Language:
switch to room list switch to menu My folders
Go to page: First ... 40 41 42 43 [44] 45 46 47 48 ... Last
[#] Fri Jan 01 2010 18:56:04 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Here's an interesting step back in time.
MAny years ago I was unable to get a static ip at my house, but my dad was, so he signed up for acedsl and a static ip and I set up a linux machine for my dad to run a webserver and mail and for me to do whatever.
I've long since abandoned this machine for my uses, but my dad still uses it and I noticed last week that I couldn't log into it anymore. Nothing was wrong, but I made very few ways in, and all those ways went away.
So anyway, I went over today to open up some more holes in the firewall so I could log in.
I find when I ssh to it now, it says:
SSH-1.99-OpenSSH_3.4p1

I look on the web, and there's a known vulnerability with this version sigh.

Now the history.
I booted this machine. It's running a version of redhat so old there was no fedora.
The file dates are early 2003.
It's got a 686, with get this: 64meg of memory, and 2 gig of hard drive.
I think I slapped this machine together from parts.
Now I never touch this machine, never upgrade it never do anything, and as long as nobody hacks it, I'm fine until it dies of old age, which I'm amazed hasn't happened yet.

What to do. I don't want to spend money, and I don't want to spend any time, I just want this poor decision of mine from 7 years ago to go away.
Ican't upgrade ssh (I'm guessing) because there'll be zillions of dependancies that I won't be able to install, and even from source, I'm sure it wont compile on gcc (GCC) 3.2 20020903 (Red Hat Linux 8.0 3.2-7)
Red har linux appaerent was release sept 30 2002.

So, how do I keep this machine very getting hacked, and what do I do about it anyway.
This is why the tech upgrade cycle sucks. I just don't want to deal with this mess, but I have to do something.

[#] Fri Jan 01 2010 19:01:56 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Oh, and to give you some perspective of what's runnig at my dad's house...
There's an IBM PC XT running there (complete with 5.25 disk drive) that runs an infralyzer (a spectrum analyzer he designed for his company in the 70's)
The software that runs the infralyzer was written for the PC, and thus has timing loops based on a 4.77Mhz clock cycle. If he runs it on anything faster the program reports that the instrument times out, because it burns through the timing loop so quickly.
Ahhh technology. No he doesn't have the source code, and he didn't write it.

sitting next to the XT is another AT class machine I think. It runs windows 3.1. I'm not exactly sure what it does but it's labeled "communications" so I think this is the one he runs email on. SMTP goes back a long way and still works. So figure he's never going to get a virus via email.
Then I think my linux box comes next in terms of patheticness.
Then there's 2 p200s with a gig of memory and some small hard drive. Not sur what they're for. And finally a laptop that I think most of you would recognize as coming from this century.

It's quite a museum over ther.
I meant to take pictures before I left to show you guys.

[#] Fri Jan 01 2010 20:03:02 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

hunh, you know? I just compiled the latest openssh sshd, and it built. Hunh.

[#] Sat Jan 02 2010 14:29:11 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Well yeah, OpenSSH was designed to run on OpenBSD, so it's not exactly expecting a robust operating system architecture to exist underneath it :)

[#] Sat Jan 02 2010 17:45:33 EST from ax25 @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

But I thought BSD was dead?



[#] Sat Jan 02 2010 19:21:45 EST from Omeron @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Has anyone put Slackware on a Netbook? I think I will have to make a special version, since I need software speech synthesis, a screen-reader, etc. Fun times.

I have an Asus EeePC 1000HE.

[#] Sat Jan 02 2010 22:32:13 EST from cellofellow @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Jan 2 2010 3:45pm from ax25 @uncnsrd
But I thought BSD was dead?


Well, BSD itself is long dead, but three spinoffs, FreeBSD, NetBSD, and OpenBSD are still going strong. OpenBSD is focused on security 100%, no comprimises, and the OpenSSL and OpenSSH projects are spun off from OpenBSD.

-Josh

[#] Sun Jan 03 2010 10:16:31 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

But I thought BSD was dead?

Netcraft confirms it!

