Page 1 of 4 1234 LastLast
Results 1 to 25 of 79
  1. #1
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,974

    Are you a Hacker? Or a wannabe? :-)

    You have to use SSH2
    IP: 24.182.113.251
    UN: webdude
    PW: public

    This is just a test machine here at my house where I am testing out the Trustix Linux Operating System. For those more familiar with Linux and SSH, go ahead and check it out

    Oh, and dont worry. It's on a seperate cable modem, so dont even think about ways to get into my home network

    Go ahead, mess around. It's just a little PII-300 with about 96 megs ram that was an extra computer I had laying around... One of the kid's older computers that wasnt used anymore.

    Anyway, Trustix claims it's the most secure operating system on the planet. I want to test their claim. I want to see if a normal user can hack the box, screw it up, fry the system, trojaned, rooted, whatever.

    Personally, I dont think any of you wannabe admins/hackers can even touch it

  2. #2
    Join Date
    Dec 2002
    Location
    Texas
    Posts
    424
    mighty bold of ya aint it

  3. #3
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,974
    Originally posted by 3rdcoast
    mighty bold of ya aint it
    How so? It's a test machine.

    BTW - I dont just want hack attempts, I want feedback on this system. Did you try things that would crack other ops with usual installs? I installed this one with all options. There should be security holes somewhere because of that.

    All in all, I want to know how it's security stacks up to others. Remember, this is a default install with all options, which they say is still secure...

    I want to know ....
    Last edited by Webdude; 05-28-2005 at 05:13 PM.

  4. #4
    Join Date
    Jul 2004
    Location
    Manchester, UK
    Posts
    2,132
    Okay well for a start you Live in America, (possibly near Texas) and your ISP on that line is:
    You do not run a server on that line.
    Charter Communications
    (http://www.charter.com/default.aspx)

    Jord
    Our greatest glory is not in never falling, but in rising every time we fall. - Confucius

  5. #5
    Join Date
    Jun 2004
    Posts
    2,853
    Originally posted by effusionx1
    Okay well for a start you Live in America, (possibly near Texas) and your ISP on that line is:
    You do not run a server on that line.
    Charter Communications
    (http://www.charter.com/default.aspx)

    Jord
    Kinda lost on your post there.

  6. #6
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,974
    Originally posted by effusionx1
    Okay well for a start you Live in America, (possibly near Texas) and your ISP on that line is:
    You do not run a server on that line.
    Charter Communications
    (http://www.charter.com/default.aspx)

    Jord
    It's not a server. I am not hosting anything, it is simply a machine connected to the internet. I have already asked them about this (since I was once their computer tech), and as long as I am not hosting of any kind, they have no issues with it. If they did have a problem with it, I would simply run it up to the data center I work in up the road, and do it there..

  7. #7
    Join Date
    Aug 2003
    Posts
    459
    Give me a few mins

  8. #8
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,974
    Originally posted by DJ Plasma
    Give me a few mins
    LOL, thats what I like to hear

  9. #9
    Join Date
    Oct 2002
    Posts
    13,624
    This should be interesting

    Tinyurl is the answer for posting long urls!!!

  10. #10
    Join Date
    Jul 2004
    Location
    Manchester, UK
    Posts
    2,132
    Originally posted by Webdude
    It's not a server. I am not hosting anything, it is simply a machine connected to the internet. I have already asked them about this (since I was once their computer tech), and as long as I am not hosting of any kind, they have no issues with it. If they did have a problem with it, I would simply run it up to the data center I work in up the road, and do it there..
    Yeh I know, I was just stating the obvious facts.
    Our greatest glory is not in never falling, but in rising every time we fall. - Confucius

  11. #11
    Join Date
    Apr 2003
    Location
    UK
    Posts
    2,569
    is it a default install?

