[4785] in linux-announce channel archive
Linux-Announce Digest #78
daemon@ATHENA.MIT.EDU (Digestifier)
Sun Mar 20 12:13:09 2005
From: Digestifier <Linux-Announce-Request@senator-bedfellow.mit.edu>
To: Linux-Announce@senator-bedfellow.mit.edu
Reply-To: Linux-Announce@senator-bedfellow.mit.edu
Date: Sun, 20 Mar 2005 12:13:05 EST
Linux-Announce Digest #78, Volume #5 Sun, 20 Mar 2005 12:13:05 EST
Contents:
INDIA: 10,000 IPs try to break in ... and don't succeed ("Frederick Noronha (FN)")
[Gramps-announce] GRAMPS 1.0.11 released. ("Frederick Noronha (FN)")
NEWS: Hurd/L4 Developer Marcus Brinkmann Interviewed ("Frederick Noronha (FN)")
----------------------------------------------------------------------------
From: "Frederick Noronha (FN)" <fred@bytesforall.org>
Subject: INDIA: 10,000 IPs try to break in ... and don't succeed
Date: Sat, 19 Mar 2005 12:04:20 CST
http://www.linuxense.com/challenge/
No Prizes. Just Applause.
(Server Break-in Challenge)
Status of the Challenge : Over
Challenge period : 9 March 2005 02:00 IST to 13 March 2005 02:00 IST
Winner : none
Out come : Unbroken at the end of 96 hrs
Type of server access given : Remote and Local
Distro used : Adamantix
? We have prepared an FAQ document based on the Challenge-related Emails we
have received before, during and after the event.
? Here is the Bittorrent link for the packet capture dump. Please share your
analysis.
? We have returned the IP address used for the Challenge server to the ISP and
it does not belong to us any longer.
Send in your comments and queries related this Break-in Challenge to
challenge@linuxense.com
http://www.linuxense.com/challenge/why.xhtml
Post-event FAQs
1. What distro did you use? Could you explain the setup?
The distro used was Adamantix 1.0.4 (Kudos to the Adamantix team!).
The Challenge server (PIII 600 Mhz 128 MB RAM) was connected to the Internet
through a bridge (Compaq P4 2.2 Ghz 256 MB RAM) set up using Honeywall. The
bridge did the packet capturing, outbound traffic rate-limiting, etc.
There wasn't any firewall. Neither the Challenge server had any read-only
mounts.
2. Why do you guys do this? Is it a publicity stunt?
Most of the security/break-in challenges are sponsored by companies to
test/market their products. What we intended was to put an Open source project
as the victim and give enthusiasts across the globe a chance to test their
skills and to try out their exploits. And to share the lessons thus learned
with the community. We neither claim that the system used is our product or
it's an unhackable system.
This event was featured in several news portals, local news papers, blogs,
discussion groups, and mail lists. While we enjoyed the publicity it brought in
more and more contestants and turned it into an interesting one.
3. Do you expect that someone will try a ``0-day'' on your [Challenge] server?
No.
4. If it's contest, there must be a prize.
Not really necessary in all cases. We had over 10,000 (based on unique IP
addresses) participants. They took up the challenge just because they were
passionate about it.
5. You guys suck! You gave a login which doesn't work.
What we released was the ROT13 (that was the twist) of the original login. If
you couldn't make out that, assume that you simply didn't qualify for the
challenge.
The given ROT13'ed login name was ``haavxhggna'' which can be decrypted to
``unnikuttan'', the name of a popular Malayalam cartoon character.
6. nmap returns ``connection refused''/``filtered''. Your [Challenge] server
seems to be behind a firewall.
There was no firewall. This is how nmap would report if you run it against a
server which is under (D)DoS attack (the Challenge server was overwhelmed by
port scans, brute-force attacks, etc. most of the time).
7. If nobody could break-in, will you claim that you have the hardest distro?
No. A break-in contest is probably not a way to prove that.
8. What will you do with the packet capture [data]?
We will analyze it when we get some free time. We will be happy to post here
any analysis done by you too.
