[ale] Linux Distributions

ChangingLINKS.com groups at ChangingLINKS.com
Tue May 17 17:10:29 EDT 2005 

On Tuesday May 17 2005 15:22, Geoffrey wrote:
> > I am your opposite here.
> > My logic was to find out why they made their statements, and then
> > configure a system that won't have the weaknesses they they point out.
> > With Linux, I have the luxury of building a system that won't be as
> > "insecure" as the systems of the "experts." My system is configured so
> > that even an expert could run it as root and not screw it up. ;) More
> > importantly, it is setup so that someone like me (who just uses Linux to
> > get things done) can run the box well without having my poor admin skills
> > be a factor.
>
> If you really believe that, post your ip address, root password to the
> list and we'll see how long your machine remains available (much less
> secure).

OK. I will. When would be a good time? Sunday would be good for me.
How long do you want me to leave it open?
As you know, (you and I) and (Bob Toxen and I) had trouble getting past the 
first firewall. You will need to help me remember how to open it up again. 
No, I will wire the modem directly to the computer - to make it easy on you.

I will give you all the IP address.
I will DROP the remaining firewalls.
I will give you *all* my root password.


CHALLENGE: 
1. If no one can down/infect/harm my system for more than 20 minutes TOTAL - 
you fix (or have fixed) the 6 problems that I posted (and give me exact 
directions on how to apply the fixes myself.)

2. IF you (with the help of everyone on this list) CAN down/infect/harm my 
system for more than 20 minutes - I'll pay you $100.





I would like to extend this challenge in the same way Bob Toxen did. 
There will be a set time with which you can attempt to hack/harm the system. 
After that, I will recover the box within 5 minutes (barring the transfer time 
of data). I will present the facts on exactly HOW I restored the system - and 
summarily prove that "the system is clean and fully operational."

(In good faith: 
I will NOT remove or add any hardware to the system during or after the hack 
attempt.)

On the other hand, if you one of you IS able to down my system for more than 
20 minutes TOTAL, you will simply give me the information on how it was done.
(Hopefully, it goes without saying that no one can physically enter my home.)

I present this challenge to *you* Geoffrey because I believe that you have all 
that it takes to solve the 6 problems that have stumped so many others.

This challenge should be sufficient for the "never run as root" people to 
prove their point - especially in light of the fact that I will be turning 
OFF security features and proving you ALL with direct access to /
-- 
Wishing you Happiness, Joy, and Laughter,
Drew Brown
http://www.ChangingLINKS.com

More information about the Ale mailing list