Hacking Linux - Security

This is a discussion on Hacking Linux - Security ; Hey can someone give me some pointers on how I can attack a total vulenerable linux operating system! Please note this is strictly for study purpose only, and part of one of my assignments. We need to install red hat ...

+ Reply to Thread
Results 1 to 16 of 16

Thread: Hacking Linux

  1. Hacking Linux

    Hey can someone give me some pointers on how I can attack a total
    vulenerable linux operating system!
    Please note this is strictly for study purpose only, and part of one of
    my assignments.

    We need to install red hat 9 and either install some basic firewall
    rules or leave it in its default stage. we then need to atleast launch
    3 attacks on the system. Well i figured one simple one would be the
    ping of death attack, but i need some pointers on other types as well
    and HOW to actually launch those atacks. I know some in theory but
    practically i havnt tried or even know how to do it.

    It would be great if anyone can help out

    Thanks


  2. Re: Hacking Linux

    On Sun, 01 Oct 2006 23:51:32 -0700, neil.bosh wrote:

    > Hey can someone give me some pointers on how I can attack a total
    > vulenerable linux operating system!
    > Please note this is strictly for study purpose only, and part of one of my
    > assignments.
    >
    > We need to install red hat 9 and either install some basic firewall rules
    > or leave it in its default stage. we then need to atleast launch 3 attacks
    > on the system. Well i figured one simple one would be the ping of death
    > attack, but i need some pointers on other types as well and HOW to
    > actually launch those atacks. I know some in theory but practically i
    > havnt tried or even know how to do it.
    >
    > It would be great if anyone can help out
    >
    > Thanks

    sure, a few simple steps really

    1. set your vulnerable Linux box on a sturdy surface
    2. take an 8lb. maul in both hands
    3. apply maul vigorously to the box
    4. go find another hobby

    HTH


  3. Re: Hacking Linux

    neil.bosh@gmail.com said the following on 2006-10-02 08:51:
    > Hey can someone give me some pointers on how I can attack a total
    > vulenerable linux operating system!
    > Please note this is strictly for study purpose only, and part of one of
    > my assignments.
    >
    > We need to install red hat 9 and either install some basic firewall
    > rules or leave it in its default stage. we then need to atleast launch
    > 3 attacks on the system. Well i figured one simple one would be the
    > ping of death attack, but i need some pointers on other types as well
    > and HOW to actually launch those atacks. I know some in theory but
    > practically i havnt tried or even know how to do it.
    >
    > It would be great if anyone can help out


    If it's an assignment, I'm pretty sure it's _your_ job to find out how
    to launch the attacks. JFGI.

    --
    Jon Solberg (remove "nospam" from email address).

  4. Re: Hacking Linux

    well u can try ping of death attack..which u have alreadty
    mentioned...well you can basically do this by:
    ping -l 65510 your.host.ip.address

    basically u can read about ping of death thing from the internet !!!

    You can also go for password based attack..dictionary attacks..by using
    some softwares such as the ones you can get it from here

    http://www.openwall.com/john/

    well this software would not be much use in the real world as it just
    does some simple dictionary attacks but..since u say it is for your
    study purpose only..which i hope so..well u can get these from the net
    anyway...so i was saying that this software lauches attacks on simple
    english based words and good for the presentation purpose:

    Enjoy !!

    P.S
    this is to Jon and the previous knuckle head..well basically the first
    guy needs to find himself another hobby..rather than wasting posts in
    the forums..and to jon..stating that the original poster should try to
    do his own homework..i think it was clear he was doing exactly that..he
    just asked for help.he didnt ask u to do and submit it for them. Well i
    dnt know..but maybe forums well established to help..dnt u think so..if
    not stay off the the forums...


  5. Re: Hacking Linux

    wrote in message
    news:1159804675.228324.17920@b28g2000cwb.googlegro ups.com

    > well u can try ping of death attack..which u have alreadty
    > mentioned...

    ....

    From: neil.bosh@gmail.com
    NNTP-Posting-Host: 220.239.110.206

    From: shaun.inevitable@gmail.com
    NNTP-Posting-Host: 220.239.110.206

    Why are you having a public conversation with yourself?

