Vulnerability Development mailing list archives
Fw: Re: Kill the DOG and win 100 000 DM
From: Guilherme Mesquita <guy () linuxbr com br>
Date: Mon, 6 Nov 2000 20:18:20 -0200
I'm just forwarding because I didnt use Reply-to-all, forgive me ;), read what's quoted. On Mon, 06 Nov 2000, Guilherme Mesquita wrote:
Reply-To: guy () linuxbr com br Subject: Re: Kill the DOG and win 100 000 DM I tryied in the day when they released the IP. The box was firelled by a router or something like that. It just duped the packet to other router like they do when they want to take off the traceroute... Well... I think the admins from pitbull might be some kid of "I AM THE SUPER-ROOT, UNBEATEBLE WITH MY SUPER-PIX-FIREWALL!@#". All the contests I heard about installed and let a PLAIN BOX WITH SOME LITTLE PATCHES *ALL OPEN*, NO FIREWALL. If you're a good sysadmin or you wanna sell a product that REALLY WORKS AND ITS REALLY SAFE, why would you install a firewall? Are you afraid from something? Yeah I bet you are. Like microsoft always have been ;) Regards.
--- ends here. ---
On Mon, 6 Nov 2000, Lincoln Yeoh wrote:Date: Mon, 6 Nov 2000 14:38:13 +0800 To: VULN-DEV () SECURITYFOCUS COM From: Lincoln Yeoh <lyeoh () POP JARING MY> Reply-To: Lincoln Yeoh <lyeoh () POP JARING MY> Sender: VULN-DEV List <VULN-DEV () SECURITYFOCUS COM> Subject: Re: Kill the DOG and win 100 000 DM Hmm. The IP is released but I can't reach the webserver - following doesn't work: http://193.102.208.43/ Maybe the site is already experiencing DOS attacks. At 09:50 PM 05-11-2000 -0500, //Stany wrote:On Mon, 6 Nov 2000, Jay Tribick wrote:root doesn't actually have any privileges on a Pitbull system.. he's just a normal user (out of the box..)Actually that's not strictly true either - root user has enough priviledges to allow the system to boot on power on (not the OBPsecuritylevels, but the PB authentication to let system finish booting up),butthat's about it, yes.How is remote administration performed? The documentation available online says that there is a tool for remote admin, but doesn't go into the details. I think it's ssh. Is it possible to telnet in, su to root, then run some program toupgradeyour authority? Or telnet in, change your level/authority, then su to root? For example for Cyberguard on Unixware, you run /sbin/tfadmin newlvl sys_private. And in theory you're not supposed to be able to do it when you telnet in from a device at NETWORK level. You can't do that anymore.Butpoint is often reality refuses to follow theory ;). For Pitbull systems, what does /tbin/setsecconfig -D0 do? From: https://www.argus-systems.com/support/knowledge_base/trouble.shtml#18 I tried to check their online manual, but the manpage doesn't seem tobethere, even though that command is mentioned in the other manpages dealing with privileges and related commands...if anyone would like Jeff Thompsons talk from Defcon 7 on "HackingB1Trusted Operating Systems", send me an email and I'll put it upsomewhere.Sure, please. Knowledge is power, and all that...It's actually on one of the sites mentioned in the post: http://www.argusrevolution.com/downloads/DefCon.ppt From: http://www.argusrevolution.com/pitbullsupport.html Do you know where I can find the release notes for Pitbull? e.g. what bugs they fixed in each release? This would be more interesting - you findoutwhat the developers are having trouble with. Anyway, I may just poke around when they release root - too lazy to getaspecial Solaris 7 and a copy of Pitbull. That is if I can telnet inwithall the DOS attacks going on ;). Cheerio, Link.-- .--------------------. | Guilherme Mesquita | | guy () linuxbr com br | | UIN # 5864338 | `--------------------' . .
-- .--------------------. | Guilherme Mesquita | | guy () linuxbr com br | | UIN # 5864338 | `--------------------'
Current thread:
- Re: Kill the DOG and win 100 000 DM, (continued)
- Re: Kill the DOG and win 100 000 DM Lincoln Yeoh (Nov 11)
- Re: Kill the DOG and win 100 000 DM Shawn Badolian (Nov 07)
- Re: Kill the DOG and win 100 000 DM Ken Pfeil (Nov 07)
- Re: Kill the DOG and win 100 000 DM John Herron (Nov 07)
- Re: Kill the DOG and win 100 000 DM Christian Schwalm (Nov 07)
- Re: Kill the DOG and win 100 000 DM James Cox (Nov 07)
- Re: Kill the DOG and win 100 000 DM Fabio Pietrosanti (naif) (Nov 08)
- Re: Kill the DOG and win 100 000 DM Christian Schwalm (Nov 07)
- Re: Kill the DOG and win 100 000 DM Ben Grubin (Nov 07)
- Re: Kill the DOG and win 100 000 DM Matthias Krawutschke (Nov 07)
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 08)
- Fw: Re: Kill the DOG and win 100 000 DM Guilherme Mesquita (Nov 07)
- Re: Kill the DOG and win 100 000 DM John Herron (Nov 08)
- Re: Kill the DOG and win 100 000 DM Mark (Nov 08)
- Re: Kill the DOG and win 100 000 DM Robert Collins (Nov 08)
- Re: Kill the DOG and win 100 000 DM Scott Fagg (Nov 08)
- Re: Kill the DOG and win 100 000 DM Jon Larimer (Nov 09)
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 09)
- Re: Kill the DOG and win 100 000 DM Michael Wojcik (Nov 09)
- Re: Kill the DOG and win 100 000 DM Sherrod, Andrew (Nov 09)
- Re: Kill the DOG and win 100 000 DM Ghory, Zeshan A (Nov 09)
- Re: Kill the DOG and win 100 000 DM Jeffrey W. Thompson (Nov 10)
(Thread continues...)