Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Yet Another Crack-This-Box Challenge

Hemos posted more than 15 years ago | from the who-else-is-tired-of-this dept.

Linux 137

Sand_Man wrote to us with the latest public relations stunt with crack-a-machine trials. This is a month long trial, pitting Linux vs. NT boxes against each other. Details are in the story, but does this whole thing strike everyone else as tired PR stunts now?

Sorry! There are no comments related to the filter you selected.

Re:Slashdot heart failure? (1)

El Volio (40489) | more than 15 years ago | (#1671436)

In case you didn't notice all the comments, it turned out to be user error by the /. admin posting the story (she posted it before she had finished editing it). /. is still in a "beta frame of mind", things happen. Bad things happening are often not the result of malice but rather of mistakes.

Intentional vagueness... (0)

Anonymous Coward | more than 15 years ago | (#1671437)

Taschek also noted that, in recent weeks, the Nasdaq/Amex, the Drudge Report and ABC sites were all hacked in someway. Each of these three web sites runs either Windows NT with IIS or Linux as their front-line web servers.

Ok, which site is running Linux?

FBI sting operation (1)

|DaBuzz| (33869) | more than 15 years ago | (#1671438)

What better way to get a hacker profile database then offer a huge carrot to them to attack a system?

Next it'll be "Win $1,000,000 if you can assassinate [insert public official's name here]", Sponsored by Wal-Mart.

Something Fishy (4)

kevlar (13509) | more than 15 years ago | (#1671443)

There is definately something fishy here. Both boxes are behind a firewall unidentified by nmap. Translation is that they have some kind of routing firewall to prevent certain ports from being attacked. What kind of contest is this if the ports that are "open" are sitting behind a firewall that won't allow anything more than a 3-way handshake? This is to show NT is secure. I have no doubt anymore. Someone is playing a foul game here.


[root@kevlar /root]# nmap -sT -O securent.hackpcweek.com

Starting nmap V. 2.2-BETA4 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
Interesting ports on securent.hackpcweek.com (208.184.64.171):
Port State Protocol Service
21 open tcp ftp
23 open tcp telnet
25 open tcp smtp
70 open tcp gopher
80 open tcp http
119 open tcp nntp
139 open tcp netbios-ssn
420 filtered tcp smpte
443 open tcp https

TCP Sequence Prediction: Class=truly random
Difficulty=9999999 (Good luck!)
No OS matches for host (see http://www.insecure.org/cgi-bin/nmap-submit.cgi).
TCP/IP fingerprint:
TSeq(Class=TR)
T1(Resp=Y%DF=Y%W=2017%ACK=S++%Flags=AS%Ops=M)
T2(Resp=N)
T3(Resp=Y%DF=Y%W=2017%ACK=S++%Flags=AS%Ops=M)
T4(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
T6(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
T7(Resp=N)
PU(Resp=N)

[root@kevlar /root]# nmap -sT -O securelinux.hackpcweek.com

Starting nmap V. 2.2-BETA4 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
Interesting ports on securelinux.hackpcweek.com (208.184.64.170):
Port State Protocol Service
21 open tcp ftp
23 open tcp telnet
25 open tcp smtp
70 open tcp gopher
80 open tcp http
119 open tcp nntp
139 open tcp netbios-ssn
420 filtered tcp smpte
443 open tcp https

TCP Sequence Prediction: Class=truly random
Difficulty=9999999 (Good luck!)
No OS matches for host (see http://www.insecure.org/cgi-bin/nmap-submit.cgi).
TCP/IP fingerprint:
TSeq(Class=TR)
T1(Resp=Y%DF=Y%W=2017%ACK=S++%Flags=AS%Ops=M)
T2(Resp=N)
T3(Resp=Y%DF=Y%W=2017%ACK=S++%Flags=AS%Ops=M)
T4(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
T6(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
T7(Resp=N)
PU(Resp=N)


Nmap run completed -- 1 IP address (1 host up) scanned in 24 seconds

Behind Raptor firewall (2)

tweek (18111) | more than 15 years ago | (#1671444)

This pretty much invalidates the whole thing for me. It is probably filtering everything but web traffic ( i would verify but the whole thing is so slow right now I can't deal.)
They say that if a machine isn't behind a firewall it doesn't have anything worth securing. While this may be true this has nothing to do with testing the security of the machine behind the firewall. The firewall is what you are testing at this point. I've pretty much discarded this whole thing. Anyone can close everything but port 80 and 443. What a joke.

Re:Why We're Doing this (2)

Pont (33956) | more than 15 years ago | (#1671445)

I hate to burst your optimism, but this test doesn't look to me like it is come out in favor of linux.

The very quote you cite,
All to often testing focuses on the speeds and feeds of a product. PC Week Interactive aims to change that. This first is a series of tests aim to look past the standard performance features of an application, and examine its reliability, usability, security, and total cost of ownership.

sounds to me like this is going to be result in "with our ultra-scientific testing results, we've determined that MS Windows NT is without a doubt more stable, reliable, user-friendly, and lower in total cost of ownership than Linux." I've seen it too many times before.

Also, when they mention several sites that have been recently hacked, such as ABCnews and the Drudge Report, they say that some were running NT and some were running linux, but Netcraft results indicate that they were all running some flavor of NT and IIS. Already the facts aren't completely straight.

