<div>Here ya go CLUG. For fun, I've setup a base build of Ubuntu 8.04. I purposely chose an old release and haven't applied any security updates.</div><div><br></div><meta http-equiv="content-type" content="text/html; charset=utf-8"><div>
I've done a standard apache, php, mysql install. I've also installed webmin. I've done absolutely nothing to harden this box. I haven't even disabled ssh root logins. There are no iptables rules, nothing. The box is wide open ... ass hanin' in the wind so to speak.</div>
<div><br></div><meta http-equiv="content-type" content="text/html; charset=utf-8"><div>pwn me! pwn me! pwn me!</div><div><br></div><div>The IP address is: 173.45.247.24</div><div>The hostname: <a href="http://gustin.taord.com">gustin.taord.com</a></div>
<div><br></div><div>Aside from the root account, there are two additional user accounts setup:</div><div><br></div><div>user: clug</div><div>password: linuxluver</div><div><br></div><div>user: gustin</div><div>wind0zeluv3r</div>
<div>(that's a zero in there)</div><div><div><br></div><div>If you want any additional software installed on here to make it more unstable ... let me know.</div><div><br></div><div>Please don't change the password for the "clug" user ... I want anyone who wants to, to be able to get on the box.</div>
<div><br></div><div>Gustin --> if you want to log in and change the password for the "gustin" user account, please feel free :)</div><div><br></div><div>The point of all of this is: I hope someone will pwn this box and tell the rest of us how you did it. It would be a real eduction ... I mean that.</div>
<div><br></div><div>There is a file in the root home folder:</div><div><br></div><div><div>root@gustin:~# ls -l</div><div>total 4</div><div>-rw------- 1 root root 29 May 5 16:20 pwnme.txt</div><div>root@gustin:~#</div></div>
<div><br></div><div>Post the contents of that file to this thread and you've obviously acquired root privileges.</div><div><br></div><div>I'm not a Windows hater ... I simply don't waste my time with it. I also seriously doubt any sane Windows admin wouldn't do what I've just done here ... the sun wouldn't set before someone baked the Windows machine at 450 degrees for half and hour.</div>
<div><br></div><div>Now I have real work to do ... gotta keep the lights on :)</div><div><br></div><div>Ciao,</div><div>Greg</div><div><br></div><div><br><br><div class="gmail_quote">On 4 May 2010 22:36, Gustin Johnson <span dir="ltr"><<a href="mailto:gustin@echostar.ca">gustin@echostar.ca</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="im">On 10-05-04 06:39 PM, Greg Saunders wrote:<br>
> I'm starting a new thread because I didn't want to hijack TekBudda's<br>
> original thread re: Query: Mac & Windows Diagnostics Tools.<br>
><br>
>> Uh, there is a lot of preventative measures that one can take with Windows<br>
><br>
> True:<br>
><br>
> 1. run the windoze machine stand alone ... do not connect it to the internet<br>
> or<br>
<br>
</div>Same goes for a Linux machine. Anything directly connected to the<br>
internet requires management. One mistake is all it takes, regardless<br>
of the platform.<br>
<div class="im"><br>
> 2. install zero software on it ... keep to Notepad, Write and<br>
> Minesweeper for entertainment, oh yea, don't connect it to the internet<br>
> or<br>
<br>
</div>This is good advice for Linux too. Install only what you need.<br>
<div class="im"><br>
> 3. format c: ... install Linux<br>
<br>
</div>Linux can be easily pwned. Just like nearly everyone else these days,<br>
it all depends on how you configure it.<br>
<div class="im">><br>
>> I am tired of the FUD thrown over the fence by the FLOSS people<br>
><br>
> We're the same people that insist that the sun rises in the East every<br>
> morning. We call a spade a spade.<br>
<br>
</div>That is all nice to say, but stop living in 2001. XP is not reflective<br>
of the current state of things. I don't care if you like Windows or<br>
not. In fact I don't like using it, but we should not be throwing FUD<br>
around.<br>
<div class="im">><br>
>> Bashing Windows out of ignorance does not get us anywhere and just<br>
> makes us look childish.<br>
><br>