  6. Re: Hacking Linux

    neil.bosh@gmail.com (06-10-01 23:51:32):

    > Hey can someone give me some pointers on how I can attack a total
    > vulenerable linux operating system!


    "Totally vulnerable"? Either it's vulnerable, or it's not.


    > Please note this is strictly for study purpose only, and part of one
    > of my assignments.


    Sure.


    > We need to install red hat 9 and either install some basic firewall
    > rules or leave it in its default stage. we then need to atleast launch
    > 3 attacks on the system. Well i figured one simple one would be the
    > ping of death attack, but i need some pointers on other types as well
    > and HOW to actually launch those atacks. I know some in theory but
    > practically i havnt tried or even know how to do it.


    The "ping of death" (what an eeeeevil name) is an old attack; so old
    that you'll find rusty swastikas on it. The same holds for every other
    attack you're going to try. In other words: Save your time. It's not
    worth it.

    But there's still light. Use an axe to attack your box. Or just find
    another hobby, but that has been already suggested by others. Have fun.


    Regards,
    E.S.

  7. Re: Hacking Linux

    On 1 Oct 2006, in the Usenet newsgroup comp.os.linux.security, in article
    <1159771892.886964.276720@i42g2000cwa.googlegroups. com>, neil.bosh@gmail.com
    wrote:

    >Hey can someone give me some pointers on how I can attack a total
    >vulenerable linux operating system!


    Linux comes with a large number of 'HOWTO' documents. The one you want is:

    Web Results 1 - 10 of about 384 for script-kiddy-HOWTO. (0.39
    seconds)

    This , Like the world is only what you perceive it to be */ Q:"How ...
    /* This , Like the world is only what you perceive it to be */ Q:"How Do
    I Become A Hacker?" A: learn to code , install SunOS , get a SPARC ,
    devote the ...
    www.manero.org/archive/manero.
    yossman.net-1999/rlga/script-kiddy-HOWTO.txt - 8k - Cached -

    >Please note this is strictly for study purpose only, and part of one of
    >my assignments.


    Perhaps you should ask your instructor for assistance.

    >We need to install red hat 9 and either install some basic firewall
    >rules or leave it in its default stage. we then need to atleast launch
    >3 attacks on the system. Well i figured one simple one would be the
    >ping of death attack,


    The ping of death only worked on windoze95 and 98 - I _think_ they
    finally patched that little problem in 98SE or ME. It never had any
    effect on Linux, *BSD or indeed _any_ other operating system. You've
    probably been spending to much time in h4x0rZ chat rooms.

    >but i need some pointers on other types as well
    >and HOW to actually launch those atacks.


    Seeing as how RH9 was obsolete three years ago, maybe you can still
    find the data on the Red Hat security site.

    >I know some in theory but practically i havnt tried or even know how
    >to do it.


    I suspect that HOWTO above will help you.

    >It would be great if anyone can help out


    But then, your instructor probably has other ideas.

    Old guy

  8. Re: Hacking Linux


    ynotssor wrote:
    > wrote in message
    > news:1159804675.228324.17920@b28g2000cwb.googlegro ups.com
    >
    > > well u can try ping of death attack..which u have alreadty
    > > mentioned...

    > ...
    >
    > From: neil.bosh@gmail.com
    > NNTP-Posting-Host: 220.239.110.206
    >
    > From: shaun.inevitable@gmail.com
    > NNTP-Posting-Host: 220.239.110.206
    >
    > Why are you having a public conversation with yourself?


    dude..having two post coming out of the same ip address doesnt
    neccesary mean it came from the same person !!!...do u think i dnt know
    you can actually find out the source ip address of the poster...but
    then again think whatever u may...


  9. Re: Hacking Linux

    On Mon, 02 Oct 2006 18:40:27 -0700, shaun.inevitable wrote:

    >
    > ynotssor wrote:
    >> wrote in message
    >> news:1159804675.228324.17920@b28g2000cwb.googlegro ups.com
    >>
    >> > well u can try ping of death attack..which u have alreadty
    >> > mentioned...

