From owner-freebsd-questions Thu Aug 12 11:14:58 1999 Delivered-To: freebsd-questions@freebsd.org Received: from radius.wavefire.com (radius.workfire.net [139.142.95.252]) by hub.freebsd.org (Postfix) with SMTP id 2C1EB14CF3 for ; Thu, 12 Aug 1999 11:14:51 -0700 (PDT) (envelope-from swen@wavefire.com) Received: (qmail 12470 invoked from network); 12 Aug 1999 18:30:44 -0000 Received: from unknown (HELO swen) (139.142.95.222) by radius.workfire.net with SMTP; 12 Aug 1999 18:30:44 -0000 Message-Id: <3.0.32.19990812111314.009874b0@mail.wavefire.com> X-Sender: swen@mail.wavefire.com X-Mailer: Windows Eudora Pro Version 3.0 (32) Date: Thu, 12 Aug 1999 11:13:14 -0700 To: freebsd-questions@freebsd.org From: Chameleon Subject: Re: Microsoft ask users to crack win2000 site (fwd) Mime-Version: 1.0 Content-Type: text/enriched; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I for one, don't really see the point... just wait a 1/2 hour and let= Windows 2000 die on its own. It will make a bigger mess and die a longer= death than any 100 hackers could do to it neway... you have to realize that= Gates has put lots and lots of monkeys to work trying to hash the code up= into little tiny pieces. What could we do that they haven't done to themselves?=20 (other than make it work) Swen Kabis At 10:55 AM 8/12/99 -0700, you wrote: >www.slashdot.org has lots of notes on it and other things UNIX. > > Bri > >On Wed, 11 Aug 1999, Bill A. K. wrote: > >> Does anybody have any information on how to get in on this MS testing >>=20 >> please let me know >>=20 >>=20 >> bill >> billieakay@yahoo.com >>=20 >> ----- Original Message ----- >> From: Berndt WULF < >> To: <; < >> Cc: <; < >> Sent: Tuesday, August 10, 1999 10:18 PM >> Subject: Re: Microsoft ask users to crack win2000 site (fwd) >>=20 >>=20 >> Worse still, do we want to debug their operating sytem for them free of >> charge? >> After all, this is a task for MS' software test engineers - right? >>=20 >> cheerio Berndt >>=20 >> >>> Roy Bettle < 11/08/99 2:45:18 >>> >> Two issues to bear in mind: >>=20 >> 1) M$ is having a hard enough time just getting the Win2K computer to= stay >> running. The first time they turned it on and placed it "in the line of >> fire" >> for this challenge, it crashed within 4 hours and was subsequently down= for >> over 24 hours. >>=20 >> Summary: Do any of us in the *BSD community want to be associated with >> something so ridiculously unstable? >>=20 >> 2) This is obviously an attempt by M$ to have those of us in the Open= Source >> community help them learn how to write a decent OS. >>=20 >> Summary: After all the crap we've had to put up with from M$ - from the >> media >> to the products we may have had to support in our "day jobs" - do we= really >> want to help these $%!^*()& at all? >>=20 >> Just my $0.02. >>=20 >> RAB >>=20 >>=20 >> John Horn wrote: >>=20 >> > This came through on BUGTRAQ last week. A new posting on BUGTRAQ= indicates >> > that LinuxPPC has issued a similar challenge with similar or identical >> > rules. I'm wondering if there may be some fame or notoriety to be= gained >> > for OBSD by joining in this challenge. It probably won't be difficult, >> > or long, before someone breaks in to the NT2K challenge site so there= may >> > not be much time. >> > >> > Just an idea. >> > >> > Regards: >> > >> > John Horn >> > City of Tucson, IT Dept. >> > jhorn1@desperate.ci.tucson.az.us >> > >> > ---------- Forwarded message ---------- >> > Date: Tue, 3 Aug 1999 19:05:33 +0200 >> > From: Peter Lowe < >> > To: BUGTRAQ@SECURITYFOCUS.COM >> > Subject: Microsoft ask users to crack win2000 site >> > >> > [ executive summary: Microsoft are asking you to crack their >> > machine running on win2k and iis. ] >> > >> > I haven't seen anything about this on bugtraq before, and I'm not >> > entirely sure if it's appropriate, but this is from >> > http://www.windows2000test.com/ground_rules.htm: >> > >> > Microsoft Internet Explorer >> > Microsoft Windows 2000 Server with Internet Information Server. >> > >> > Ground Rules >> > >> > 1. Make it Interesting >> > >> > Good safe computing practices on the Internet involve placing >> > critical systems behind firewall-type devices. For this >> > testing, we are intentionally not putting these machines behind >> > a firewall. This mean that you could slow these machines down >> > by tossing millions of random packets at them if you have >> > enough bandwidth on your end. If that happens, we will simply >> > start filtering traffic. Instead, find the interesting "magic >> > bullet" that will bring the machine down. >> > >> > 2. Compromise an account >> > >> > Windows 2000 computers can have multiple user accounts and >> > groups. See if you can find a way to logon with one of these >> > accounts. >> > >> > 3. Change something you shouldn't have access to >> > >> > See if you can change any files or content on the server. If >> > you manage, no foul or rude statements please. >> > >> > 4. Get something you shouldn't have >> > >> > There are hidden messages sprinkled around the computer. See if >> > you can find them. >> > >> > 5. Our goal is to configure the system to thwart your attempts >> > >> > The goal is to see how a properly secured machine will stand up >> > to attack. These machines are configured to prevent known >> > attacks. >> > >> > 6. This is a test site >> > >> > You are welcome to attempt to compromise this site, and this >> > site only. This is your chance to do a practical test of >> > Microsoft Windows 2000's security. >> > >> > 7. Tell us about your exploits >> > >> > If you find something, send us some email at >> > w2000its@microsoft.com. >> > =A9 1999 Microsoft Corporation. All rights reserved. Terms of >> > Use. >> > >> > -- >> > Peter Lowe -- System Administrator, Telenor Internet >> > http://www.ti.cz/ -- pgl@ti.cz >> > >> > Everything I know in life I learnt from .sigs. >>=20 >>=20 >>=20 >>=20 >>=20 >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-questions" in the body of the message >>=20 >>=20 >>=20 >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-questions" in the body of the message >>=20 > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > > ~ -----BEGIN GEEK CODE BLOCK----- GCS/O d-(+) s:+>:- a- C++++ UB++$>++++$ P+ L++>++++$ E-- W++(++) N+ o? K? w--- O- M-- V-- PS+ PE@ Y PGP t++ 5++ X R* tv++ b+++(+) DI++ D+++ G++ e++ h---->$ r+++ x** -----END GEEK CODE BLOCK----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message