[ale] Sunday 05-22-05 6PM RUN-AS-ROOT CHALLENGE

Geoffrey esoteric at 3times25.net
Thu May 19 20:19:04 EDT 2005


ChangingLINKS.com wrote:
> On Thursday May 19 2005 14:46, Geoffrey wrote:
> 
>>>>Re-flashing the BIOS is minor to rebuilding past work.
>>
>>How do you flash the bios to start with?  You must boot the machine,
>>usually from a floppy. 
> 
> 
> Why are you on this line of thinking?
> 
> I posed a challenge and you accepted it.
> Next, some people made the assumption that I am using a system design that is 
> read-only.
> 
> With that, you began to bring up destroying the bios - whereas before, (if I 
> remember correctly) you and others were planning to use traditional attacks 
> on the system (viruses, trojans, rm -rf /, etc). The latter attacks are more 
> common and closer to the topic of "running-as-root" but, I structured the 
> challenge and will honor it regardless of the strategy you pick.

You have no clue Drew.  There is no such thing as a 'traditional 
attack.'  Most viri and trojans are spawned by script kiddies who pick 
up code off the net.  They don't know how to write it or understand it, 
they just know how to run it.

I'm trying to make you understand that your concept of likely attackes 
is extremely narrow.

I for one would not ever do such a thing to anyone's computer.  #1 it's 
against the law. I would not risk my lively hood to prove such a point. 
#2 I prefer to share my knowledge, what little I have.

> Lesson: I learned to stop describing my system though - not for security 
> reasons as much as the invitation of more severe strategies.

Smart move.

> As you know, you will not have physical access to the machine.
> Therefore, you will have to do what you can while you are connected via 
> network card.

Not a problem.
> 
> Can you flash the BIOS without rebooting the computer?

Yes.

> If not, will your strategy be effective?

There are others.

> You are not sure that if you reboot the machine that the network card will 
> continue to be active.

That's not necessary either.

> Moreover, one security feature that I may have on my box is . . .
> . . . a script activated by a screensaver.

So?

> 
> What does the script do?
> 
> root at 34[etc]# cat eth0down 
> #!/bin/sh
> /sbin/ifconfig eth0 down

So?  You'll be using the box sometime.  If this is your plan for the 
test, to provide ip and password, then shutdown your network, what kind 
of test is that?

> I know some people would think that is a dumb idea, but I think it's 
> "genius"  . . . 
> On this box, I need the connection only when I am using the computer.

The key is, you will eventually use it.  I can also right a scripts. Say 
one that tests the connection to your machine (quietly) and notifies me 
via my cell, which could then connect to your box, upload the binary and 
run it.  I don't even need to do anything, except have my cell on. Need 
I say more?

> My hope is that you will still proceed with the challenge, concede my victory, 
> or just take full responsibility for getting my system fully functional.

I won't do any of the above.  As I noted in a previous email, repost 
your system issues and when I have time, I'll see what I can do to 
assist.  I'm on this list to learn and share what I learn.

<snip>

> I'd be far less optimistic if anyone else were to have accepted the challenge.

Then you give me entirely too much credit and no where near enough to 
others on this list.

-- 
Until later, Geoffrey



More information about the Ale mailing list