    >> ...
    >>
    >> From: neil.bosh@gmail.com
    >> NNTP-Posting-Host: 220.239.110.206
    >>
    >> From: shaun.inevitable@gmail.com
    >> NNTP-Posting-Host: 220.239.110.206
    >>
    >> Why are you having a public conversation with yourself?

    >
    > dude..having two post coming out of the same ip address doesnt neccesary
    > mean it came from the same person !!!...do u think i dnt know you can
    > actually find out the source ip address of the poster...but then again
    > think whatever u may...





  10. Re: Hacking Linux

    wrote in message
    news:1159839627.318267.310090@k70g2000cwa.googlegr oups.com

    >> From: neil.bosh@gmail.com
    >> NNTP-Posting-Host: 220.239.110.206
    >>
    >> From: shaun.inevitable@gmail.com
    >> NNTP-Posting-Host: 220.239.110.206
    >>
    >> Why are you having a public conversation with yourself?

    >
    > dude..having two post coming out of the same ip address doesnt
    > neccesary mean it came from the same person


    You're only fooling yourself.

  11. Re: Hacking Linux

    Moe Trin wrote:

    > On 1 Oct 2006, in the Usenet newsgroup comp.os.linux.security, in article
    > <1159771892.886964.276720@i42g2000cwa.googlegroups. com>,
    > neil.bosh@gmail.com wrote:
    >
    >>Hey can someone give me some pointers on how I can attack a total
    >>vulenerable linux operating system!

    >
    > Linux comes with a large number of 'HOWTO' documents. The one you want is:
    >
    > Web Results 1 - 10 of about 384 for script-kiddy-HOWTO. (0.39
    > seconds)
    >
    > This , Like the world is only what you perceive it to be */ Q:"How ...
    > /* This , Like the world is only what you perceive it to be */ Q:"How
    > Do I Become A Hacker?" A: learn to code , install SunOS , get a SPARC ,
    > devote the ...
    > www.manero.org/archive/manero.
    > yossman.net-1999/rlga/script-kiddy-HOWTO.txt - 8k - Cached -
    >
    >>Please note this is strictly for study purpose only, and part of one of
    >>my assignments.

    >
    > Perhaps you should ask your instructor for assistance.
    >
    >>We need to install red hat 9 and either install some basic firewall
    >>rules or leave it in its default stage. we then need to atleast launch
    >>3 attacks on the system. Well i figured one simple one would be the
    >>ping of death attack,

    >
    > The ping of death only worked on windoze95 and 98 - I _think_ they
    > finally patched that little problem in 98SE or ME. It never had any
    > effect on Linux, *BSD or indeed _any_ other operating system. You've
    > probably been spending to much time in h4x0rZ chat rooms.
    >
    >>but i need some pointers on other types as well
    >>and HOW to actually launch those atacks.

    >
    > Seeing as how RH9 was obsolete three years ago, maybe you can still
    > find the data on the Red Hat security site.
    >
    >>I know some in theory but practically i havnt tried or even know how
    >>to do it.

    >
    > I suspect that HOWTO above will help you.
    >
    >>It would be great if anyone can help out

    >
    > But then, your instructor probably has other ideas.
    >
    > Old guy



    Damn that was nice...

  12. Re: Hacking Linux

    On 2006-10-03, shaun.inevitable@gmail.com wrote:
    >
    > ynotssor wrote:
    >>
    >> From: neil.bosh@gmail.com
    >> NNTP-Posting-Host: 220.239.110.206
    >>
    >> From: shaun.inevitable@gmail.com
    >> NNTP-Posting-Host: 220.239.110.206
    >>

    > dude..having two post coming out of the same ip address doesnt
    > neccesary mean it came from the same person !!!


    Why don't you answer ''neil's'' question, then, ''shaun''. !!! Who
    knows, he might be the only person on earth who could find it
    intelligible.

    --keith

    --
    kkeller-usenet@wombat.san-francisco.ca.us
    (try just my userid to email me)
    AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
    see X- headers for PGP signature information


  13. Re: Hacking Linux

    ynotssor said the following on 2006-10-02 18:57:
    > wrote in message
    > news:1159804675.228324.17920@b28g2000cwb.googlegro ups.com
    >
    >> well u can try ping of death attack..which u have alreadty
    >> mentioned...