Finally, it all comes down to how the boxes are administered. I don't know anything about the additional software they are putting on it for serving classified ads, but it could be wide open to hackers, especially if it runs as root (don't put it past them). Furthermore, Redhat is not the most secure linux distro out of the box. When Redhat makes a corporate sale with service packages, I'm sure they tweak the post-installation for security.

Re:Something Fishy (2)

tweek (18111) | more than 15 years ago | (#1671446)

They tell you under the topology link on the site that the boxen are behind a raptor firewall. netcraft scans are going to be incorrect. Our companie's web server shows up as IIS 4 on BSDi. Our firewall is based on BSDi. Kinda funny.

It's already down... (1)

naChoZ (61273) | more than 15 years ago | (#1671447)

I just went to check it out. http://www.hackpcweek.com/ is already down, adding to the lameness of this contest...

Yawn (1)

EisPick (29965) | more than 15 years ago | (#1671448)

> Details are in the story, but does this whole thing
> strike everyone else as tired PR stunts now?

Yes.

Re:More Importantly, do we trust Ziff Davis (1)

thundrcast (91433) | more than 15 years ago | (#1671449)

No

Re:Proves Nothing (3)

bmetzler (12546) | more than 15 years ago | (#1671450)

This test will prove nothing. If the NT box is cracked/hacked/took down everyone on /. will say. Microsoft sucks, NT sucks, it got cracked etc. etc. If the linux Machine is hacked someone will cry that whoever did whatever did not tighten the security enough.. Either way it proves nothing.. So whats it matter.. What a silly contest

Yep, and the converse is true too. If Linux is hacked, then MS will say, "See, trust your servers with us." But if NT is hacked, they will say "The admins weren't competent".

It has been said already. Crack challenges prove squat. If one OS or the other gets cracked, it won't prove that either is more secure. It'll just prove that a one point in time, one script kiddie cracked one server. And nothing more.

Also, security depends more on how the server was configured then just the OS used. Mindcraft anyone? When I first saw this I thought, "Sure MS could pay PC Week to 'misconfigure' Linux". But back to the presumption that PC Week is independent and hasn't been paid [cnet.com] by MS, how competant were the admins that configured these servers? Probably the MS admin was MCSE certified. Perhaps the Linux admin has taken the Red Hat certification, at minimun?

-Brent
--

Re:Linux box??? (1)

stoney (780) | more than 15 years ago | (#1671451)

Starting nmap V. 2.3BETA5 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
Interesting ports on securelinux.hackpcweek.com (208.184.64.170):
Port State Protocol Service
21 open tcp ftp
23 open tcp telnet
25 open tcp smtp
70 open tcp gopher
119 open tcp nntp
139 open tcp netbios-ssn
420 filtered tcp smpte

TCP Sequence Prediction: Class=truly random
Difficulty=9999999 (Good luck!)
Remote operating system guess: AXCENT Raptor Firewall running on Windows NT 4.0/SP3

Nmap run completed -- 1 IP address (1 host up) scanned in 37 seconds

I wonder (1)

smoondog (85133) | more than 15 years ago | (#1671452)

I wonder if similar IP's will get cracked as well this time.

But seriously, i think that these don't really help anybody very well. I'm mean what can they really tell us?

-- Moondog

new contest!!!! (1)

Haven (34895) | more than 15 years ago | (#1671453)

I have a 386 sx/25 running DOS 6.22, clean install, if you crack it you get it... okay... now go for it!

Logs! (1)

Zamis (81530) | more than 15 years ago | (#1671454)

Yeah! But this one lets you watch the logs.

WWF Testing. (1)

Anonymous Coward | more than 15 years ago | (#1671455)

Easy solution. Name one wrestler Linux, the other NT. Let them go at it on pay-per-view for $29.95. Hell, I'd pay.

The URL. (2)

bmetzler (12546) | more than 15 years ago | (#1671456)

Before this article is /.'ed, the URL for the challenge is http://www.hackpcweek.com [hackpcweek.com] .

Of course, that doesn't help if it's PC Week that /.'ed :-)

Good Luck!

-Brent
--

Hi (2)

shrewmy (37432) | more than 15 years ago | (#1671457)

Linux will win this round. You know most hackers who go there to break into the boxes are probably going to attack the NT box just to show Linux is more stable than NT.

Slashdot heart failure? (0)

DragonHawk (21256) | more than 15 years ago | (#1671458)

Is it just me, or is Slashdot having heart failure? :(

I'm seeing:
  • Comments disappearing
  • Sories disappearing
  • Server timeouts
  • Server internal error messages
  • General slowdowns


Clear! Bzzzzt!

Errors in the Article! (5)

Anonymous Coward | more than 15 years ago | (#1671459)

From the article: "Taschek also noted that, in recent weeks, the Nasdaq/Amex, the Drudge Report and ABC sites were all hacked in someway. Each of these three web sites runs either Windows NT with IIS or Linux as their front-line web servers. " From Netcraft: www.nasdaq.com www.nasdaq.com is running Microsoft-IIS/4.0 on NT4 or Windows 98 www.abc.com www.abc.com is running Microsoft-IIS/4.0 on NT4 or Windows 98 and finally (the worse yet!) www.drudgereport.com www.drudgereport.com is running Microsoft-IIS/5.0 on Windows NT5 beta We all know that both OSes are only as good as the person who administers them. This is an absolute joke. How much says Microsoft is sponsering this?