  12. #12
    Join Date
    Feb 2002
    Location
    Reading, England
    Posts
    4,240
    Remember, this is a default install with all options, which they say is still secure...
    Steve

  13. #13
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,974
    Originally posted by Vortex-Steve
    What Steve quoted. The only thing I have changed is the ability to change the password, which I didnt do much there either..

  14. #14
    Join Date
    Apr 2003
    Location
    UK
    Posts
    2,569
    -r-s--x--x 1 root root 122524 Mar 18 2004 dwssap


    wtg on teh security!

    im surprised by default they dont allow find and the like. security by uselessness.. security shouldnt be too much that you cant actually use a system

  15. #15
    Join Date
    Aug 2003
    Posts
    459
    you should at least permit gcc to be used on the system.

  16. #16
    Join Date
    Apr 2003
    Location
    UK
    Posts
    2,569
    or maybe wget

  17. #17
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,974
    Originally posted by Slidey
    -r-s--x--x 1 root root 122524 Mar 18 2004 dwssap


    wtg on teh security!

    im surprised by default they dont allow find and the like. security by uselessness.. security shouldnt be too much that you cant actually use a system
    Bout time someone found that. All I did was renamed it in reverse

    Ok. Renamed back and set to 000. Just dont want someone changing the password. I want the box attempted to be hacked from both inside and out. I have already emailed them this thread too

    I'm not sure I would want to limit "find" though. I thought about that, and s/locate too. I want a secure op, but not one thats so secure that normal clients cant actually use it.... so cracking down on wget would be a bad option also.

  18. #18
    Join Date
    Apr 2003
    Location
    UK
    Posts
    2,569

    Re: Are you a Hacker? Or a wannabe? :-)

    Originally posted by Webdude
    Anyway, Trustix claims it's the most secure operating system on the planet. I want to test their claim. I want to see if a normal user can hack the box, screw it up, fry the system, trojaned, rooted, whatever.

    Personally, I dont think any of you wannabe admins/hackers can even touch it
    does it really come with wget o-x and a 2.4.30 kernel?

  19. #19
    Join Date
    Apr 2003
    Location
    UK
    Posts
    2,569
    Originally posted by Webdude
    Bout time someone found that. All I did was renamed it in reverse

    Ok. Renamed back and set to 000. Just dont want someone changing the password. I want the box attempted to be hacked from both inside and out. I have already emailed them this thread too

    I'm not sure I would want to limit "find" though. I thought about that, and s/locate too. I want a secure op, but not one thats so secure that normal clients cant actually use it.... so cracking down on wget would be a bad option also.
    if your customers cant use it, it wont matter how secure you are as they'll go elsewhere..

  20. #20
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,974
    Originally posted by Slidey
    if your customers cant use it, it wont matter how secure you are as they'll go elsewhere..
    Yes I know that, but dont you think the password is the first thing someone here would mess with? I dont want the password being changed, I want public and easy access for people to come in and see what damage they can do. On a live hosting machine, of course I wouldnt lock down the passwd command...

  21. #21
    Join Date
    Apr 2003
    Location
    UK
    Posts
    2,569
    was more talking about wget/find and similar utilities

  22. #22
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,974
    Originally posted by Slidey
    was more talking about wget/find and similar utilities
    Ah ok, now I see you were agreeing with me. I thought you were talking about passwd the way I have it now. Sorry

  23. #23
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,974
    Ah hold on, lemme lighten up the security a bit...
    I forgot I did run a script I wrote that secures things up a bit more...

  24. #24
    Join Date
    Aug 2004
    Location
    Los Angeles,CA
    Posts
    789
    http://linuxtoday.com/security/2005051101426SCSW
    It talks about a few vulnerbilities which may affect your System. You are running the mentioned versions of Sqid and gzip.

  25. #25
    Join Date
    Apr 2003
    Location
    UK
    Posts
    2,569
    incase anyone needs them - theres a working gcc, wget and find in the 'test' directory

Page 1 of 4 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •