Results 1 to 25 of 79
-
05-28-2005, 04:13 PM #1Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Are you a Hacker? Or a wannabe? :-)
You have to use SSH2
IP: 24.182.113.251
UN: webdude
PW: public
This is just a test machine here at my house where I am testing out the Trustix Linux Operating System. For those more familiar with Linux and SSH, go ahead and check it out
Oh, and dont worry. It's on a seperate cable modem, so dont even think about ways to get into my home network
Go ahead, mess around. It's just a little PII-300 with about 96 megs ram that was an extra computer I had laying around... One of the kid's older computers that wasnt used anymore.
Anyway, Trustix claims it's the most secure operating system on the planet. I want to test their claim. I want to see if a normal user can hack the box, screw it up, fry the system, trojaned, rooted, whatever.
Personally, I dont think any of you wannabe admins/hackers can even touch it
-
05-28-2005, 04:17 PM #2Aspiring Evangelist
- Join Date
- Dec 2002
- Location
- Texas
- Posts
- 424
mighty bold of ya aint it
-
05-28-2005, 05:05 PM #3Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Originally posted by 3rdcoast
mighty bold of ya aint it
BTW - I dont just want hack attempts, I want feedback on this system. Did you try things that would crack other ops with usual installs? I installed this one with all options. There should be security holes somewhere because of that.
All in all, I want to know how it's security stacks up to others. Remember, this is a default install with all options, which they say is still secure...
I want to know ....Last edited by Webdude; 05-28-2005 at 05:13 PM.
-
05-28-2005, 05:20 PM #4Web Hosting Master
- Join Date
- Jul 2004
- Location
- Manchester, UK
- Posts
- 2,132
Okay well for a start you Live in America, (possibly near Texas) and your ISP on that line is:
You do not run a server on that line.
Charter Communications
(http://www.charter.com/default.aspx)
JordOur greatest glory is not in never falling, but in rising every time we fall. - Confucius
-
05-28-2005, 05:24 PM #5Web Hosting Master
- Join Date
- Jun 2004
- Posts
- 2,853
Originally posted by effusionx1
Okay well for a start you Live in America, (possibly near Texas) and your ISP on that line is:
You do not run a server on that line.
Charter Communications
(http://www.charter.com/default.aspx)
Jord
-
05-28-2005, 05:24 PM #6Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Originally posted by effusionx1
Okay well for a start you Live in America, (possibly near Texas) and your ISP on that line is:
You do not run a server on that line.
Charter Communications
(http://www.charter.com/default.aspx)
Jord
-
05-28-2005, 05:25 PM #7Web Hosting Evangelist
- Join Date
- Aug 2003
- Posts
- 459
Give me a few mins
-
05-28-2005, 05:26 PM #8Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Originally posted by DJ Plasma
Give me a few mins
-
05-28-2005, 05:29 PM #9An Awesome Dude
- Join Date
- Oct 2002
- Posts
- 13,624
This should be interesting
Tinyurl is the answer for posting long urls!!!
-
05-28-2005, 05:33 PM #10Web Hosting Master
- Join Date
- Jul 2004
- Location
- Manchester, UK
- Posts
- 2,132
Originally posted by Webdude
It's not a server. I am not hosting anything, it is simply a machine connected to the internet. I have already asked them about this (since I was once their computer tech), and as long as I am not hosting of any kind, they have no issues with it. If they did have a problem with it, I would simply run it up to the data center I work in up the road, and do it there..Our greatest glory is not in never falling, but in rising every time we fall. - Confucius
-
05-28-2005, 05:48 PM #11Web Hosting Master
- Join Date
- Apr 2003
- Location
- UK
- Posts
- 2,569
is it a default install?
-
05-28-2005, 05:50 PM #12Retired Moderator
- Join Date
- Feb 2002
- Location
- Reading, England
- Posts
- 4,240
Remember, this is a default install with all options, which they say is still secure...Steve
-
05-28-2005, 05:52 PM #13Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Originally posted by Vortex-Steve
-
05-28-2005, 05:53 PM #14Web Hosting Master
- Join Date
- Apr 2003
- Location
- UK
- Posts
- 2,569
-r-s--x--x 1 root root 122524 Mar 18 2004 dwssap
wtg on teh security!
im surprised by default they dont allow find and the like. security by uselessness.. security shouldnt be too much that you cant actually use a system
-
05-28-2005, 05:59 PM #15Web Hosting Evangelist
- Join Date
- Aug 2003
- Posts
- 459
you should at least permit gcc to be used on the system.
-
05-28-2005, 05:59 PM #16Web Hosting Master
- Join Date
- Apr 2003
- Location
- UK
- Posts
- 2,569
or maybe wget
-
05-28-2005, 06:00 PM #17Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Originally posted by Slidey
-r-s--x--x 1 root root 122524 Mar 18 2004 dwssap
wtg on teh security!
im surprised by default they dont allow find and the like. security by uselessness.. security shouldnt be too much that you cant actually use a system
Ok. Renamed back and set to 000. Just dont want someone changing the password. I want the box attempted to be hacked from both inside and out. I have already emailed them this thread too
I'm not sure I would want to limit "find" though. I thought about that, and s/locate too. I want a secure op, but not one thats so secure that normal clients cant actually use it.... so cracking down on wget would be a bad option also.
-
05-28-2005, 06:02 PM #18Web Hosting Master
- Join Date
- Apr 2003
- Location
- UK
- Posts
- 2,569
Re: Are you a Hacker? Or a wannabe? :-)
Originally posted by Webdude
Anyway, Trustix claims it's the most secure operating system on the planet. I want to test their claim. I want to see if a normal user can hack the box, screw it up, fry the system, trojaned, rooted, whatever.
Personally, I dont think any of you wannabe admins/hackers can even touch it
-
05-28-2005, 06:04 PM #19Web Hosting Master
- Join Date
- Apr 2003
- Location
- UK
- Posts
- 2,569
Originally posted by Webdude
Bout time someone found that. All I did was renamed it in reverse
Ok. Renamed back and set to 000. Just dont want someone changing the password. I want the box attempted to be hacked from both inside and out. I have already emailed them this thread too
I'm not sure I would want to limit "find" though. I thought about that, and s/locate too. I want a secure op, but not one thats so secure that normal clients cant actually use it.... so cracking down on wget would be a bad option also.
-
05-28-2005, 06:07 PM #20Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Originally posted by Slidey
if your customers cant use it, it wont matter how secure you are as they'll go elsewhere..
-
05-28-2005, 06:08 PM #21Web Hosting Master
- Join Date
- Apr 2003
- Location
- UK
- Posts
- 2,569
was more talking about wget/find and similar utilities
-
05-28-2005, 06:10 PM #22Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Originally posted by Slidey
was more talking about wget/find and similar utilities
-
05-28-2005, 06:12 PM #23Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Ah hold on, lemme lighten up the security a bit...
I forgot I did run a script I wrote that secures things up a bit more...
-
05-28-2005, 06:13 PM #24Web Hosting Master
- Join Date
- Aug 2004
- Location
- Los Angeles,CA
- Posts
- 789
http://linuxtoday.com/security/2005051101426SCSW
It talks about a few vulnerbilities which may affect your System. You are running the mentioned versions of Sqid and gzip.
-
05-28-2005, 06:18 PM #25Web Hosting Master
- Join Date
- Apr 2003
- Location
- UK
- Posts
- 2,569
incase anyone needs them - theres a working gcc, wget and find in the 'test' directory