149.138.16.3
149.225.11.73
149.44.3.33
150.135.83.151
150.216.63.62
151.140.22.53
151.198.200.161
151.199.124.10
151.23.0.215
152.1.9.115
152.174.207.47
152.19.5.73
152.2.205.95
166.72.196.67
166.84.144.9
168.122.16.231
168.159.218.165
168.175.254.62
168.191.209.196
168.191.82.165
168.191.91.103
168.58.110.4
169.197.54.146
169.207.131.61
169.207.134.6
169.207.154.107
169.207.62.79
169.207.85.200
169.229.92.67
169.237.129.161
169.237.7.61
169.244.19.131
170.142.111.15
170.65.40.28
170.94.194.189
18.215.0.52
190.newark-23-24rs.nj.dial-access.att.net
192.100.81.126
192.101.159.1
192.124.43.73
192.127.94.7
192.131.1.4
192.135.215.35
192.138.149.4
192.148.249.74
192.150.11.14
192.160.145.62
192.17.17.130
192.195.249.21
192.195.85.210
192.197.71.189
192.219.29.174
192.233.136.11
192.245.102.11
192.246.229.214
192.25.214.6
192.28.2.11
192.31.106.1
192.33.12.69
192.68.228.2
192.76.134.33
192.9.51.3
194.152.172.114
194.162.145.35
194.17.41.1
194.18.101.34
194.197.215.2
194.198.101.1
194.208.80.90
194.208.92.67
194.221.140.149
194.222.63.202
194.222.8.242
194.231.246.180
194.231.50.144
194.236.213.123
194.236.215.94
194.242.196.203
194.252.1.200
194.51.167.7
194.64.39.28
194.65.230.81
194.65.231.252
194.7.44.225
194.7.44.226
194.72.42.56
194.94.24.15
194.94.27.35
194.94.72.124
194.94.72.126
194.94.79.146
194.95.210.55
194.97.8.164
195.114.68.138
195.14.233.244
195.143.133.82
195.143.28.45
195.144.66.11
195.162.211.19
195.162.214.217
195.166.139.131
195.166.17.18
195.17.73.6
195.179.182.249
195.179.84.182
195.186.49.140
195.188.192.3
195.190.20.5
195.190.20.8
195.193.71.12
195.2.169.34
199.179.168.21
199.217.179.162
199.222.102.24
199.232.225.18
199.232.56.155
199.240.131.6
199.34.138.5
199.44.121.100
199.45.180.168
199.72.63.2
199.77.241.57
199.80.64.7
1Cust246.tnt9.mobile.al.da.uu.net
1Cust254.tnt2.new-port-richey.fl.da.uu.net
200.246.133.232
200.30.36.4
202.175.36.13
202.239.129.98
203.101.8.186
203.141.89.167
204.101.128.170
204.116.105.201
204.116.105.203
204.120.86.79
204.123.9.76
204.133.76.235
204.143.88.170
204.146.167.237
204.157.28.119
204.171.56.12
204.186.132.220
204.200.26.249
204.201.36.60
204.209.13.16
204.209.13.50
204.233.149.15
204.233.33.63
204.244.79.129
204.247.248.254
204.254.20.134
204.254.26.24
204.26.82.5
204.50.58.21
204.50.73.2
204.57.230.98
204.71.94.223
204.73.77.78
204.92.192.254
204.92.92.4
206.235.208.2
206.239.230.70
206.243.225.122
206.246.132.18
206.249.10.9
206.25.87.88
206.250.128.222
206.251.162.36
206.251.228.219
206.29.141.237
206.32.221.66
206.40.108.228
206.48.122.153
206.58.2.63
206.58.25.245
206.6.238.10
206.66.13.105
206.66.99.144
206.68.204.37
206.86.154.23
206.97.151.44
206.97.175.184
206.97.65.17
206.97.88.159
207.108.173.122
207.110.37.52
207.111.212.178
207.126.105.147
207.127.69.20
207.134.168.101
207.135.116.245
207.135.131.153
207.136.14.73
207.138.231.95
207.138.232.149
207.139.178.34
207.140.74.130
207.15.170.31
207.153.9.81
207.155.143.117
207.155.96.37
207.159.105.131
207.159.93.20
207.16.153.157
207.16.5.140
207.161.224.43
207.161.225.114
207.168.73.180
207.171.209.66
208.15.173.3
208.150.70.131
208.151.7.175
208.152.101.253
208.152.187.140
208.152.187.163
208.152.24.17
208.157.22.219
208.16.29.139
208.16.9.92
208.161.201.178
208.165.34.242
208.166.162.61
208.17.58.196
208.19.193.169
208.201.134.2
208.204.227.13
208.205.182.1
208.206.247.152
208.207.65.236
208.207.65.6
208.207.65.7
208.21.27.6
208.210.111.70
208.210.85.198
208.219.4.235
208.219.70.3
208.220.46.111
208.221.102.251
208.228.132.188
208.229.121.42
208.229.229.167
208.241.97.130
208.242.126.233
208.242.162.61
208.243.144.10
208.244.148.253
208.246.233.5
208.249.36.2
208.251.243.254
208.253.11.185
208.254.169.221
208.26.231.61
208.3.135.29
208.32.204.3
208.32.204.5
208.44.102.21
208.8.63.7
209-122-217-50.s50.tnt1.atn.pa.dialup.rcn.com
209.182.66.6
209.185.85.59
209.186.43.132