And AP is still reporting Mindcraft surveys, so... (2)

WillAffleck (42386) | more than 15 years ago | (#1671460)

I mean, what's the point. I just read the Seattle P-I business section this morning where they regurgitate the Mindcraft study as if it were valid, with no negative comments, in an article on Java and Red Hat.

So, seriously, what's the point? PC Week is not unbiased, as any longtime reader knows, and it's pretty obvious that they'll just feature whatever positive spin they can make as to "why IIS and NT is a better choice for your average user who uses ASP" or some such comment.

I've got work to do.

This stinks of MS (1)

Oscarfish (85437) | more than 15 years ago | (#1671461)

It seems like hackpcweek.com is already down :) Slashdotted or hacked? I dunno...

PR or Good Intentions? (0)

Anonymous Coward | more than 15 years ago | (#1671462)

I think the big question we need to ask at this stage; WHO benefits from this? Will the problems found be fixed and passed along for the gratification of the community. If the answer is no then this is definately a "Tired PR Stunt" ..

But this is from a 3rd party (0)

Anonymous Coward | more than 15 years ago | (#1671463)

Being that this is a "hack" contest from a 3rd party, it will have more meaning. (in the real business world anyway). At the place I work (a Community College) they worship PC-Week

Looks like it is already cracked. (0)

Anonymous Coward | more than 15 years ago | (#1671464)

Good test.. says something for BOTH operating systems.

Slashdot (0)

Anonymous Coward | more than 15 years ago | (#1671465)

This will be interesting

Re:It's already down... (1)

_blueboy (88578) | more than 15 years ago | (#1671466)

it's called the slashdot effect, turbo...

MS' Ploy to find the hole in NT (2)

kevlar (13509) | more than 15 years ago | (#1671467)

This is just MS' ploy to find the hole in NT. They know that someone out there has an exploit for a serious security hole in NT, and they want it. I have no doubt that they are sponsoring it, and the bounty of $1000 is to get the people who have the exploit to use it on the machine. This would explain the firewall. Not only is there a firewall, but they're piping all information to another machine which logs the packets. Try a traceroute, you'll make it to the firewall, but not past it. However you can ping it and get a response. Whoever has the exploit, don't use it unless you feel like giving it up, because the second you use it on the machine, you'll be giving MS the precise location of the security hole.

Re:I wonder (0)

smutt (35184) | more than 15 years ago | (#1671468)

He got first post and didn't even brag about it.
What a great guy!

Re:Why We're Doing this (1)

bmetzler (12546) | more than 15 years ago | (#1671469)

I hate to burst your optimism, but this test doesn't look to me like it is come out in favor of linux.

*pop* Thanks for bringing me back to reality. I was really trying hard to be positive. But I know deep down inside that you are (probably) right.

...sounds to me like this is going to be result in "with our ultra-scientific testing results, we've determined that MS Windows NT is without a doubt more stable, reliable, user-friendly, and lower in total cost of ownership than Linux." I've seen it too many times before.

And I thought Linux was strong in all those areas. But you are right. The test results don't depend on how the OS's themselves hold up, but more on the biases of the testor's.

Well, PC Week has said there will be a series of tests, so I guess the best thing to do would be to watch the tests carefully, and be sure to point out all the problems, the best we can.

-Brent
--

It's not our job to crack systems (1)

toofast (20646) | more than 15 years ago | (#1671470)

This is ridiculous. It's not our job to find the security holes in OS's.

This is probably where you'll see the difference between programmers who love what they do (Open-Source) and programmers who live by a punch-clock (Microsoft).

May the better OS win!

sigh- (1)

jafac (1449) | more than 15 years ago | (#1671471)

unfortunately, it's much easier for millions of script kiddies to simply flood the connection and ruin it for everyone else.

Maybe this sort of thing should best be done on isolated networks, monitored by judges, like a sport.
Or maybe I'm just depressed because it's Monday.

"The number of suckers born each minute doubles every 18 months."

before it went down the log said... (1)

Capt Dan (70955) | more than 15 years ago | (#1671472)

Before Hackpcweek went down (uh, I think it's down, my proxy comes back with a "could not be loaded" error in a split second...) I had a look at their log page. Apparently they log all attacks on the NT box, linux box, and the main web server for the trial. The attack split was something like 15% against NT, 10 % against linux, and 75% against the main web server. And now it's down. Go figure.

I must say I like the test so far:

1) they're doing it over a month so they should be able to modify the test as it goes on.
2) they allow everyone to see the process of what's going on.
3) I have no knowledge of system security whatsoever. PR stunt aside, I think that this test will be very informative for myself, and others like me who are looking to learn about how this type of thing goes down. Not everything is contained in man and info pages. ;)

As to #2: Therefore, if something bad happens to one of the servers, it'll get put up on /. Therefore, if the bad thing happened becuase of their setup (*cough*apachetest*cough*), so many people will complain that will hopefully be forced to fix the problem (see #1). Like this whole firewall arguement thats brewing.

This will mainly test the setup... (0)

Anonymous Coward | more than 15 years ago | (#1671473)

... rather than the intrinsic vulnerabilities of the systems. A strong system can be badly configured.

Linux expertise at Ziff-Davis (0)

Anonymous Coward | more than 15 years ago | (#1671474)

This is interesting, but does ZD really have the Linux expertise to configure the RH box properly? Or is this going to be another thinly disguised Microsoft PR stunt like the Mindcraft benchmarks?

