Vulnerability Development mailing list archives
Re: Kill the DOG and win 100 000 DM
From: Lincoln Yeoh <lyeoh () POP JARING MY>
Date: Mon, 6 Nov 2000 14:38:13 +0800
Hmm. The IP is released but I can't reach the webserver - following doesn't work: http://193.102.208.43/ Maybe the site is already experiencing DOS attacks. At 09:50 PM 05-11-2000 -0500, //Stany wrote:
On Mon, 6 Nov 2000, Jay Tribick wrote:root doesn't actually have any privileges on a Pitbull system.. he's just a normal user (out of the box..)Actually that's not strictly true either - root user has enough priviledges to allow the system to boot on power on (not the OBP security levels, but the PB authentication to let system finish booting up), but that's about it, yes.
How is remote administration performed? The documentation available online says that there is a tool for remote admin, but doesn't go into the details. I think it's ssh. Is it possible to telnet in, su to root, then run some program to upgrade your authority? Or telnet in, change your level/authority, then su to root? For example for Cyberguard on Unixware, you run /sbin/tfadmin newlvl sys_private. And in theory you're not supposed to be able to do it when you telnet in from a device at NETWORK level. You can't do that anymore. But point is often reality refuses to follow theory ;). For Pitbull systems, what does /tbin/setsecconfig -D0 do? From: https://www.argus-systems.com/support/knowledge_base/trouble.shtml#18 I tried to check their online manual, but the manpage doesn't seem to be there, even though that command is mentioned in the other manpages dealing with privileges and related commands.
..if anyone would like Jeff Thompsons talk from Defcon 7 on "Hacking B1 Trusted Operating Systems", send me an email and I'll put it up somewhere.Sure, please. Knowledge is power, and all that...
It's actually on one of the sites mentioned in the post: http://www.argusrevolution.com/downloads/DefCon.ppt From: http://www.argusrevolution.com/pitbullsupport.html Do you know where I can find the release notes for Pitbull? e.g. what bugs they fixed in each release? This would be more interesting - you find out what the developers are having trouble with. Anyway, I may just poke around when they release root - too lazy to get a special Solaris 7 and a copy of Pitbull. That is if I can telnet in with all the DOS attacks going on ;). Cheerio, Link.
Current thread:
- Kill the DOG and win 100 000 DM Pluym Christian (Nov 05)
- Re: Kill the DOG and win 100 000 DM Lincoln Yeoh (Nov 05)
- Re: Kill the DOG and win 100 000 DM Steve (Nov 05)
- Re: Kill the DOG and win 100 000 DM Talisker (Nov 05)
- Re: Kill the DOG and win 100 000 DM Lincoln Yeoh (Nov 06)
- Re: Kill the DOG and win 100 000 DM //Stany (Nov 06)
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 06)
- Re: Kill the DOG and win 100 000 DM //Stany (Nov 06)
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 07)
- Re: Kill the DOG and win 100 000 DM ratz (Nov 07)
- Message not available
- Re: Kill the DOG and win 100 000 DM Lincoln Yeoh (Nov 07)
- Re: Kill the DOG and win 100 000 DM Sven van 't Veer (Nov 07)
- Message not available
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 07)
- Re: Kill the DOG and win 100 000 DM Talisker (Nov 05)
- <Possible follow-ups>
- Re: Kill the DOG and win 100 000 DM Shawn Badolian (Nov 07)
- Re: Kill the DOG and win 100 000 DM Ken Pfeil (Nov 07)
- Re: Kill the DOG and win 100 000 DM John Herron (Nov 07)
- Re: Kill the DOG and win 100 000 DM Christian Schwalm (Nov 07)
- Re: Kill the DOG and win 100 000 DM James Cox (Nov 07)
- Re: Kill the DOG and win 100 000 DM Fabio Pietrosanti (naif) (Nov 08)
- Re: Kill the DOG and win 100 000 DM Christian Schwalm (Nov 07)
- Re: Kill the DOG and win 100 000 DM Ben Grubin (Nov 07)