209.192.217.21
209.195.11.176
209.197.144.15
209.197.144.33
209.198.142.194
209.213.94.232
209.214.88.43
209.214.98.118
209.215.153.34
209.218.241.162
209.218.67.132
209.218.86.11
209.219.204.2
209.220.27.250
209.224.199.240
209.226.46.92
209.226.82.199
209.232.222.1
209.239.142.234
209.241.234.5
209.242.84.12
209.242.9.3
209.245.5.148
209.250.40.237
209.250.78.231
209.251.79.107
209.30.101.230
209.31.36.209
209.36.104.6
209.36.105.132
209.45.132.3
209.49.1.57
209.49.185.208
209.5.245.146
209.5.75.40
209.50.4.73
209.54.54.166
209.57.142.27
209.57.145.206
209.57.224.15
209.57.91.134
209.58.32.49
209.58.5.165
209.58.5.166
209.6.0.151
209.63.10.104
212.32.172.115
212.43.207.16
212.49.139.18
212.53.197.174
212.63.145.237
212.7.167.253
212.7.167.6
212.72.80.74
212.72.85.148
212.76.145.211
212.81.150.228
212.81.159.190
212.81.171.145
212.81.172.169
212.83.79.166
212.94.193.116
212.97.194.55
215.morristown-06-07rs.nj.dial-access.att.net
216-32-34-252.irv0.flashcom.net
216-53-137ppp144.mpinet.net
216.1.114.68
216.101.194.195
216.103.105.213
216.118.25.150
216.13.50.10
216.132.201.1
216.132.81.82
216.14.11.106
216.155.28.194
216.168.238.199
216.180.14.7
216.180.30.62
216.192.59.132
216.206.203.245
216.207.212.160
216.208.135.237
216.211.97.40
216.221.32.68
216.26.5.45
216.27.11.84
216.3.68.2
216.32.34.252
216.34.100.231
216.41.30.77
216.53.137.144
216.61.88.225
216.70.158.187
216.78.144.14
216.78.184.96
24.64.185.179.on.wave.home.com
24.64.28.172
24.66.41.94
24.66.41.94.mb.wave.home.com
24.66.45.250
24.7.131.186
24.8.188.136
24.92.239.104
24.93.12.164
24.93.22.133
24.93.242.192
24.95.24.108
32.100.141.128
33-29.H.dial.o-tel-o.net
35.8.4.89
36.51.0.54
38.151.156.129
38.182.104.66
38.183.48.74
38.202.145.254
38.222.98.240
38.246.96.2
38.28.97.248
39-116.egginc.com
4.17.192.55
4048b06.specent.com
45.frankfurt.dialup.cybernet-ag.de
48-216.B.dial.o-tel-o.net
49.columbus-05-10rs.oh.dial-access.att.net
53.122.2.31
62.0.150.20
62.104.64.66
62.108.24.27
62.136.28.22
62.144.250.67
62.156.16.68
62.157.19.250
62.157.202.242
62.157.21.6
62.157.68.21
62.158.120.205
62.158.126.94
62.158.18.117
62.158.20.99
62.158.85.222
62.172.107.140
62.52.129.145
62.52.130.143
62.52.138.48
atmax-4-9.enter.net
av209x177x21x43.aero-vision.com
avalon.dpc.com
b61580.STUDENT.CWRU.Edu
baycity-0164.wcnet.net
bc77-253.jacksonville.net
beavis.eng.techline.com
begate.boeing.com
bftir.lanl.gov
blacker-119.caltech.edu
blah
blndi4-145-253-076-021.arcor-ip.net
bo.oca.udayton.edu
boeing.infocom.com
br-d-215.agrinet.ch
brain-dead.pa.uky.edu
brenne.swm.uni-mannheim.de
burns.cmf.nrl.navy.mil
bw6.bivwood.com
c221812-a.olmpi1.wa.home.com
c71114-a.potlnd1.or.home.com
caard1-p29.telepac.pt
cable-195-162-214-217.customer.chello.be
cacta95.phil.unc.edu
catv6100.extern.kun.nl
cc493382-b.whmh1.md.home.com
chef.ecs.soton.ac.uk
chevrons.demon.co.uk
ci594222-a.ruthfd1.tn.home.com
client-151-199-124-10.bellatlantic.net
cm116-2.evhr.net
cobol.mtsu.edu
coke.imsa.edu
coredump.novagate.com
corp.stamps.com
cow.imv.de
cr342197-a.hnsn1.on.wave.home.com
creature.Crew-KG.NET
crescent.bitwrench.com
cronus.oanet.com
cx275569-a.msnv1.occa.home.com
cx337747-b.wwck1.ri.home.com
cx38442-a.santab1.ca.home.com
cx87325-a.nwptn1.va.home.com
d142-h036.rh.rit.edu
d185d0ca4.rochester.rr.com
d185d1685.rochester.rr.com
d8-31.dyn.telerama.com
dante.gsfc.nasa.gov
firewall.weltman.com
foxboro-bh.foxboro.com
fw-02.microage.com
fw240.smed.net
g76.jlab.org
gate.mcc.net
gatekeeper.tripos.com
gatekeeper.westar.com
gateway.dievision.de
geekport.be.com
geminga.Berkeley.EDU
gemini.clide.howard.edu
get
gleung.llnl.gov
global.mactemps.com
global.sl.se
glympton.airtime.co.uk
gow068.graddosten.ac.se
gps-fddi.leeds.ac.uk
greenbay.shoreland.com
gtng-m130-143.pool.mediaways.net
gw-31.wh.uni-stuttgart.de
gw.varesearch.com
h135-3-84-10.outland.lucent.com
ha1.ntr.net
hadrian.guardian.co.uk
