InetSec 2 Challenges

Homepage
People
Research
Teaching
About
Abstract
Topics
Prerequisites
Location
Dates and Times
Slides
Challenges
Hall of Ultra Fame
Hall of Fame
Ratings
Standings
Environment
CTF
Examination
Registration
Mailing List

Machine Environment

Operating System

Lab start: 14.10.2010

In the InetSec lab, we run Linux (Debian for those that are interested) on a student server that is "safely" coupled off the Internet so that you can experiment with your tools.

Server

One InetSec box is remotely accessible for you through inetsec.seclab.tuwien.ac.at (128.130.60.30) via ssh. WAIT! Don't ssh yet! Read on!

The server is NOT running on the default ssh port. It is running on port 10001. If you want to ssh per hand under Linux, you have to do ssh inetsec.seclab.tuwien.ac.at -p 10001. If you are using a Windows ssh client such as Putty, then you have to enter inetsec.seclab.tuwien.ac.at as host name and 10001 as port number.

The local name of this server is bandit.inetsec.edu.

You can put the following entries either into your /etc/ssh/ssh_config or ~/.ssh/config file so that you don't have to enter the port each time you connect (Windows users can save a session with Putty): 

Host bandit
     Hostname 128.130.60.30
     Port 10001
     HostKeyAlias bandit
If you have edited your ssh_config file, then ssh bandit should do it.

Changing your password

It is good practice to change your password once you get your account. We might try to crack your password so do change it.

Reading your e-mail on the servers

You will submit your challenge solutions using e-mail on the lab machines. Submission from any other server (e.g., TU student servers) will not work. You will also receive automated feedback from our submission system (e.g., information about your submission, grading, success/failure, etc.) to your lab account. In order for you to be able to read your mails, we have installed pine and mutt on the InetSec server. Feel free to use anything you prefer (e.g., the UNIX mail command for the experts/geeks should also do it :-)). If you are UNIX-incapable or prefer to read your mails on some other server, then you can create a .forward file in your home directory. We have enabled forwarding on the servers.

FAQ - frequently asked questions

  • I can no longer logon, it says "fork: resource temporarily unavailable" ???

    • On the InetSec systems (e.g. bandit) we have several resource limits (see /etc/security/limits.conf) so that available system resources can be shared among users in a fair and economic way. Among these limits the maximum number of allowed processes per user is set to 15 which you have most likely exceeded.
    In order to get back to work, close some of your running programs and you should be fine again.

    Remember: Each time you logon, it will take at least two processes (one being sshd and the other one the login shell). You can view your currently running processes nicely by running:
    $ pstree -pcl `whoami`
  • Can you increase the resource limit for me, pleeeeeaaase ?

    • short answer: no
    longer answer: In an ideal world there would be no resource limits. However, since the resources on our systems are limited, we need to ensure that the system is responsive and working well for all users, regardless of the funny things (*cough* fork bombs anyone?*cough*) other users might be doing. Over the years we found the current limits to be working well which is the reason why we won't change them.
    Never change a running system, right ?

Last Modified: Mon Jul 12 12:35:41 CEST 2010

International Secure Systems Lab www.iseclab.org