[ executive summary: Microsoft are asking you to crack their
machine running on win2k and iis. ]
The LinuxPPC folks have set up a similar site as a response.
It's located at http://crack.linuxppc.org/ . Similar rules,
ie DoS attacks are discouraged (and uninteresting), and they
want a better looking web page. Looking this morning they've
turned off portmap, enabled telnet and web access and even
posted an nmap scan (to save you the trouble). Between
telnet and Apache access, it should be possible. LinuxPPC R5
is based on RedHat 6.0's model, yet is more secure out of
the box.
I post this because of the recent discussion of diversity of
systems being an avenue to security. The PowerPC processor
is not nearly a widespread as Intel's x86 family is, and
hence it has not been nearly as abused in things like buffer
overflow exploits. Furthermore, OpenFirmware, which is
deployed on most LinuxPPC systems, presents an interesting
set of challenges and exploits. Linux on the PPC is,
according to some reports I have read, the second most
widely deployed Linux platform.
Lastly, it serves to highlight the marketing hype that the
Win2k/IIS challenge is.
Jose Nazario [EMAIL PROTECTED]