handi4-145-253-094-137.arcor-ip.net
harold.sierraweb.com
hawk-a-047.resnet.purdue.edu
hdcnet.com
helium.dcs.kcl.ac.uk
hephaestos.cs.ucdavis.edu
hercules.regi.ubc.ca
heretic.Sunquest.COM
hitchhiker.ltnb.lu
hlt8-m156-51.pool.cww.de
hmbdi3-145-253-071-163.arcor-ip.net
host-15.edinc.org
host-209-214-88-43.atl.bellsouth.net
host-209-214-98-118.sav.bellsouth.net
host-212.121.137.56.de.colt.net
host-212.121.137.60.de.colt.net
host-62.96.13.148.inetservice.de
host.159-142-112-5.gsa.gov
host113-sub66.symantec.com
host178.wbg.logicon.com
i48-13-45.pdx.du.teleport.com
indigo3.igpm.RWTH-Aachen.DE
ip23.boanxr11.ras.tele.dk
modemcable011.85-200-24.mtl.mc.videotron.net
modemcable148.13-200-24.que.mc.videotron.net
moe.apci.com
monsoon.ssec.wisc.edu
ms02-377.tor.istar.ca
mueata-e1-wan029.citykom.de
n016.nijmegen.telekabel.euronet.nl
n1-h254.isgtec.com
n20057.telekabel.chello.nl
n23-c209-c149-c50.bs.xlate.ufl.edu
nas1-03.dialup.neca.com
nat3.densonreed.com
nd026094.global.medtronic.COM
netblk-10-152.netapp.com
netcom14.netcom.com
newport32.aiconnect.com
node181b.a2000.nl
obsession.logics.de
onh1-168.twcny.rr.com
orion.linuxbox.com
oub.daytontbrown.com
outbound.seic.com
p249.n03.fra.access.is-europe.net
p3E9C1044.dip.t-dialin.net
p3E9D13FA.dip0.t-ipconnect.de
p3E9D1506.dip.t-dialin.net
p3E9E1275.dip.t-dialin.net
p3E9E1463.dip.t-dialin.net
p3E9E78CD.dip0.t-ipconnect.de
p3E9E7E5E.dip.t-dialin.net
p798.as1.adl.dublin.tinet.ie
pC19F3868.dip.t-dialin.net
pC19F7E1C.dip.t-dialin.net
pC19F7FAD.dip.t-dialin.net
pa1.cantor.com
packetway.MPI-SoftTech.Com
pages.sssnet.com
paix-alg-gw9-51.ncal.verio.com
panache.ernie.org
panther.uwo.ca
paris.ncsl.nist.gov
pc15.cybersurf.net
pc33.cybersurf.net
pc70.escient.com
pc83010.stofanet.dk
pcBaby.ACNS.Carleton.edu
pcbellet.imag.fr
pdx-0104.dip.internetcds.com
pec-11-73.tnt1.hh2.uunet.de
rocco.ngdc.noaa.gov
rodan.apollotrust.com
router.ddd.de
rtowster.state.lib.la.us
rz111.rz.hs-bremen.de
rzpc23.uni-trier.de
s152.paris-90.cybercable.fr
s4m097.dialup.RWTH-Aachen.DE
s5n81.hfx.andara.com
sass.thecomplex.com
saturn.bt.com
scuttlebutt.linuxcrypt.com
sdn-ar-002florlaP077.dialsprint.net
sdn-ar-002florlaP325.dialsprint.net
server.penfieldsmith.com
servo.msln.net
seven.cvconline.com
sg20.york.ac.uk
shell-sprint.global2000.net
shell.one.net
shell1.ncal.verio.com
shl-host1.shl.ca
siebert.kawo2.RWTH-Aachen.DE
skovarik.engl.iastate.edu
slip166-72-196-67.fl.us.ibm.net
socks1.clearlake.ibm.com
spjork.handeye.com
spmhc.org
staff.feldberg.brandeis.edu
station-132.vm.com
staudir7.cc.univie.ac.at
stgdi3-145-253-074-131.arcor-ip.net
surf0004.sybase.com
surf15-158.hhe.adelphia.net
swift.ukc.ac.uk
swizzle.imergy.com
swtc19.cc.swt.edu
system3.chordant.com
t3o35p3.telia.com
tarsis.ncsa.uiuc.edu
tcp-relay-4.adobe.com
therest.wholefoods.com
thunderclap.g-web.net
ti12a61-0066.dialup.online.no
tigger.splwg.com
times.cmgi.com
tlo40f9.swm.uni-mannheim.de
tnt1-182.toolcity.net
tnt2-28-119.iserv.net
tob0364e.is.rpslmc.edu
tpk-ppp-b63-KMC.networksplus.net
triton.uqtr.uquebec.ca
trustnoone.erols.com
ts03-116.dublin.indigo.ie
twoface.sep.com
tycho.osc.edu
u105-132.rose.net
ultra13.cs.umr.edu
unique.outlook.net
unknown
unknown-225-148.connectix.com
unknown-41-19.wrs.com
unknown.nbrhood.udayton.edu
unspacy.demon.co.uk
user.neteng.com
user2.infinet.com
users.newsregister.com
usi-phl-2.usinteractive.com
usr410-edi.cableinet.co.uk
vernetzt.at
walapai.telematik.informatik.uni-karlsruhe.de
wc153.ccsn.nevada.edu
we-24-130-86-171.we.mediaone.net
website.naples-online.com
wiley240h066.roadrunner.nf.net
wndnsvr02-26.mnsi.net
wnpgas10-p73.mts.net
wo-d-152.agrinet.ch
wo-d-171.agrinet.ch
wo-d-209.agrinet.ch
world-f.std.com
wrench.toolcity.net
www.linux.de
x149.mcis.de
xania.demon.co.uk
xlsa.kwantlen.bc.ca
xmission.xmission.com
zappa.neis.net
zelgadis.mich.com
zen.webmedia.co.nz
ziggy.bitstream.net
zoom11-106.telepath.com