[#] Mon Jan 04 2010 05:24:45 EST from dothebart @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

hm, didn't know caldera was founded "out of novell"

http://www.linux-mag.com/id/7651/2/



[#] Mon Jan 04 2010 07:46:33 EST from davew @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

 

Mon Jan 04 2010 05:24:45 AM EST from dothebart @ Uncensored

hm, didn't know caldera was founded "out of novell"

http://www.linux-mag.com/id/7651/2/



Did you not?

I did. Thats why it came with a Netware client.



[#] Mon Jan 04 2010 10:25:30 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Not only was Caldera founded out of Novell, but when they renamed themselves to "The SCO Group" they also spun off the original SCO people into a different company.

See also: Canopy Group

[#] Mon Jan 04 2010 10:59:53 EST from Stefan @ Uncensored

Subject: fluxflux

[Reply] [ReplyQuoted] [Headers] [Print]

 

Sa Jan 02 2010 19:21:45 EST von Omeron @ Uncensored
Has anyone put Slackware on a Netbook? I think I will have to make a special version, since I need software speech synthesis, a screen-reader, etc. Fun times.

fluxflux is a slackware based netbook distro. So far it's running well on my eee701.



[#] Mon Jan 04 2010 13:45:00 EST from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Well yeah, OpenSSH was designed to run on OpenBSD, so it's not exactly

expecting a robust operating system architecture to exist underneath it


Right. It would have to be completely paranoid about the infrastructure underneath it, if it were designed by deraadt and his goon squad.

Oh, and it would have to refuse to use portable libc functions, in favor of their paranoid alternatives...

[#] Mon Jan 04 2010 15:18:06 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Well, they kind of do both, which is why they have "native" OpenSSH (which runs on OpenBSD) and "portable OpenSSH" (which runs everywhere else). Or in their words:

"OpenSSH is developed by two teams. One team does strictly OpenBSD-based development, aiming to produce code that is as clean, simple, and secure as possible. We believe that simplicity without the portability "goop" allows for better code quality control and easier review. The other team then takes the clean version and makes it portable (adding the "goop") to make it run on many operating systems -- the so-called -p releases, ie "OpenSSH 5.3p1"."

I'm not sure I agree with that. It's not *that* hard to write portable code if you work at it.

[#] Mon Jan 04 2010 15:34:21 EST from dothebart @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

well, if your portability list contains openbsd, solaris, linux, cygwin, you're already on a good path to cryfty code.



[#] Mon Jan 04 2010 15:57:07 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Seems to be supporting two sets of code defeats the purpose of trying to build a simple system.
Of course since I'm not a terribly big fan of shared libraries and no two systems have a portable working libc and especially because in this case, is worked and saved me a lot of reconfiguring/installing/building/buying hardware, I'm kinda happy that these nutcases go out of their way.
I'm not sure I see the point of the openbsd specific version, but hey, whatever, keeps them off the streets at night.

[#] Mon Jan 04 2010 18:06:44 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I'm sure the OpenBSD team considers the portable version to be a "backport" since the rest of the world doesn't have those nifty sooper-secure system calls. It's their perogative to maintain it that way if they want to, but it seems like an awful lot of extra work to port every single version from OpenBSD to unix instead of autoconfing it like everyone else does.

[#] Mon Jan 04 2010 21:20:05 EST from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


I'll bet that OpenBSD's team still doesn't even use modern techniques like test coverage analysis. They are still heavily invested in the concept of the programmer as deity, much as djb is.

[#] Mon Jan 04 2010 21:29:14 EST from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

simple, and secure as possible. We believe that simplicity without the

portability "goop" allows for better code quality control and easier
review. The other team then takes the clean version and makes it

A pathetic excuse. A well-designed system just doesn't have portability issues. Java for instance has managed to cleanly encapsulate all the POSIX functions that are necessary to build a portable program, with full async I/O and whatnot. If you do things the right way, you should have to do #ifdef on the same HAVE_WHATEVER symbol more than once in your entire codebase.

The reality is that deraadt and his goon squad don't play well with others, and are interested in creating artificial barriers to the adoption of their patches by the original source providers. This is a prime example.

[#] Mon Jan 04 2010 22:16:58 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

You meant "should not have to do" right?

The thing about java encapsulating... well.... I dont' know how all the java libraries are ported between systems, but it can't be all that pretty.

Go to page: First ... 40 41 42 43 [44] 45 46 47 48 ... Last