Vulnerability Development mailing list archives
Re: Kill the DOG and win 100 000 DM
From: John Herron <john.herron () RRC STATE TX US>
Date: Mon, 6 Nov 2000 10:41:05 -0600
I just tried getting through, and although it took a LONG time it eventually loaded the webpage. I was actually in the act of emailing them to ask which server they want us to take down lol (since they have 3 (main, hacking-contest.com, and 193.102.208.43). Still, the system seems to be quite slow (but what system wouldn't be that has a set date of an international hack attack). I couldn't ping it, but thats anything from it being slow and simply timing out to the server rejecting my ICMP packets. Although I see that most "security professionals" seem to dislike these contests as a poor example of security publicity; I like these contests just for an aspect of a free/legal public system for anyone to play around on. I think wargames do help anyone trying to learn since they may not have the funds/knowledge right away to set up their own unix box. Regardless, just wanted to comment that although the box is unrealistically slow, it IS still up and does (after a few minutes) load the webpage.
Lincoln Yeoh <lyeoh () POP JARING MY> 11/06/00 12:38AM >>>
Hmm. The IP is released but I can't reach the webserver - following doesn't work: http://193.102.208.43/ Maybe the site is already experiencing DOS attacks. At 09:50 PM 05-11-2000 -0500, //Stany wrote:
On Mon, 6 Nov 2000, Jay Tribick wrote:root doesn't actually have any privileges on a Pitbull system.. he's just a normal user (out of the box..)Actually that's not strictly true either - root user has enough priviledges to allow the system to boot on power on (not the OBP security levels, but the PB authentication to let system finish booting up), but that's about it, yes.
How is remote administration performed? The documentation available online says that there is a tool for remote admin, but doesn't go into the details. I think it's ssh. Is it possible to telnet in, su to root, then run some program to upgrade your authority? Or telnet in, change your level/authority, then su to root? For example for Cyberguard on Unixware, you run /sbin/tfadmin newlvl sys_private. And in theory you're not supposed to be able to do it when you telnet in from a device at NETWORK level. You can't do that anymore. But point is often reality refuses to follow theory ;). For Pitbull systems, what does /tbin/setsecconfig -D0 do? From: https://www.argus-systems.com/support/knowledge_base/trouble.shtml#18 I tried to check their online manual, but the manpage doesn't seem to be there, even though that command is mentioned in the other manpages dealing with privileges and related commands.
..if anyone would like Jeff Thompsons talk from Defcon 7 on "Hacking B1 Trusted Operating Systems", send me an email and I'll put it up somewhere.Sure, please. Knowledge is power, and all that...
It's actually on one of the sites mentioned in the post: http://www.argusrevolution.com/downloads/DefCon.ppt From: http://www.argusrevolution.com/pitbullsupport.html Do you know where I can find the release notes for Pitbull? e.g. what bugs they fixed in each release? This would be more interesting - you find out what the developers are having trouble with. Anyway, I may just poke around when they release root - too lazy to get a special Solaris 7 and a copy of Pitbull. That is if I can telnet in with all the DOS attacks going on ;). Cheerio, Link.
Current thread:
- Re: Kill the DOG and win 100 000 DM, (continued)
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 06)
- Re: Kill the DOG and win 100 000 DM //Stany (Nov 06)
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 07)
- Re: Kill the DOG and win 100 000 DM ratz (Nov 07)
- Message not available
- Re: Kill the DOG and win 100 000 DM Lincoln Yeoh (Nov 07)
- Re: Kill the DOG and win 100 000 DM Sven van 't Veer (Nov 07)
- Message not available
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 07)
- Re: Kill the DOG and win 100 000 DM Christian Schwalm (Nov 07)
- Re: Kill the DOG and win 100 000 DM James Cox (Nov 07)
- Re: Kill the DOG and win 100 000 DM Fabio Pietrosanti (naif) (Nov 08)
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 08)
- Re: Kill the DOG and win 100 000 DM Mark (Nov 08)