Moderated Down? (1)

ElJefe (41718) | more than 14 years ago | (#1765832)

Why is this moderated down? This person has several valid points. If you're a moderator, please to to bring it back to at least 1...

-ElJefe

Re:Somehow... (2)

B1FF (73807) | more than 14 years ago | (#1765833)

1 KN0W!!!!!!!!!!!111

1'M JU5T G0NN4 K33P TRY1N6 2 6U355 R00T PA55W0RD.
S0 FAR, 1 KN0W IT'5 N0T BLANK, "ROOT" OR "SECRET" BUT 1'LL K33P TRY1NG! 1 W1LL 3V3NTUALLY GU3SS IT!!!!!!111111 1 W1LL TH3N HAV3 A PPC B0X ALL T0 MYS3LF!!!!1
:WQ
:wq
------ ------ ------
ALL HA1L B1FF, TH3 M05T 31337 D00D!!!!!1
------ ------ ------
ALL HA1L B1FF, TH3 M05T 31337 D00D!!!!!1

Re:Interesting responses so far. (1)

Eric Lai (3216) | more than 14 years ago | (#1765834)

True, but then that's part of my point. There's the issue again of the fact that Microsoft has to have a nice page up.

I ask again--what kind of flame would they have drawn if they had set up a "quick and dirty" page?

what kind of mac is it? (1)

Numeric (22250) | more than 14 years ago | (#1765835)

Is it a nice G3? Or a crappy 603/200mhz like my machine! Egads!

Open the sendmail PORT!!!

PR (1)

mcc (14761) | more than 14 years ago | (#1765836)

a couple of the postings have pointed out that this could turn out to be a kind of an almost-competition between linuxppc and the W2K bug-- if one gets hacked and the other doesn't, that means that that OS is more secure.

Well, if we're going to play it like that, i think linuxppc has already won-- after all, this long after the w2k challenge was posted on /., the slashdot effect had already practically taken the windows2000test box out.

So this would seem to imply that LinuxPPC is, if not more security-friendly than w2k, at least a _lot_ more reliable. Which if you ask me is more important than "security", since total security will never really happen.

Now if only it supported HFS+.. but i guess that really isn't a huge problem if you look at it in perspective. -_-

-mcc-baka
INTELLECTUAL PROPERTY IS THEFT

portscan of crack.linuxppc.org (1)

Nathaniel (2984) | more than 14 years ago | (#1765837)

$ portscan crack.linuxppc.org
Scanning host 169.207.154.108 - TCP ports 1 through 1024
23 (telnet) is running.
80 (www) is running.
111 (sunrpc) is running.

Someone posted an nmap scan (0)

Anonymous Coward | more than 14 years ago | (#1765839)

Someone has posted an nmap scan of it. Go look.

kspett
remove numbers to email.