    > ...
    >
    > From: neil.bosh@gmail.com
    > NNTP-Posting-Host: 220.239.110.206
    >
    > From: shaun.inevitable@gmail.com
    > NNTP-Posting-Host: 220.239.110.206
    >
    > Why are you having a public conversation with yourself?


    *ROTFL*

    How come I'm not surprised?

    --
    Jon Solberg (remove "nospam" from email address).

  14. Re: Hacking Linux


    "Moe Trin" wrote in message
    news:slrnei2sbr.vhh.ibuprofin@compton.phx.az.us...
    >
    > The ping of death only worked on windoze95 and 98 - I _think_ they
    > finally patched that little problem in 98SE or ME. It never had any
    > effect on Linux, *BSD or indeed _any_ other operating system. You've
    > probably been spending to much time in h4x0rZ chat rooms.
    >




    Actually, I am surprised this got by you, Moe...!

    You may recall an ICMP packet of a certain size being able to lock-up
    various Linuxes about 10-11 years ago. Even if you dont, I do. I recall
    sitting on IRC (no, not haxor chatrooms, but 'OPER' type rooms)
    watching kids playing wack-a-mole for hours and hours, and it was
    nearly as bad as the Windows OOB bug. These poor folks were barely
    able to get out their cry for help where before long you would see the
    widespread telltale "connection timed out" drops from the various
    channels.

    Then there was another nice packet that specified purposefully incorrect
    IP options in the ICMP header to bring down yet another Linux kernel.
    So I guess this may be better referred to as "pings of death" as opposed
    to "THE ping of death" because there were definitely more than one.
    And they did work at the time, just not on everything.


    jcj

    apologies for the hasty edit.
    Happy Friday.











  15. Re: Hacking Linux

    The Best way is get a pix firewall

    Network solution for tomorrow.
    LinkWaves Corp
    29980 Technology Dr. Suite 6 Murrieta, CA 92563 USA
    Tel: 909-725-9143 Tel: 877-207-8998
    Fax: 707-221-3762 AIM: johnlinkwaves
    email: sales(at)linkwaves.com
    Email: ciscoseller(at)gmail.com
    http://www.linkwaves.com


    Jay C. James wrote:
    > "Moe Trin" wrote in message
    > news:slrnei2sbr.vhh.ibuprofin@compton.phx.az.us...
    > >
    > > The ping of death only worked on windoze95 and 98 - I _think_ they
    > > finally patched that little problem in 98SE or ME. It never had any
    > > effect on Linux, *BSD or indeed _any_ other operating system. You've
    > > probably been spending to much time in h4x0rZ chat rooms.
    > >

    >
    >
    >
    > Actually, I am surprised this got by you, Moe...!
    >
    > You may recall an ICMP packet of a certain size being able to lock-up
    > various Linuxes about 10-11 years ago. Even if you dont, I do. I recall
    > sitting on IRC (no, not haxor chatrooms, but 'OPER' type rooms)
    > watching kids playing wack-a-mole for hours and hours, and it was
    > nearly as bad as the Windows OOB bug. These poor folks were barely
    > able to get out their cry for help where before long you would see the
    > widespread telltale "connection timed out" drops from the various
    > channels.
    >
    > Then there was another nice packet that specified purposefully incorrect
    > IP options in the ICMP header to bring down yet another Linux kernel.
    > So I guess this may be better referred to as "pings of death" as opposed
    > to "THE ping of death" because there were definitely more than one.
    > And they did work at the time, just not on everything.
    >
    >
    > jcj
    >
    > apologies for the hasty edit.
    > Happy Friday.



  16. Re: Hacking Linux

    > The Best way is get a pix firewall
    >
    > Network solution for tomorrow.
    > LinkWaves Corp



    hahaha, so you're selling vulnerable firewalls? People like you waste
    diskspace, bandwidth and oxygen.

    If you have vulnerable services installed, you can use some no-brained
    exploit(-framework) to break in. If that's your assignment and I'd be
    your teacher, i'd fail you.


+ Reply to Thread