MAny years ago I was unable to get a static ip at my house, but my dad was, so he signed up for acedsl and a static ip and I set up a linux machine for my dad to run a webserver and mail and for me to do whatever.
I've long since abandoned this machine for my uses, but my dad still uses it and I noticed last week that I couldn't log into it anymore. Nothing was wrong, but I made very few ways in, and all those ways went away.
So anyway, I went over today to open up some more holes in the firewall so I could log in.
I find when I ssh to it now, it says:
I look on the web, and there's a known vulnerability with this version sigh.
Now the history.
I booted this machine. It's running a version of redhat so old there was no fedora.
The file dates are early 2003.
It's got a 686, with get this: 64meg of memory, and 2 gig of hard drive.
I think I slapped this machine together from parts.
Now I never touch this machine, never upgrade it never do anything, and as long as nobody hacks it, I'm fine until it dies of old age, which I'm amazed hasn't happened yet.
What to do. I don't want to spend money, and I don't want to spend any time, I just want this poor decision of mine from 7 years ago to go away.
Ican't upgrade ssh (I'm guessing) because there'll be zillions of dependancies that I won't be able to install, and even from source, I'm sure it wont compile on gcc (GCC) 3.2 20020903 (Red Hat Linux 8.0 3.2-7)
Red har linux appaerent was release sept 30 2002.
So, how do I keep this machine very getting hacked, and what do I do about it anyway.
This is why the tech upgrade cycle sucks. I just don't want to deal with this mess, but I have to do something.
There's an IBM PC XT running there (complete with 5.25 disk drive) that runs an infralyzer (a spectrum analyzer he designed for his company in the 70's)
The software that runs the infralyzer was written for the PC, and thus has timing loops based on a 4.77Mhz clock cycle. If he runs it on anything faster the program reports that the instrument times out, because it burns through the timing loop so quickly.
Ahhh technology. No he doesn't have the source code, and he didn't write it.
sitting next to the XT is another AT class machine I think. It runs windows 3.1. I'm not exactly sure what it does but it's labeled "communications" so I think this is the one he runs email on. SMTP goes back a long way and still works. So figure he's never going to get a virus via email.
Then I think my linux box comes next in terms of patheticness.
Then there's 2 p200s with a gig of memory and some small hard drive. Not sur what they're for. And finally a laptop that I think most of you would recognize as coming from this century.
It's quite a museum over ther.
I meant to take pictures before I left to show you guys.
But I thought BSD was dead?
I have an Asus EeePC 1000HE.
Jan 2 2010 3:45pm from ax25 @uncnsrdWell, BSD itself is long dead, but three spinoffs, FreeBSD, NetBSD, and OpenBSD are still going strong. OpenBSD is focused on security 100%, no comprimises, and the OpenSSL and OpenSSH projects are spun off from OpenBSD.
But I thought BSD was dead?
But I thought BSD was dead?
Netcraft confirms it!
Mon Jan 04 2010 05:24:45 AM EST from dothebart @ Uncensored
Did you not?
I did. Thats why it came with a Netware client.
See also: Canopy Group
Sa Jan 02 2010 19:21:45 EST von Omeron @ UncensoredHas anyone put Slackware on a Netbook? I think I will have to make a special version, since I need software speech synthesis, a screen-reader, etc. Fun times.
fluxflux is a slackware based netbook distro. So far it's running well on my eee701.
Well yeah, OpenSSH was designed to run on OpenBSD, so it's not exactly
expecting a robust operating system architecture to exist underneath it
Right. It would have to be completely paranoid about the infrastructure underneath it, if it were designed by deraadt and his goon squad.
Oh, and it would have to refuse to use portable libc functions, in favor of their paranoid alternatives...
"OpenSSH is developed by two teams. One team does strictly OpenBSD-based development, aiming to produce code that is as clean, simple, and secure as possible. We believe that simplicity without the portability "goop" allows for better code quality control and easier review. The other team then takes the clean version and makes it portable (adding the "goop") to make it run on many operating systems -- the so-called -p releases, ie "OpenSSH 5.3p1"."
I'm not sure I agree with that. It's not *that* hard to write portable code if you work at it.
well, if your portability list contains openbsd, solaris, linux, cygwin, you're already on a good path to cryfty code.
Of course since I'm not a terribly big fan of shared libraries and no two systems have a portable working libc and especially because in this case, is worked and saved me a lot of reconfiguring/installing/building/buying hardware, I'm kinda happy that these nutcases go out of their way.
I'm not sure I see the point of the openbsd specific version, but hey, whatever, keeps them off the streets at night.
I'll bet that OpenBSD's team still doesn't even use modern techniques like test coverage analysis. They are still heavily invested in the concept of the programmer as deity, much as djb is.
simple, and secure as possible. We believe that simplicity without the
portability "goop" allows for better code quality control and easier
review. The other team then takes the clean version and makes it
A pathetic excuse. A well-designed system just doesn't have portability issues. Java for instance has managed to cleanly encapsulate all the POSIX functions that are necessary to build a portable program, with full async I/O and whatnot. If you do things the right way, you should have to do #ifdef on the same HAVE_WHATEVER symbol more than once in your entire codebase.
The reality is that deraadt and his goon squad don't play well with others, and are interested in creating artificial barriers to the adoption of their patches by the original source providers. This is a prime example.
The thing about java encapsulating... well.... I dont' know how all the java libraries are ported between systems, but it can't be all that pretty.