Results 26 to 50 of 79
-
05-28-2005, 06:21 PM #26Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Originally posted by E_man3
http://linuxtoday.com/security/2005051101426SCSW
It talks about a few vulnerbilities which may affect your System. You are running the mentioned versions of Sqid and gzip.
Originally posted by Slidey
incase anyone needs them - theres a working gcc, wget and find in the 'test' directory
wget and all that works now.
-
05-28-2005, 06:29 PM #27Web Hosting Evangelist
- Join Date
- Aug 2003
- Posts
- 459
I have a kernel end exploit here, it will crash the entire box, however considering all of mine are BSD boxes, i am downloading knoppix just to compile it Edit: just noticed the update
Edit: GCC isn't functioning properly, my bad, I have to compile this elsewhere.Last edited by e-infinity; 05-28-2005 at 06:33 PM.
-
05-28-2005, 06:40 PM #28Hail Eris !
- Join Date
- Oct 2002
- Location
- Canada
- Posts
- 3,103
Just a question, why did you remove acces from ps, top and utils like that ?
<edit> i see permissions on those are allowed now. I still wonder, why did you remove them at first place.
-
05-28-2005, 06:47 PM #29Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Originally posted by sasha
Just a question, why did you remove acces from ps, top and utils like that ?
<edit> i see permissions on those are allowed now. I still wonder, why did you remove them at first place.
Oh well this should be interesting whoever is doing the decompression of that program they uploaded
By the way, hows the speed? It's just a 3mbps cable connection..
-
05-28-2005, 06:48 PM #30Web Hosting Master
- Join Date
- Dec 2003
- Location
- Fairfax, Virginia
- Posts
- 6,834
Are you sure this is a PII 300? Seems more like a 286.
Regarding that decompression, . The transfer rate was good, about 350K/s. The decompression and running the scripts is very slow though.
-
05-28-2005, 06:52 PM #31Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Originally posted by SniperDevil
Are you sure this is a PII 300? Seems more like a 286.
Regarding that decompression, . The transfer rate was good, about 350K/s. The decompression and running the scripts is very slow though.
Oh it only had EDO ram slots.... so I put 4 sticks in. I think it comes to like 96 megs or something. So thats probably why it's so slow. I had to dig around just to find those...
-
05-28-2005, 06:53 PM #32Hail Eris !
- Join Date
- Oct 2002
- Location
- Canada
- Posts
- 3,103
You might want to add lsof to the list of the apps you block then as it does not make blocking some others if lsof works.
-
05-28-2005, 06:57 PM #33Web Hosting Master
- Join Date
- Dec 2003
- Location
- Fairfax, Virginia
- Posts
- 6,834
Originally posted by Webdude
Hey now, what kind of computer do you think I'm going to give you to hack?? Sheesh
If you *really* want somebody to hack this machine, try asking around in known hacker/script kiddie forums, and I bet you won't find a shortage of people willing to root and kill your machine, besides hosting warez and other illegal things on it.
-
05-28-2005, 07:09 PM #34Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
wget -r http://www.webhostingtalk.com
I think some people are really having fun with this
Hey, if this linux is as secure as Trustix says it is.... then this is a good test. Red Hat is really getting bad and I'm not liking them much anymore. If this box doesnt get hacked, then you can bet your arse I'm switching! I do expect a few minor problems to be caused, but not a full hack job that basically calls for a reinstall/restore.
-
05-28-2005, 07:14 PM #35Web Hosting Master
- Join Date
- Jun 2002
- Location
- San Diego, California
- Posts
- 788
Might want to powercycle your box, I killed it, security my ***.
Note:
Took me about 30 seconds with a bash script 3 lines long.
-
05-28-2005, 07:22 PM #36Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Originally posted by Tee
Might want to powercycle your box, I killed it, security my ***.
Note:
Took me about 30 seconds with a bash script 3 lines long.
-
05-28-2005, 07:34 PM #37Web Hosting Master
- Join Date
- Aug 2003
- Posts
- 844
I think the machines down...
Just when I wanted to have some fun.
-
05-28-2005, 07:41 PM #38Web Hosting Master
- Join Date
- Jun 2002
- Location
- San Diego, California
- Posts
- 788
Re: Are you a Hacker? Or a wannabe? :-)
Originally posted by Webdude
You have to use SSH2
IP: 24.182.113.251
UN: webdude
PW: public
This is just a test machine here at my house where I am testing out the Trustix Linux Operating System. For those more familiar with Linux and SSH, go ahead and check it out
Oh, and dont worry. It's on a seperate cable modem, so dont even think about ways to get into my home network
Go ahead, mess around. It's just a little PII-300 with about 96 megs ram that was an extra computer I had laying around... One of the kid's older computers that wasnt used anymore.