Sick of "crack this box" contests. (5)

Wakko Warner (324) | more than 15 years ago | (#1671475)

What we need now is a "box this crack" contest: drive through Harlem and pick up a few dealers and have them compete to see how fast they can get a shipment packed, false-bottomed, filled with Beanie Babies, and sent out via UPS.

That's real, honest-to-God, cutthroat competition.

- A.P.
--


"One World, one Web, one Program" - Microsoft promotional ad

Slashdotted already??? (1)

Atomix8 (86584) | more than 15 years ago | (#1671476)

Are these boxes dead already? I can't get a connection and my pings all time out, we're talking 100% packet loss. The contest has started, so I don't know what the excuse is. Probably the same as Microsoft's for their windows2000test machine: the router or the ISP. But Linux is on one of them so there must have been a catostrophic fire or flood perhaps...

It's not tired (1)

DanJose52 (55815) | more than 15 years ago | (#1671477)

It's not a tired PR stunt...we've never really had closure on this one. None of the previous hack-in-the-box contests were "won" officially, so I hope this one plays fully out.


Dan

Worthless test (1)

Enoch Root (57473) | more than 15 years ago | (#1671478)

PR indeed. I don't see how this would prove anything; the time before a crack isn't significant, because you're always likely to run into a security hole early. So what if NT is cracked one week before Linux? It doesn't prove that Linux has better security (like we need proof), only that NT got unlucky and someone found an NT crack first.

Somehow, though, I suspect people will put a lot more energy into cracking NT than cracking Linux. So Microsoft won't be using this "benchmark" as FUD. Good, cause that would have been annoying.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

a more equal test perhaps? (0)

Anonymous Coward | more than 15 years ago | (#1671479)

At least if the machines are on the same network, "router failure due to inclement weather" should at least affect both machines equally.

is this even realistic? (3)

vyesue (76216) | more than 15 years ago | (#1671480)

it strikes me as a little ridiculous that people think that this is a real good metric by which one can judge the security of an operating system. I would guess (and I could be wrong) that the only people who are really going to attempt to break into these machines are the script kids; experienced, skilled hackers would probably steer clear of breaking into a site which was set up for the express purpose of attracting attacks.

if I had some exploit that was useful against these machines, and I knew that the only purpose of these machines even being there was to find out how they can be compromised, I would never, ever use my attack on them. besides, whats the prize? several hundred bucks worth of gift certificates? and instant notoriety? thanks, but no thanks.

Why help M$ ? (1)

SilentReproach (91511) | more than 15 years ago | (#1671481)

Why play into M$'s hands by helping them debug W2K? Save our best cracks for the real release. Of course, only on servers that challenge us to do so ;)

If everyone is tired of reading about them... (1)

TrentC (11023) | more than 15 years ago | (#1671482)

... then stop sending stories about them to Slashdot.

Yeah, they are tired PR vehicles. And there was a great essay from an earlier "crack this machine" Slashdot thread talking about why such stunts could actually harm a company's reputation (maybe someone can find it?)

Jay (=

is this even realistic? (1)

vyesue (76216) | more than 15 years ago | (#1671483)

it strikes me as a little ridiculous that people think that this is a real good metric by which one can judge the security of an operating system. I would guess (and I could be wrong) that the only people who are really going to attempt to break into these machines are the script kids; experienced, skilled hackers would probably steer clear of breaking into a site which was set up for the express purpose of attracting attacks.



if I had some exploit that was useful against these machines, and I knew that the only purpose of these machines even being there was to find out how they can be compromised, I would never, ever use my attack on them. besides, whats the prize? several hundred bucks worth of gift certificates? and instant notoriety? thanks, but no thanks.

Maybe I should use this to learn (0)

Jimhotep (29230) | more than 15 years ago | (#1671484)

I've never tried. Maybe this would be
a learning experience for me, and not
tick anybody off doing it.

Or are they watching who tries?

Re:Maybe this COULD work (1)

InTheWoods (49809) | more than 15 years ago | (#1671485)

Goods Points..but perhaps it is already working. Suppose you were charged with fielding a machine in a national ( international ? ) contest such as this?...the biggest problem so far seems to be keeping ANY machine up and running under an onslaught of attention..regardless of the stated purpose or OS. So what's a hot administrator to do to prove his worth? Maybe he bets another guy he can keep his box going longer than any body else can. The Web itself won't be robust until MOST servers can withstand this type of scrunity and traffic. BTW..If you are paranoid about masking your identity on a box you can't get busted for..get another trade.

Nope, static electricity (1)

WillAffleck (42386) | more than 15 years ago | (#1671486)

The techs shorted out the IIS server by walking on the carpeting in a scuffing kind of way. This knocked out the server.

After all, noone needs a UPS, do they?

Down already! (1)

rw2 (17419) | more than 15 years ago | (#1671487)

Geez. Don't people get tired of having these tests last only a few minutes before something goes wrong.

The main site www.hackpcweek.com isn't responding.

Down (0)

Anonymous Coward | more than 15 years ago | (#1671488)

the site seems to be down :(

Something new (1)

tweek (18111) | more than 15 years ago | (#1671489)

Now that the site is back up, I thought I would poke around the website and see some info on the hardware and what not..I came across this on each OS.


about Redhat:

We used the latest distribution from Redhat, along with Apache. Much thanks
to the open source community for help in securing the server.


okay..sounds cool. I'm curious as to WHO helped out.

about Microsoft:

Microsoft pitched in by modifying their guestbook application to a classified ad
application. They also helped with the myriad configurations of Nt,
IIS,SQLServer, and MTS.