Knowledge of the penetration (1)

QuantumG (50515) | more than 14 years ago | (#1765840)

We do this stuff every day at Tiger Team Australia [tigerteam.com.au] and if there is one thing we have learnt is that a target cannot ever be declared secure because tommorrow there will always be another sploit. The best you can hope for is a box that is not easy to crack into. This means keeping up to date with your security. Nothing more.. To fix a machine's security you have to test it. It makes no good to turn all your services off and then say "go on.. hack me", only to turn em all back on the next day. When we are hired to do a penetration test we tell the client not to inform their staff of the attack for precisely these reasons. As for crack.linuxppc.org.. you might as well remove tcp from the kernel (although I do like the chances of burning apache.. but you need a little more information on the web content.. my guess would be that this is a stock standard install which is pretty pointless cause real clients put real web pages on their machines and, more to the point, it's the braindead web designers and graphic artists who put the data on there, screwing up perms and so forth). The environment that you find the machine in is more important than the machine itself. To the leet crackers out there, (none of my crew included.. get back to work) I suggest that you do a location hack (geographic hack, neighbourhood hack.. etc).. traceroute the box, hack the isp, or any other client of that isp, go back up the chain and violate trust.

Re:How to telnet? (1)

poink (7454) | more than 14 years ago | (#1765841)

Someone that does not know how to use telnet should not be trying to break into another machine. You have to walk before you can run.

Not knowing about telnet implies a general vacuum in the unix/ip-clue area.

Re:What is the box? (0)

Anonymous Coward | more than 14 years ago | (#1765842)

Well LinuxPPC only runs on PCI-based PowerMacs not Nubus-based ones. So that rules out that the machine is a 6100/60. It could be a 7200/75 or some such outdated box.

SlashdoDoS (1)

mistabobdobalina (29109) | more than 14 years ago | (#1765850)

slashdos effect...i like it.

Odd cgi-bin behaviour (1)

PhiRatE (39645) | more than 14 years ago | (#1765851)

Trying 169.207.154.108...
Connected to crack.linuxppc.org.
Escape character is '^]'.
GET /cgi-bin/cachemgr.cgi?wtf=9 HTTP/1.1
Host: crack.linuxppc.org

Connection closed by foreign host.

Whats the deal there? no perm-denied..no no-such-page. Is this definitely a stock install?

Re:Interesting responses so far. (1)

_Sprocket_ (42527) | more than 14 years ago | (#1765852)

OK. Let's take a look at reasons the flames aren't fortcoming (beside your insinuation of MS bias)...

Of course, the Linux guys didn't make their web page incompatible with Netscape (or include unnecessary Javascript anyhow)...

This may seem like a minor point, but it actually points to a chief complaint towards MS; "Our way or no way". The promise of Java is cross-platform compatability; MS' implementation breaks this. A good web site can be handles by a multitude of browsers and platforms - even MS' own corporate site runs fine with Netscape. Yet, here it breaks. Did MS do this on purpose? Their past history certainly implies this is possible.

...look at how shoddy the crack.linuxppc.org webpage is.

Do Linux users expect less of themselves? Do they not mind sloppy work? Does this make them feel more comfortable? The LinuxPPC site is definitely not designed to appeal to anyone in a "commercial" sense--is this why it's acceptible?

Oh well. I just think it's interesting how much our biases get in the way of logical thought.

Actually, I would point out that the web page makes perfect sense. The idea of this "counter-challenge" is NOT glitzy publicity. The machine is there to be attacked - not to hand out online brochures. The marginal page is functional... even humorous ("If you get in, please submit a better webpage than this :)"). I hardly see how additional flash would make a TECHNICAL challege more legitimate.

Imagine if the Windows guys had posted IP addresses on the main page.

Now, here you've made a good point. And apparently, others have made it too since the page has removed the "log". I agree. Posting these IPs is trouble and MS would definately get flamed hard for it.

In the final analysis, you have to ask yourself what are the motivations here? The belief is that MS is pulling a shallow publicity stunt (and none too origional at that). No matter what the outcome, MS will turn it into brochure fodder for PHB's. In the meantime, issues such as MS' responce times to discovered security holes are not dealt with.

The LinuxPPC guys are responding to MS' publicity stunt with a copycat stunt. They've done it in good humor. And they've done this in a way that appeals to other tech-minded people. If anything, its less dubious bait-and-switch and more lampooning. Will they get glitzy brochure fodder out of it? I don't know. Ask their marketing department.

Re:How to telnet? (0)

Anonymous Coward | more than 14 years ago | (#1765853)

Duh... the URL is TELNET://crack.linuxppc.org
and the port would be the TELNET port. (look it up in /etc/services if you want to know the number.)

It sounds like a better way to phrase your question would have been "how do I telnet?"

Re:In redmond... (1)

Jeff Monks (6068) | more than 14 years ago | (#1765854)

I'm sure the marketing genius who came up with this one didn't clear it with ole Billy-Boy...