_____
_/ ____\____ Frederick Noronha * Freelance Journalist * Goa
\ __\/ \ India T +91.832.2409490 M +919822 122436
| | | | \ http://fn.swiki.net http://goabooks.swiki.net
|__| |___| / http://www.bytesforall.net http://www.bytesforall.org
\/ -----------------------------------------------------
Writing with a difference, on issues that really make the difference.
##########################################################################
# Send submissions for comp.os.linux.announce to: cola@stump.algebra.com #
# PLEASE remember a short description of the software and the LOCATION. #
# This group is archived at http://stump.algebra.com/~cola/ #
##########################################################################
------------------------------
From: "Frederick Noronha (FN)" <fred@bytesforall.org>
Subject: [Gramps-announce] GRAMPS 1.0.11 released.
Date: Sun, 20 Mar 2005 00:22:02 CST
GRAMPS 1.0.11 (the "What have the Romans done for us?" release) is
available for download at SourceForge (http://sf.net/projects/gramps)
This release is the latest in the current stable line of GRAMPS.
The 1.0.11 release is a bug fix release. Several minor bugs have been
fixed, and the language translations have been updated.
Source code and a package for Fedora Core 3 are available. Packages for
other distributions may become available over the next several days.
Don
FORWARDED VIA:
_____
_/ ____\____ Frederick Noronha * Freelance Journalist * Goa
\ __\/ \ India T +91.832.2409490 M +919822 122436
| | | | \ http://fn.swiki.net http://goabooks.swiki.net
|__| |___| / http://www.bytesforall.net http://www.bytesforall.org
\/ -----------------------------------------------------
Writing with a difference, on issues that really make the difference.
##########################################################################
# Send submissions for comp.os.linux.announce to: cola@stump.algebra.com #
# PLEASE remember a short description of the software and the LOCATION. #
# This group is archived at http://stump.algebra.com/~cola/ #
##########################################################################
------------------------------
From: "Frederick Noronha (FN)" <fred@bytesforall.org>
Subject: NEWS: Hurd/L4 Developer Marcus Brinkmann Interviewed
Date: Sun, 20 Mar 2005 04:29:46 CST
http://developers.slashdot.org/article.pl?sid=05/03/19/1411219
Hurd/L4 Developer Marcus Brinkmann Interviewed
GNU is Not Unix | Posted by CowboyNeal on Saturday March 19, @09:26AM
from the papa-on-brand-new-bag dept.
wikinerd writes "A few years ago when the GNU OS was almost complete, the
kernel was the last missing piece, and most distributors combined GNU with the
Linux kernel. But the GNU developers continued their efforts and unveiled the
Hurd in 1990s, which is currently a functioning prototype. After the Mach
microkernel was considered insufficient, some developers decided to start a new
project porting the Hurd on the more advanced L4 microkernel using cutting-edge
operating system design, thus creating the Hurd/L4. Last February one of the
main developers, Marcus Brinkmann, completed the process initialization code
and showed a screenshot of the first program executed on Hurd/L4 saying 'The
dinner is prepared!' Now he has granted an interview about Hurd/L4, explaining
the advantages of microkernels, the Hurd/L4 architecture, the project's goals
and how he started the Debian port to Hurd."
FORWARDED VIA:
_____
_/ ____\____ Frederick Noronha * Freelance Journalist * Goa
\ __\/ \ India T +91.832.2409490 M +919822 122436
| | | | \ http://fn.swiki.net http://goabooks.swiki.net
|__| |___| / http://www.bytesforall.net http://www.bytesforall.org
\/ -----------------------------------------------------
Writing with a difference, on issues that really make the difference.
##########################################################################
# Send submissions for comp.os.linux.announce to: cola@stump.algebra.com #
# PLEASE remember a short description of the software and the LOCATION. #
# This group is archived at http://stump.algebra.com/~cola/ #
##########################################################################
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: Linux-Announce-Request@NEWS-DIGESTS.MIT.EDU
You can submit announcements to be moderated via:
Internet: linux-announce@NEWS.ORNL.GOV
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Announce Digest
******************************