Look who decided to get thier hands into things. Not only did they "help" by rewriting the guestbook app, but they also did mods to NT,IIS,SQL server and Transaction Server.

-- Like many have said earlier, It's not going to look good for linux. I could be wrong, but I was only wrong once and that was becasue I *THOUGHT* i was wrong ;)

I mentioned before the use of the firewall throws out all the real world usage issues for me. This is a test of raptor if anything.

On a funny note, notice that they were able to get MS to help with the detailed tweeking. I wonder If I could get them to do that for OUR IIS server? heheheh

Re:PC Week servers crawling (0)

Anonymous Coward | more than 15 years ago | (#1671490)

Hmm.....maybe we could use the /. effect as a DoS attack???

Slashdotted or hacked already... (0)

Anonymous Coward | more than 15 years ago | (#1671491)

All I get is connection refused :-)

Re:MS' Ploy to find the hole in NT (1)

LunarOne (91127) | more than 15 years ago | (#1671492)

Furthermore, MS can generate scripts from the logs: the NT scripts can be taken to their labs for debugging, the Linux scripts can be saved for future considerations. But not to worry, the only way Linux can be crushed is if _we stop developing it_

Re:I wonder (0)

C.Lee (1190) | more than 15 years ago | (#1671493)

>I wonder if similar IP's will get cracked as well this time. But >seriously, i think that these don't really help anybody very well. >I'm mean what can they really tell us?

Absolutely nothing. The only thing this can show is just incompent PC Week Labs is when it comes to real-world computer issues. Let's be brutally honest here. PC Week Labs is trying to play in an arena that's way over their heads. I guess they (PC Week Labs) somehow thinks this kind of stunt will raise their credibilty within the Unix/Linux/BSD world within which anything found in PC Week is widely viewed as a huge joke.

Again? (0)

Anonymous Coward | more than 15 years ago | (#1671497)

I wanna see the server configs... there might be something a lil fishy there.

First Post?

Well, that didn't last long. (0)

Anonymous Coward | more than 15 years ago | (#1671498)

The server is already refusing connections. That sure didn't take very long. The article does not mention which platform the main webpage would be using.

Linux vs NT (1)

scumdamn (82357) | more than 15 years ago | (#1671499)

John Taschek from PCWeek says that the reason they're doing this is for an article on web server security.
"We don't care which operating system (if any) is broken into first. We want to establish the basis for a story on the best practices for implementing security. Additionally, PC Week wants to open up our test labs to the community for these kinds of tests."
The problem with that statement is the "test" will end when the first box is broken into. If they wanted to do an article on the "best practices for implimenting security, wouldn't they fix the security leak and keep the test up?
It isn't stated whether the systems have been hardened or are just standard installs, but it'd be bunk if the NT system had all the latest service packs and the Linux box was a straight install of RedHat 6.0 with everything enabled and wide open.

It's Already Down :) (1)

Pete Brubaker (35550) | more than 15 years ago | (#1671500)

Hmm... I dont know what they are running their website on but, it has already gone down for one reason or another. If you ask me it's just like everything else. I do something really great, make alot of money, and draw alot of attention to myself, and someone turns around a month later and does the same thing. It's outrageous. I feel as though I have returned to third grade on recess yelling, "Copy Cat, Copy Cat, Copy Cat!" Pete

Tired PR Stunt (1)

X-ViRGE (44659) | more than 15 years ago | (#1671501)

That's basically all it can be.

There's no way you can actually prove anything simply by saying "Yeah, well, I had my NT box online, asked people to crack it, and no one managed to. Yet, BillyJoeBob's Linux box got cracked! So ha!"

First off, you have to monitor how many break in attempts there are. There could easily be double on the NT box because more anti-NT people heard about it than anti-Linux people.

Second, you have no idea if the people trying to crack into the boxes are of equal skill level.

Third, Linux is *way* too customizable. Sure, you could claim to install it with default settings and such, but that's not really proving anything, since that would just make the distribution's default settings at fault if somone cracks in, not Linux.

I have a feeling that we'll be seeing more of these as time goes on.

Julian
--

Ugh. (0)

Anonymous Coward | more than 15 years ago | (#1671503)

Every time they use the word "Linux" in the article, it's highlighted in red. That's pretty shameless, really, since there appears to be no other reason for this (it's not a link) than "Hey, we used the word 'Linux'!"

Re:WWF Testing. (1)

Jonathan Hamilton (221) | more than 15 years ago | (#1671504)

The WinNT would have to be a Sumo (sp?) westler. Linux would have to be young and powerful as fuck as well as having great endurance. Since endurance=uptime. heheh.

Re:PR or Good Intentions? (1)

Sand_Man (81150) | more than 15 years ago | (#1671506)

I have no doubt that if problems are identified that they will be fixed and passed along. I guess I thought there was a lot less PR noise to this test than some of the others we have seen lately. To me, this seemed like another facet of peer review by an impartial (well....) tester. Even if it is a PR stunt, we can still use it to improve Linux. Hell, Mindcraft was the mother of PR stunts, and we ended up getting some info on parts of the kernel that needed attention. Ultimately the PR noise will made irrelevant by the facts.

