(old)Puppy Linux Discussion Forum

What Happened When One Man Pinged the Whole Internet

A home science experiment that probed billions of Internet devices reveals that thousands of industrial and business systems offer remote access to anyone.

Well, *that* was interesting

Nice Graphics.

Did not expect Portugal or southern Italy that much, would have expected more of France, India and China.

Interesting, that there is already a difference from former West Germany to former East Germany.

Could not read it well for FF-3.5.19 renders it not so usable.

Many years ago, when the Internet was not a household word, I used dial-up to log in to a system which was offering remote access to a Unix system for a low price. The free trial lasted about 30 seconds before I realized they didn't understand Unix permissions, even before we got to setuid. They had protected files they considered important, but forgot to protect higher-level directories. I could write into /bin and /usr. I left them a message with a one-liner I could have used to execute any command as root. No one ever got back to me.

Since then I have made a policy of checking for things so dumb you would not believe them before I get clever.

Why did I look for this, if I was not interested in cracking systems?

A friend of mine had been playing fast and loose with root privileges on a school machine when an accidental touch of the space bar in a command turned rm *.a into rm * a. This deleted most of /bin before he stopped it. We then had a thrilling hour or so reconstructing enough commands to recover. If the compiler had been deleted, or if we had not had source, we would have had no choice but to roll back to an earlier backup, losing several day's work by dozens of people. The system was so screwed up we couldn't even shut down if we wanted to. Our big luck was that sh was still running, even though the binary had been deleted.