Anyway, Trustix claims it's the most secure operating system on the planet. I want to test their claim. I want to see if a normal user can hack the box, screw it up, fry the system, trojaned, rooted, whatever.
Personally, I dont think any of you wannabe admins/hackers can even touch it
-
05-28-2005, 07:46 PM #39Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
No, I was messing with limits in /etc/profile
I messed up and had to go into rescue to fix what I screwed up...
machine is back up till it gets flooded again. To bad none of you seem to be able to actually "hack" it
-
05-28-2005, 08:01 PM #40Web Hosting Master
- Join Date
- Dec 2000
- Location
- The Woodlands, Tx
- Posts
- 5,974
Ok, did a few minor security changes, rebooted, it's back up. Have at it!
-
05-29-2005, 06:01 AM #41Web Hosting Master
- Join Date
- Jul 2004
- Location
- Manchester, UK
- Posts
- 2,132
Originally posted by Tee
Might want to powercycle your box, I killed it, security my ***.
Note:
Took me about 30 seconds with a bash script 3 lines long.Our greatest glory is not in never falling, but in rising every time we fall. - Confucius
-
05-29-2005, 06:23 AM #42Web Hosting Master
- Join Date
- Jan 2004
- Location
- Texas
- Posts
- 1,556
Probably by the first line being #!/bin/sh (or csh)
then the second line running some program and putting it in the background with nohup
then the third line rerunning the script causing a loop and simply overloading the box.James Lumby
-
05-29-2005, 06:36 AM #43Web Hosting Master
- Join Date
- Sep 2001
- Posts
- 2,052
Originally posted by effusionx1
wtf?? how did you floood a machine with a three line script?
wget windowsMEinstall.exe
windowsMEinstall.exe
should finish off any system you run it on in a matter of seconds. Beware, don't actually try this on a working computer, I wont be responsible for the carnage.--
Rich
-
05-29-2005, 07:29 AM #44Web Hosting Master
- Join Date
- Jul 2004
- Location
- Manchester, UK
- Posts
- 2,132
Originally posted by richy
you can do it in 2.
wget windowsMEinstall.exe
windowsMEinstall.exe
should finish off any system you run it on in a matter of seconds. Beware, don't actually try this on a working computer, I wont be responsible for the carnage.
JordOur greatest glory is not in never falling, but in rising every time we fall. - Confucius
-
05-29-2005, 08:35 AM #45Web Hosting Master
- Join Date
- Jul 2004
- Location
- Manchester, UK
- Posts
- 2,132
The other thing is that I am unfamiliar with wget (sorry if this is a little off-topic) but how can you wget a .exe file. I thought you could only wget urls??
Our greatest glory is not in never falling, but in rising every time we fall. - Confucius
-
05-29-2005, 08:44 AM #46Retired Moderator
- Join Date
- Feb 2002
- Location
- Reading, England
- Posts
- 4,240
It was a joke
Steve
-
05-29-2005, 08:46 AM #47Web Hosting Master
- Join Date
- Jul 2004
- Location
- Manchester, UK
- Posts
- 2,132
Originally posted by Vortex-Steve
It was a jokeOur greatest glory is not in never falling, but in rising every time we fall. - Confucius
-
05-29-2005, 11:12 AM #48Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
honastly if you wanted to test the security of trustix like they said, it should have been an unmodified box. just my opinion.
Anyway, Trustix claims it's the most secure operating system on the planet. I want to test their claim. I want to see if a normal user can hack the box, screw it up, fry the system, trojaned, rooted, whatever.Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
05-29-2005, 11:32 AM #49Web Hosting Master
- Join Date
- Apr 2003
- Location
- UK
- Posts
- 2,569
theres always the old oneliner - (i cant remember it exactly) - ;:{:;:}
or thereabouts..
-
05-29-2005, 12:48 PM #50Web Hosting Master
- Join Date
- Jun 2002
- Location
- San Diego, California
- Posts
- 788
The most effective local flood attack on most all Linux or *BSD boxs is usually a fork bomb, thats what I used in this case, the reason for this is the only kernel that has been patched is the NetBSD and OpenBSD, If I was looking for security, My choices of BSD / Linux would be in this order:
1. OpenBSD
2. NetBSD
3. FreeBSD
4. CentOS / RHEL
5. Slackware
6. Trustix
7. Fedora
... All the rest ...
The only truely secure 'Out of the box' distro(s) are OpenBSD and NetBSD in my opinion. [Assuming you dont run httpd etc]