Re:yeah, 8 whole ports... (0)

Anonymous Coward | more than 15 years ago | (#1671508)

you seem to think that that's a lot.

Get a clue, 8 is more than enough. The LinuxPPC crack server (which since has been taken down) only had two ports open.

here is the addy (1)

Haven (34895) | more than 15 years ago | (#1671516)

the site is Microsoft.com [microsoft.com]

windows2000test (0)

Anonymous Coward | more than 15 years ago | (#1671517)

What happened to predictions that windows2000test would be cracked in minutes? 8 open ports and no successful attempts? Last reboot almost a month ago? C'mon people!

Linux box??? (1)

Anonymous Coward | more than 15 years ago | (#1671518)

If http://securelinux.hackpcweek.com is really linux, why is it coming up as nt3 or 95 box on http://www.netcraft.com/whats? Strange... Even if the "linux box" is really 95, the NT will get cracked more, just because more capable people hate Microsoft.

[sarc] The Ultimate "Hack This Machine" Challenge (5)

Pont (33956) | more than 15 years ago | (#1671519)

If you, yes you, hack www.fbi.gov and put up porn, instructions for building nuclear weapons, and your actual home address, you will win the following:
Free housing for 10-30 years!
Free "food" for 10-30 years!
Free sex for 10-30 years!
Free training in a useful trade!

Who can resist!

Re:Slashdot heart failure? (0)

Ludd Kilken (81957) | more than 15 years ago | (#1671520)

Oh dear, oh dear. It appears your t in stories has disappeared ttoo! Gack, nevermind. I found it.

More Importantly, do we trust Ziff Davis (1)

Anonymous Coward | more than 15 years ago | (#1671521)

Do we trust them to know how to set up a machine? Linux or Windows, thier lab people seem kind of out of it.

this will be the first non-anecdotal test.. (0)

Anonymous Coward | more than 15 years ago | (#1671522)

does this whole thing strike everyone else as tired PR stunts now?

This is whats wrong with the open source community -- we have the attention span of a, um, something with a short attention span.

What if cryptographers got bored with peer review of algorithms? What if bio companies were accused of a PR stunt when they decide to leave their new formula in testing for a few more months?

We can laugh all we want about lighning storms (which may or may not have brought W2k down, it doesn't matter), but until random anomalies such as that can be rendered statistically insignificant (only through a long-term, public, peer reviewed cracking project) can the results be considered meaningful.

For the truely paranoid... (1)

D3 (31029) | more than 15 years ago | (#1671523)

This and the other "contests" are just attempts by the FBI to catch one of the ULG or other groups in the act.

This is totally off topic really... (0)

Anonymous Coward | more than 15 years ago | (#1671524)

But why is there no 'Contact us' button the slashdot front page? I was going to complain about all of the comments suddenly disappearing...
And speaking of which, why are all of the articles knocked down to 50 or less comments now?

Kintanon

Why We're Doing this (2)

bmetzler (12546) | more than 15 years ago | (#1671525)

Check out their Why We're Doing this [hackpcweek.com] page.

All to often testing focuses on the speeds and feeds of a product. PC Week Interactive aims to change that. This first is a series of tests aim to look past the standard performance features of an application, and examine its reliability, usability, security, and total cost of ownership.
It's nice to see tests from high visiblity labs focusing more important things then whether a "car" can do 350 miles an hour, or 195 miles an hours, when the speed limit only lets the "car" go 85 mph.

Sure, the PHB's might be awed by a server the can pump out static data 4 times faster then the bandwidth of a T1, but there are more important details to look at.

When I look at buying a new car, I do more then just check how high the speedometer goes. Handling, braking, comfort, a great stereo system. Top speed in a car, unless you a racing, is largely insignificant when deciding on a car. A company that relies on the top speed of a car to selling it, will find that they have a niche market.

Microsoft relies on "optimising" it's servers to be fast on high end hardware. This is impressive to PHB's, but lacks the real important details needed in servers in production. It won't be long until the PHB's learn that speed isn't the most important thing in a server and they'll have knowledgable admins put servers in production that have real "features".

Or maybe I'm just giving PHB's too much credit. Maybe they'll never learn. But it sounds like PC Week, at least has gotten the idea. Good for them

-Brent
--

A Trap? (0)

Anonymous Coward | more than 15 years ago | (#1671526)

Any chance this could be a trap? Y'know, like
the police department that sends out sweepstakes
winnings announcements, waits for the criminals
to show, and nabs 'em? Perhaps the FBI is in
cahoots and this is an attempt to get those
guys from Unified Lone Cowboys (or whatever
the heck they're called). The money's the
attraction... and since they know they're comin',
they can have all the traces set up. And they
could gather evidence by examining the cracking
techniques used.

Naahhh. Stupid thought.

Real Contests/Tests (4)

Hrunting (2191) | more than 15 years ago | (#1671527)

  1. Give the box to your average Joe Schmoe luser and let him set it up on a relatively bandwidth-capable link. Then have someone hack that. See what happens.
  2. Give the box to your average Joe Schmoe luser and see how long it stays up during average use (word processing, standard updates). Make sure to log how they use it.
  3. Give a Linux box to a bunch of Windows NT techs and see if they can set it up for (input server type here). Time how long it takes. Repeat task with Windows NT box and Linux admin.
  4. Setup a kiosk with with two boxes, one NT and one Linux running a Window Manager of choice. Give them passersby the choice of looking at Netscape on one or looking at Netscape on the other. See which one people use the most. Ask them why they don't use the other.


Honestly, security is a nice issue and all, but there are so many other areas that both operating systems need improvement in. Security is such a function of administration that these contests show very little of the capabilities of the operating system. Try combining them with other aspects, like setup, administration, use, and scalability, and then your contest will really say something about the operating system.

Re:Linux box??? (0)

Anonymous Coward | more than 15 years ago | (#1671528)


Well, a telnet to port 80 says it's Linux:


Just be wary that such things are easy to fake, in the sense that the output string sent after a telnet connection is made can be set to anything. I doubt they're trying to be all that tricky, but you never know.

Maybe this COULD work (0)

Anonymous Coward | more than 15 years ago | (#1671529)

Most of the naysayers here claim that this won't work because the the REAL crackers wouldn't touch it for fear of giving up their fav. exploit(s). A cracking contest could work if a credible source put up a contest with the explicit promise (& proof) that they wouldn't log traffic (& thus can't reveal exploits).. they'd simply reboot/reinstall when needed & only keep stats on uptime.

Re:Errors in the Article! (2)

Issac (28057) | more than 15 years ago | (#1671530)

It seems like everybody's first stop is a DNS for host lists. I found that "above.net" is hosting DNS services:

[ns.above.net]
hackpcweek.com. SOA ns.above.net dns.above.net. (1999091900 10800 3600 604800 86400)
hackpcweek.com. NS ns.above.net
hackpcweek.com. NS ns3.above.net
hackpcweek.com. A 208.184.64.168
securent A 208.184.64.171
securelinux A 208.184.64.170
forums A 208.184.64.169
www CNAME hackpcweek.com
hackpcweek.com. SOA ns.above.net dns.above.net. (1999091900 10800 3600 604800 86400)

And that "above.net" is hosting the machines on their network.

I have a web-page that polls web-server types every three days and I watched M$'s site go from IIS 4.0 to IIS5.0 and back to 4.0 in rouchly a weeks time. Hmm...wonder what happened there?

Re:what i want to see... (1)

Tim Sutherland (11914) | more than 15 years ago | (#1671531)

Nah, RMS and ESR are the guys we want for AI. They're ye olde Lisp hackers.

Re:This stinks of MS (1)

geocajun (11733) | more than 15 years ago | (#1671533)

it was lightning...

Traceroute says it all. (0)

Anonymous Coward | more than 15 years ago | (#1671535)

Looks like they killed their ISP...

traceroute to securent.hackpcweek.com (208.184.64.171), 30 hops max, 40 byte packets
1 [withheld] 18.383 ms 1.090 ms 0.842 ms
2 [withheld] 10.705 ms 3.111 ms 3.039 ms
3 [withheld] 13.116 ms 5.237 ms 5.465 ms
4 rc8.nw.us.psi.net (38.1.43.8) 12.129 ms 7.368 ms 8.847 ms
5 rc1.nw.us.psi.net (38.1.23.193) 11.181 ms 6.788 ms 6.599 ms
6 leaf.net228.psi.net (38.1.10.7) 38.860 ms 10.135 ms 10.055 ms
7 pb-nap.above.net (198.32.128.48) 94.023 ms 91.703 ms 96.266 ms
8 core5-core2-oc3.sjc.above.net (216.200.0.118) 96.669 ms 95.239 ms 97.366 ms
9 core1-core5-oc48.sjc2.above.net (216.200.0.178) 109.096 ms 90.146 ms 96.762 ms
10 * * *
11 * * *

Re:Errors in the Article! (1)

Anonymous Coward | more than 15 years ago | (#1671536)

I liked the part about the discussions over
which OS had more open standards.
Is there _really_ a question in anyones mind?

Crack-this-firewall contest.. (2)

Diggety_Dank (12909) | more than 15 years ago | (#1671539)

Maybe its just me here, or maybe not. But an nmap scan of all ports literally returned almost every port open. Now, not even redhat ships with that many daemons running by default, so its either the firewall (got my vote) or they went out of their way to make each box more insecure.

If it is, in fact, the firewall at fault here, what is the point of having such an event, is the whole contest not pointless here? Wouldn't one have to be able to bypass this firewall first, making it a crack this firewall, and THEN crack this box contest? How do these results verify one OS more secure than the other. More importantly, how do ANY of these tests check up on OS security, since buffer overflows occur across almost all os's, and in fact its usually daemons that are exploited.


-mike

how does this work? (0)

Anonymous Coward | more than 15 years ago | (#1671546)

this is supposed to be a contest between NT/IIS and Linux/Apache, right? but there is only one domain (www.hackpcweek.com). if they are allowing both servers to serve the same site (if that's in fact possible) how do they have two servers running the same site and how do would-be hackers differentiate between hacking the NT box and the linux box. i am thouroughly confused.

How are those servers administered ? (2)

Melkman (82959) | more than 15 years ago | (#1671547)

It's obvious that the administration of servers has a major impact on their security. I wonder if the NT admins at pc-week are equally skilled as the Linux admins, or vice versa. It was shown before that difference in skill can give hard to swallow results. (mindcraft anyone?)

Re:this will be the first non-anecdotal test.. (0)

Ludd Kilken (81957) | more than 15 years ago | (#1671548)

Oh boy, this post is off-topic. But there are about 9 posts in this thread and two are missing t's! that's 22.2% (2/9).
C'mon Slashdo! We like our t's.

nt vs. linux (1)

darklink (79588) | more than 15 years ago | (#1671549)

it can tell us a lot and help us

mainly it is pr , and free pr is good some times as long as us the ppl in the community have a say and can set the records strait now and then and not let linux promise something it cant deliver (at the moment) . but this kinda tries when done right can get the message out that yes linux is a great os and an oss . to dispell myths that certian oses are the only way to go . mainly there is going to have to be some ethical discustions set down

the fact that we can read the logs is pritty cool if it isnt always / and .ed , we are strong and will over come any thing.

free speach as long as you dont lie is the way to go. lets back up our arguments

PC Week servers crawling (1)

Jeos (49871) | more than 15 years ago | (#1671550)

Seems like all the servers are going really slow, both the NT and Linux ones.

Wonder if it's because /. effect, DoS attacks or both.

Re:Slashdot heart failure? (1)

kevlar (13509) | more than 15 years ago | (#1671551)

Actually, I'd call it more of a Non-Moderating Censorship. Comments disappear, stories disappear (specificly the one this morning about the CEO of Infoseek being arrested for Kiddie porn). Not sure if Taco just didn't like the comments, or if he thought it was the wrong kind of article for /.
Personally I didn't like the article at all... or the comments.

Umm.. What's with this? (1)

echo (735) | more than 15 years ago | (#1671552)

http://www.netcraft.com/whats/?host=www.hackpcweek .com

Shows.

www.hackpcweek.com is running Microsoft-IIS/4.0 on NT3 or Windows 95

NT3 or Windows 95????

Re:windows2000test (2)

bmetzler (12546) | more than 15 years ago | (#1671553)

What happened to predictions that windows2000test would be cracked in minutes? 8 open ports and no successful attempts? Last reboot almost a month ago? C'mon people!

Good grief! We've got real issues to work with other then spending the next three months playing with Microsoft's beta OS.

When Microsoft announced the challenge we did our duty and "checked out" the server. And guess what? It failed miserably. Having proved that we went back to playing with our toys.

Perhaps if MS wants any more testing they can go out and pay a real security company to test their OS. We're just tired of knocking their poor server down, enough is enough.

Its ran for a month without reboot? If so, good for them. Goes to show that MS can develop a server that runs great - when no one uses it.

-Brent
--

Enough, already (1)

squirrel42 (38039) | more than 15 years ago | (#1671554)

Come on, i think the idea is getting old. I mean, basically, its been done already. The origional concept with micro$oft and LinuxPPC was a good concept, but now its just copycats.

Re:how does this work? (1)

D3 (31029) | more than 15 years ago | (#1671555)

They could use F5 networks BIG/IP and 3DNS solution to load balance between 2 machines serving content. One could be NT one Linux. Same IP address and domain names. However, if you go to the site you'll find that there are links to each box
securent.hackpcweek.com
and
securelinux.hackpcweek.com

I predict NT gets hit more because it has less to type for the lazy script kiddies out there. :)

what i want to see... (1)

UM_Maverick (16890) | more than 15 years ago | (#1671566)

I want to see Linus and Alan get together and write an AI for Linux, which will do battle with a Microsoft-written AI for Windows. Put them on their own private subnet, and see which AI cracks the other one first (and cracking the other's monitor with a robotic hammer doesn't count)

Re:how does this work? (0)

Anonymous Coward | more than 15 years ago | (#1671567)

There are two domains-- securent.hackpcweek.com and securelinux.hackpcweek.com. The www url is just there to explain these types of things. The nt box is going to get hacked more. It's url is easier to type.

Proves Nothing (0)

Anonymous Coward | more than 15 years ago | (#1671568)

This test will prove nothing. If the NT box is cracked/hacked/took down everyone on /. will say. Microsoft sucks, NT sucks, it got cracked etc. etc. If the linux Machine is hacked someone will cry that whoever did whatever did not tighten the security enough.. Either way it proves nothing.. So whats it matter.. What a silly contest

Who cares? (1)

PCM2 (4486) | more than 15 years ago | (#1671569)

The impression I got from Garfinkel and Spafford's fairly-accessible book "Practical Unix and Internet Security, 2e" (O'Reilly) was that, even if everything else in the book went completely over your head, you should at least understand that crack-this-box contests don't prove @!$%#$.

So why bother with them?

Are you sure you want to take credit for winning? (0)

Anonymous Coward | more than 15 years ago | (#1671570)

Winners will receive computer-equipment gift certificates of up to $1,000...

AND a visit from a large group of FBI and NSA agents with really big guns...

yeah, 8 whole ports... (0)

Anonymous Coward | more than 15 years ago | (#1671571)

you seem to think that that's a lot.

Re:Linux box??? (2)

schon (31600) | more than 15 years ago | (#1671572)

Well, a telnet to port 80 says it's Linux:
>$ telnet securelinux.hackpcweek.com
>Trying 208.184.64.170...
>Connected to securelinux.hackpcweek.com.
>Escape character is '^]'.
>HTTP/1.1 200 OK
>Date: Mon, 20 Sep 1999 18:39:01 GMT
>Server: Apache/1.3.6 (Unix) (Red Hat/Linux)

But even stranger... queso reports it as neither!

>$ queso securelinux.hackpcweek.com
>208.184.64.170:80 * HP/JETdirect Printer (old model)

So this begs the question... are they running behind some kind of firewall/load balancing proxy?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?