What Happened When One Man Pinged the Whole Internet

For discussions about security.
Post Reply
Message
Author
User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

What Happened When One Man Pinged the Whole Internet

#1 Post by Flash »

What Happened When One Man Pinged the Whole Internet
A home science experiment that probed billions of Internet devices reveals that thousands of industrial and business systems offer remote access to anyone.

starhawk
Posts: 4906
Joined: Mon 22 Nov 2010, 06:04
Location: Everybody knows this is nowhere...

#2 Post by starhawk »

Well, *that* was interesting :lol:

User avatar
Karl Godt
Posts: 4199
Joined: Sun 20 Jun 2010, 13:52
Location: Kiel,Germany

#3 Post by Karl Godt »

Nice Graphics.

Did not expect Portugal or southern Italy that much, would have expected more of France, India and China.

Interesting, that there is already a difference from former West Germany to former East Germany.

Could not read it well for FF-3.5.19 renders it not so usable.

User avatar
prehistoric
Posts: 1744
Joined: Tue 23 Oct 2007, 17:34

#4 Post by prehistoric »

Many years ago, when the Internet was not a household word, I used dial-up to log in to a system which was offering remote access to a Unix system for a low price. The free trial lasted about 30 seconds before I realized they didn't understand Unix permissions, even before we got to setuid. They had protected files they considered important, but forgot to protect higher-level directories. I could write into /bin and /usr. I left them a message with a one-liner I could have used to execute any command as root. No one ever got back to me.

Since then I have made a policy of checking for things so dumb you would not believe them before I get clever.

Why did I look for this, if I was not interested in cracking systems?

A friend of mine had been playing fast and loose with root privileges on a school machine when an accidental touch of the space bar in a command turned rm *.a into rm * a. This deleted most of /bin before he stopped it. We then had a thrilling hour or so reconstructing enough commands to recover. If the compiler had been deleted, or if we had not had source, we would have had no choice but to roll back to an earlier backup, losing several day's work by dozens of people. The system was so screwed up we couldn't even shut down if we wanted to. Our big luck was that sh was still running, even though the binary had been deleted.

Post Reply