Gandhara: client

20080209

How to get root legitimately

how to root legitimately:

you must have the following:

a minimum of 2 computers that will install linux -- with at least 64 MB ram and 500 MB drive space on one that will be used as the server

internet connection (for linux updates)

router connected to your broadband modem, and the usual cables

experience with linux

directions:

install server version of linux on the minimal computer and workstation on the best computer. you should know which is which.
update the client with dist-upgrade. if you know how to do that, then fine. if not, then rtfm.
you could use chkrootkit on the server and see where it fails. or use nessus, tho it means your client will need apache running for that. or you could just upgrade python and ruby and install metaploit framework according to instructions. use google to find these suckers and rtfm before proceeding.
once you root your server, using your exploit tool, patch the server to prevent that root exploit from working again. do this with all the exploits that work.

The objective of this exercise is to learn how to prevent someone from rooting a server. This involves preventing buffer overflows. Google "buffer overflows" for details.

Short FAQ:

Will this howto help me get root on xyz.tld's server? No, but it will teach you how to get root on your own server. Furthermore it will teach you that you may need physical access to get some privileges. However, rooting your employer's server could result in getting blackballed in the IT field, especially if you use it to get warezs and pr0n, plus use it to serve that illegal content to your warez buddies. If you must be illicit, then google "rackspace" and learn.

Can you help me setting up my computers and network? No, i am not gonna tell you how to set up a server under Linux or how to patch it. You may learn how to build kernels, etc. on your own, though. Nor am I going to give out urls to the stuff revealed in this howto. This howto covers the basics, and you should know where to get real howto's to help you.

Why did you write this stupid lame-azzed howto and write this stupid FAQ? I forget; probably cos I can't KISS.

20071011

The Good and the Bad: Temp Agency Clerks and Social Workers

A few civil servants (temp agency clerks) are like the little stones which make you stumble when you walk bare-foot on the beach of hard knocks.

If you resist them, then they will assimilate you i.e. reduce your funding by misrepresenting your case to a case worker.

Today, most case workers are assigned a client by "alphabetic lottery", where the client's last name is matched up to the last name of a social worker.

However, this association of worker with client changes weekly in catchment areas where client to work ratios are high and monthly where they are low.

This is because workers tend to lose their objectivity when they listen to the client's life story, whether it is told by the client or by other workers who know of hir. As well, temporary stress leave is regularly assigned to busy social workers. This job is not for workaholics because it will burn you out.

However, new clients should never divulge their life story to a worker. If a worker cannot get a background report on a client from other workers or from the archives at the Victoria office, then it is better that way.

Woe to the worker who sympathizes!

"The Moon Points to the Sun"

DISCLAIMER: All opinions contained in this blog are solely the author's and protected by the Canadian Charter of Rights and Freedoms with respect to free speech. None of it is endorsed by any religion whatsoever. Legally, the author does not advocate any act mentioned in this blog if it breaks local laws. Furthermore, he denies any legal responsibility for any misunderstanding and/or misuse purportedly due to reading his blog. This is a work of art, not a manual for civil disobedience. All copyrights belong to their respective owners.