> Some of us actually bash Windoze because of first hand experience. My<br>
> most recent experience (still ongoing) with a client was/is their IT<br>
> staff trying to get a new Win 7 machine setup with x64 print drivers<br>
> that actually work ... not to mention that there was no way in hell that<br>
> they could get another Win 7 machine working with the KVM switch a<br>
> certain user was using for flipping between a few desktops in their<br>
> office. It goes on and on and on.<br>
<br>
</div>I have a lot of the same problems with Desktop Linux. I have 4 printers<br>
at home, only the oldest one currently works with Linux. Day in and day<br>
out I manage hundreds of machines running a variety of operating systems<br>
(Windows and Linux make up the two largest groups). They both have<br>
their strengths and weaknesses, but the security footprint differences<br>
are far smaller than most people realize.<br>
<div class="im">><br>
> Or (just a couple of months ago) at another client, where a half dozen<br>
> Windoze guys were onsite from a prominent IT services company here in<br>
> Calgary trying to stop some worm that was propagating through the<br>
> network ... the best they could do was unplug network cables and deal<br>
> with each desktop individually.<br>
<br>
</div>That is pretty much how you should be dealing with a worm infection<br>
(assuming that you do not have an IPS that switches infected machines to<br>
a different VLAN). It sounds like this guy does not actually know how<br>
to respond to security incidents. To be fair, most so-called IT people<br>
really know very little about security or proper incident response.<br>
<br>
We can swap anecdotal stories all night and not get anywhere.<br>
<div class="im">><br>
> Oddly, all these guys were in my age bracket (35ish, 40ish) but I was<br>
> the only one who had any hair left. No word of a lie. And I can tell you<br>
> I did not make any friends with these "make work b*st*rds" when I<br>
> pointed that out:<br>
><br>
</div>I still have hair at 34, what is the point?<br>
<div class="im"><br>
> "Hi guys, I guess Linux = hair", that did not go over well. I thought it<br>
> was funny at the time ... couldn't contain myself :)<br>
><br>
> Yea, I got the same "You FLOSS zealot b*st*rd" thrown at me that Gustin<br>
> tossed out earlier ... but ... whatever.<br>
<br>
</div>Actually I never did say that.<br>
<div class="im">><br>
> Look, I understand that Windows is a reality (in North America anyway).<br>
> Keep the install base small ... sure ... makes wipe and reloads easier<br>
> ... images smaller.<br>
><br>
> Windows is a make work project, plain and simple. Any advocate for such<br>
> substandard technology either punches a clock for a living or hasn't<br>
> figured out (or doesn't want to figure out) how to survive in the<br>
> OSS/FLOSS world.<br>
<br>
</div>My experiences are different.<br>
<div class="im">><br>
> Greg's "windows preventative measure" is "don't waste your time".<br>
<br>
</div>No, that is FUD plain and simple.<br>
<div class="im">><br>
> That's not being "childish" ... it's how I've kept my sanity and<br>
> supported a wife and four kids for the last 10 years. Stick that in your<br>
> "there is a lot of preventative measures that one can take with Windows"<br>
> pipe and smoke it.<br>
><br>
<br>
> Hey ... this might come across a little harsh (zealotish), oh well,<br>
> smile, I am.<br>
><br>
</div>I am a FLOSS advocate and user. In fact I reach for FLOSS solutions<br>
first if that is an option. This is one of the rare times that I am on<br>
this side of the fence for this argument. I have to say it feels a<br>
little weird.<br>
<br>
<br>_______________________________________________<br>
clug-talk mailing list<br>
<a href="mailto:clug-talk@clug.ca">clug-talk@clug.ca</a><br>
<a href="http://clug.ca/mailman/listinfo/clug-talk_clug.ca" target="_blank">http://clug.ca/mailman/listinfo/clug-talk_clug.ca</a><br>
Mailing List Guidelines (<a href="http://clug.ca/ml_guidelines.php" target="_blank">http://clug.ca/ml_guidelines.php</a>)<br>
**Please remove these lines when replying<br></blockquote></div><br></div></div>