Somehow, I suspect a lot happens in Redmond that doesn't get cleared with "ole Billy-Boy". I highly doubt he's in every marketing meeting for every little stunt they come up with. Gates is probably involved in much higher-level stuff than this (although I personally have the feeling he's more of a company mascot than fearless leader at this point - think Ronald McDonald). Microsoft is way too big for one person to keep track of everything that's going on...

Re:hahaha (0)

Anonymous Coward | more than 14 years ago | (#1765855)

You right, HAHAHAHAHA, is a damn too provocative, he should have been more humble and say something like "ha-ha" or even politer "khe-khe"

Re:Interesting responses so far. (0)

Anonymous Coward | more than 14 years ago | (#1765857)

Please, don't try and appeal to the open minds in here, as there are clearly none that are prepared to listen. Still, there are some who are of the right mind, but they are often more quiet.

Yesterday, after seeing the posts on the Microsoft site, my personal views of the Linux community dropped -yet again-. What's it going to take to make people grow up? You will never create an ultimate operating system unless you quit being so tunnel-visioned.

By the way, Microsoft have been doing this sort of test ever since NT 3.5, but then I guess when you live with your head in your butt you don't know these things, do you?

Learn the lesson of clear thought, and you will surpass all others.

Re:someone, (0)

Anonymous Coward | more than 14 years ago | (#1765858)

How on Earth could this comment be Funny? It's more like Insightful.

Re:Is the guestbook a hole? (1)

PhiRatE (39645) | more than 14 years ago | (#1765860)

I don't believe this is an option, since the SSI appears (as far as I can tell) to be simply including a text file generated by some other script.

Re:Interesting responses so far. (1)

Eric Lai (3216) | more than 14 years ago | (#1765863)

The outcry about Netscape not working with the page was understandable. I don't believe in proprietary standards either, which is why I mentioned it. Microsoft's general website however, follows a certain plan--they have pages which are formatted and displayed to IE users, and then they have pages which are for non-IE users. If you view www.microsoft.com from non-IE4/5 browsers, you're going to see an entirely different site.

One way to sort of "excuse" the www.windows2000test.com guys is that they probably were trying to remain within the Microsoft web site design specifications. Perhaps they didn't feel like making the non-IE4/5 version of the page or ran out of time? When viewed from the perspective of it being part of a larger site with a required "look and feel", rather than an independant page, it's somewhat easy to justify their mistake.

The belief is that MS is pulling a shallow publicity stunt (and none too origional at that).

That's definitely something I would agree with. I'm under the belief that it was a bad move on their part--if anything it just made them look really bad.

The LinuxPPC guys are responding to MS' publicity stunt with a copycat stunt. They've done it in good humor. And they've done this in a way that appeals to other tech-minded people.

True, but it still seems to me that LinuxPPC is a company that is not adverse to publicity (it'd be hard to survive without it). To say that they made the site in the manner that they did just because it appeals to other like-minded individuals seems to go against the fact that in the grand scheme of things, they are trying to make money...aren't they? I profess to not knowing much about LinuxPPC, so correct me if I'm wrong and that they are a purely non-profit-oriented Linux distributor.

So, in that sense, I still wonder if professionalism is a negligible requirement of Linux users in the companies that they allow to represent themselves. Any thoughts on that, anyone? Or is this reply too deep for most people to notice? :)

Re:uh.... real nice (1)

SirSlud (67381) | more than 14 years ago | (#1765870)

I'm pretty much in agreement here. I'm surprised they're displaying the IP#s ..... kinda kills my desire to take a crack at it.

SirSlud

someone, (1)

Anonymous Coward | more than 14 years ago | (#1765871)

please fix the spelling of "challange" in the title...

A very good idea to route back the efforts, indeed (3)

arieh (30860) | more than 14 years ago | (#1765872)

Kudos to the PPC guys.

No better way to detract from the interest that
Microsoft may have generated than to divert back the efforts of the linux community to a more
worthy cause - improving the security of our own systems.

Let's eat our own (dog)food.

Arieh

Re:Somehow... (0)

Anonymous Coward | more than 14 years ago | (#1765873)

unlikely. no sendmail, some telnet, some web services...nothing to hack into..

This could turn into "King of the Hill" (3)

slothbait (2922) | more than 14 years ago | (#1765874)

The comment:
If you get in, please submit a better webpage than this :)
...made me think. Whoever can make it into this box gets to replace the web page with whatever they want...they become owners and get to be "King of the Hill". Plus, if they acquire root access, then they presumably have the power to patch whatever hole they crawled through, making the box that much more secure.

But what could really prove interesting is if someone tried to break in and steal from the stealer...knocking off the old King and resulting in a King of the Hill, and so on...

All the while, people would be stress-testing the system. And people will have an ego-incentive to discover security holes because, if they find a way in, they get to be "King of the Mountain" until someone else finds a new way to crack the box.

