[Clug-tech] Curious how an old machine will handle new threats.

[Mark Carlson]

On Thu, Oct 16, 2008 at 5:37 PM, John Jardine
<john_e_jardine at spamcop.net> wrote:
> Ok - boredom got the better of me today and I booted what was my first
> Linux machine again.  The machine is an old Gateway 2000 486/33 16MB
> 210MB/HDD running Slackware 7.  To save you the trouble of looking that
> up it's kernel 2.2.13, recompiled to my needs.
>
> I had not turned it on since 2001.  I actually remembered the root
> password for the box so I was able to log in.  There is nothing on this
> machine that I need so it's next stop is the recyclers.
>
> So - before I take this to the recyclers I was going to put it on 'The
> Net'*, as-is, as a honeypot and see how long it takes for the bad guys
> to find it and crack it.  I'll setup another machine as a bridge to
> capture the traffic.
>
> I'm open to suggestions though - what would you do with this dinosaur?
>
> BTW: I've got a distribution disk of Slackware 7 if anyone is looking
> for a copy :P
>
> Cheers,
> J.J.
>
> * That reference is about as old as the computer


Sounds like fun!

1. I would make sure to enable either all the services you used to
use, all the services you're willing to set up, or some combination of
the two.

2. Make sure it does not have access to the machines on your home
network so they aren't attacked from the inside.

3. Once owned, your machine will most likely be targeting other
computers on the Internet, making you look hostile... just like
millions of other computers... but still...  don't do this from a
static IP that you don't want blacklisted anywhere (I'm thinking
Spamhaus here.)

I'm very interested in how long it takes to get owned, and what gets
owned first.  Web server / web application vulnerability?  SSH v1
vulnerability?  There are a lot of possibilities.  Perhaps the
vulnerabilities will be too old to get hit right away.

-Mark C.