Oh what a game this could become!!!
--Lenny

Re:At least it's there... (1)

Kintanon (65528) | more than 14 years ago | (#1765875)

Well, with IE 5 at work I've been able to hit the microsoft site pretty much all day today and most of the day yesterday. That's the Win2000 one as well as the regular one. So it doesn't seem to have gone down too hard if at all.... Then again, if they just did something screwy with the page so that only IE5 would show it as existing....
Wouldn't that be interesting? I away to entirely shut out half of the community from your website.

Kintanon

Re:Where do you want to go tomorrow? (1)

fatboy (6851) | more than 14 years ago | (#1765876)

This was posted on winsucks [windowssucks.com] yesterday.

Re:You break it, you keep it. (1)

myconid (5642) | more than 14 years ago | (#1765877)

If you had a sign on your bike: "Remove the lock and the bike is yours", then you could compare the two. This is an offer that allows you legally to crack, hack, scriptkiddie your way into the box, and if you do, its yours, legally. A huge difference.
Stan "Myconid" Brinkerhoff

Slashdot == DoS (0)

Anonymous Coward | more than 14 years ago | (#1765878)

Could being slashdotted be considered a DoS attack??? :) Poor Microsoft...

Re:You break it, you keep it. (1)

SirSlud (67381) | more than 14 years ago | (#1765879)

I know, I know, I was just kidding around. =)

Re:Interesting responses so far. (1)

Eric Lai (3216) | more than 14 years ago | (#1765880)

Unfortunately, the louder voice does tends to be the more ignorant one, doesn't it? I'd hate to believe that all of those Linux users who were titillated by the "[BEEP]" filter in the guest book were truly representative of Linux academia.

Quit moderating things down! (0)

Anonymous Coward | more than 14 years ago | (#1765881)

WTF? What is wrong with the post? It does have some valid points.

Re:Somehow... (0)

Anonymous Coward | more than 14 years ago | (#1765882)

Well, he sounds like he is going to add services until someone get in.

Re:This could turn into King (1)

Phil-14 (1277) | more than 14 years ago | (#1765883)

Well... this is almost like the Happy Hacker wargames, except that it's worthwhile (prizes amounting to more than recognition). That, and it isn't intrisically (sic) flawed because it isn't run by Carolyn Meinel...

What happened? Did she turn you down on a date or something?



Phil Fraering "Humans. Go Fig." - Rita

Re:NT is the most secure OS (1)

jafac (1449) | more than 14 years ago | (#1765884)

ActiveCrash

"The number of suckers born each minute doubles every 18 months."
-jafac's law

Re:You break it, you keep it. (1)

Pascal Q. Porcupine (4467) | more than 14 years ago | (#1765885)

A few months ago, when I was still in college (about a month from graduating), someone decided they needed my bike more than I did, and so they stole it. I was somewhat pissed (since I, of course, ended up having to walk home as a result), and so I emailed the campus police, only as a formality. I figured I'd just walk for the rest of the month, as it wouldn't have been cost-effective to buy a new bike so close to graduation. Ennyhoo, next day, I got an email back from the campus police stating that they'd already found my bike. Apparently it wasn't good enough for the thief, and so they left it on the lawn in front of the English building. The English building of all the places! I was incredibly insulted. But I got my bike back, and so all was well.

I think I had a point to all that, but it must have broken off somewhere...


---
"'Is not a quine' is not a quine" is a quine.

Re:How to telnet? (0)

Anonymous Coward | more than 14 years ago | (#1765887)

Duh... the URL is TELNET://crack.linuxppc.org
and the port would be the TELNET port. (look it up in /etc/services if you want to know the number.)


Another cheerful and helpful responce from the user friendly Linux community.

"Tiger Team Australia" (1)

Rob from RPI (4309) | more than 14 years ago | (#1765888)

Pfft. What a bunch of wankers. If you're going to use <a href>'s, at least learn how to use them.
I'm actually mildly concerned that people may even contemplate for more than a nanosecond giving you money.
Your web page doesn't even say who you -are-.. That's enough to turn anyone with a clue off.
Comics:
Sluggy.com [sluggy.com] - It rocks my nads.

Re:uh.... real nice (2)

aqua (3874) | more than 14 years ago | (#1765890)

Pray don't confuse firewalls with security. Machines behind a firewall are only as secure (from the big bad net, assuming they're connected to it, as most firewalls are) as the TCP/IP stacks and services that answer on ports accessible through the firewall and/or its sockets. Most firewalls that I've had experience with have closed off all ports except the ones that people needed to use from the outside -- and half the time that included stuff like pop[23], imap, smtp, etc., and on which the servers answering those ports tended to be way behind on their updates because people had this sense of security lent by the firewall.

Also, firewalls don't work from people who can emit packets from inside your firewall -- and that's surprisingly easy to do, either through coercion of the firewall box's network stack, compromise of a machine behind the firewall through some open port, or simply being behind the firewall in the first place (as in many corporate environments). If a firewall is configured to permit connections to ports 22 (ssh) and 443 (SSL http), there's no particular reason why an attacker can't arrange for a root shell to answer on one of those ports, and with most network installations no one would be the wiser.

No Mistake! (1)

NaCh0 (6124) | more than 14 years ago | (#1765893)

The linux box is up, the Microsoft one is down.

'nuff said

Re:This could turn into "King of the Hill" (1)

myconid (5642) | more than 14 years ago | (#1765900)

This is what many people do when they crack boxes... Fix the holes they came in through.. Although many do malicious things... many fix them :-)
Stan "Myconid" Brinkerhoff

buffer overflows and script kiddies (2)

nickm (1468) | more than 14 years ago | (#1765901)

Unfortunately, the box is partly relying on the fact that all the script kiddies have buffer overflows that were written for Intel Linux. This is one of the arguments I've always had for staying away from a Unix variant that only runs on one platform--homogeneity in systems hardware and software was what made the Internet worm possible.

When I set up my first Alpha box, I knew nothing about security, but the script kiddies kept failing on account of their buffer overflows just crashing and core-dumping. It bought me some time to get a clue, at least.
--
I noticed

Re:At least it's there... (1)

just someone (13587) | more than 14 years ago | (#1765902)

You can hit the MS box?
I have not been able to since this morning (PDT)

slashdot DoS (2)

fdicostanzo (14394) | more than 14 years ago | (#1765903)

isn't just posting this stuff on slashdot a DoS attack? :)

MS site is down (0)

RelliK (4466) | more than 14 years ago | (#1765904)

Has anyone been able to connect to the MS's test site??? I have yet to see it work. Yesterday it was first timing out, then stopped resolving at all. Today it resolves again, but still times out. (I was merely trying to view the web page in Netscape).
Is it dead? Has it been alive at all?

Re:This could turn into "King of the Hill" (1)

The Silicon Sorceror (40289) | more than 14 years ago | (#1765905)

Then each king starts leaving backdoors everywhere...

It could be more hide-and-seek than "King of the Hill".

Re:buffer overflows and script kiddies (0)

Anonymous Coward | more than 14 years ago | (#1765906)

I have a vague remembrance from someone that Alphas running Digital Unix were more or less impervious to most types of buffer overruns as a source of root exploits; the data pages (where a buffer overrun would occur) are marked as nonexecutable, so that if an overrun occurs, the program (and hopefully not the system, unless the overrun is in the kernel) crashes, but can't be made to run arbritary code. Anyone know if there's any truth to this, and if LinuxPPC has the same feature?

Re:This could turn into "King of the Hill" (1)

TaoJones (10412) | more than 14 years ago | (#1765907)

I love the idea, but I think you'd have a hard time finding anybody to host such a beast. Besides supporting what would probably be a huge amount of traffic - and some pretty funky looking packets, you've also got to consider what kind of collateral damage it could cause. Somebody mentioned that the MS test box has had it's DNS servers taken down already...

Anything remotely "near" the beast would probably take quite a beating too.

Re:MS site is down (3)

pmmay (60272) | more than 14 years ago | (#1765908)

They have a status page up. This is only from yesterday's activities:

8/3/99 Events
3:22pm - Network connections down due to router failure, possibly related to thunderstorms and power failures in the area

2:59pm - Network connections intermittently up

12:40pm - Network connections down due to router failure

11:02am - Services restarted

10:47am - Some services failed after reboot

10:45am - Reboot because the System log was full

10:30am - Network connections down due to router failure

Re:MS site is down (1)

Mad Browser (11442) | more than 14 years ago | (#1765919)

Win2k requires a reboot when the System Log fills up?? That's fucking ridiculous.

Re:This could turn into "King of the Hill" (1)

malaba (9813) | more than 14 years ago | (#1765920)

I like the idea
but the "cracker" will be tempted to
keep his secret about how he did it
at least until he patch it,
to stay king of the hill.

so, no share of information
equal no "upgrade" of security
for opensource community

fun anyways

What's next? (1)

BuBu_ (72690) | more than 14 years ago | (#1765921)

Whats going to come up next? SGI will probably start to say "Come! Hack this Cray T3E 1200 and win it". Are we going to start seeing more kids running around with cray's next? =)

Re:uh.... real nice (1)

Lord Kano (13027) | more than 14 years ago | (#1765922)

I'm behind a firewall. Woohoo! 4 ME

LK

Re:hahaha (1)

DanJose52 (55815) | more than 14 years ago | (#1765923)

that was a troll? saying that I thought something funny was a *troll*? what in the hell...? what if I said "dave barry makes me laugh..ha ha ha ha!" is that a troll? please explain, this isnt meant as an insult...

Re:This could turn into "King of the Hill" (1)

Lord Kano (13027) | more than 14 years ago | (#1765924)

This is just like the "happy hacker" project. The idea is good, but it's nothing new.

LK

Hey, No Fair! (1)

Kerg (71582) | more than 14 years ago | (#1765925)

This guy is stealing all of Microsoft's thunder (pun intended). And giving out prizes too.

That is so unethical! :)

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...