New way of thinking about the Internet

Contributed by jose on 2002-08-23 from the free-shell dept.

Scott chimes in with:

"I am submitting my site and yes I am aware this is a little non-PC. About 1 year ago I bought the domain open-network.net and I am an avid BSD user (Work/Play, Open/Free/Net). I have know what I wanted to do with the domain for quite a while and now I have finally done it. "

"I have setup a server offering free shell acounts, free web serving, free access to PHP/Perl/MySQL, IRC access and whatever else people want. I'm not trying to get a customer list or sell ads or anything like that. I am trying to give back to the internet what free BBS's back in the early 90's gave to me. Unrestricted access to information and an evergrowing supply of places to visit.
I call the site http://shells.open-network.net and an open network it will attempt to be. It is currently only one machine although I may add a second next week. I am inviting adventurous individuals with spare hardware and thier own bandwidth to join the network. If you don't have the machine or bandwidth, I'm sure someone will provide a place for you to play.
I am doing this for 2 reasons. Number one, "because I can", and number 2 because I am sick of paying for shell access to a machine I can't do anything on or there is nothing to do on. I want to create a network from which everyone can learn and play in a relatively safe environment.
Have fun, Scott"

This sounds kind of cool. Way back when I started on the Internet something like this would have been welcome. Now, it's just handy to have a shell account someplace you can get to without the hassel of administering a box.

(Comments are closed)

Comments

By Scott () scotth@open-network.net on 2002-08-23 03:49 http://shells.open-network.net

Just wanted to give a thanks for posting this. I have registered in Open Directory and on other search engines but I am sure you know how long that takes. I didn't want to get slashed so I avoided that like the plague.

Thanks again,
Scott
By RC () on 2002-08-23 04:14

Well, who would like to guess how long it will take until it goes down?

How long until each service is disabled (usually due to DoS attacks). How long until new registration are either made insanely difficult, or stopped completely. How long until the box mysteriously drops off-line without any warning?
By Anonymous Coward () on 2002-08-23 04:14

if you havent already, you should talk with someone who administers a free shell account server, like grex or arbornet or freeshell (lonestar) and find out about the problems that come with such a setup, like the kiddies constantly trying out new rootkits, DoS's due to irc, spammers using your system, porn/vendors using it as a redirect method, etc.
yes, i read your list, but still want to make sure you're forwarned about how frustrating it can become when every second person who comes to use your system really is trying to abuse it; i'd want OpenYetIronWill.org
By Blake () obsdj at two one one two dot net on 2002-08-23 05:43 two one one two dot net

I've seen a few projects like this before. Compaq did a really good job with their open-access evaluation servers; they firewalled the hell out of them. By that I mean that they allowed most anything incoming (you could run your own daemons and stuff and talk to them, but they still blocked DOSs etc.), but you cound't connect to anything from an account within the box. I'm not suggesting that you necessarily take that approach, but there's not really any reason to allow users to connect to other machines out there on the net, at least not a login session (telnet, SSH, etc.). IRC will probably get you in trouble in short order as well, and wach out for spammers.

Write yourself a nice little user agreement, use the tools available in OpenBSD (chroot jails, profiling, etc) to keep your box as un-0wn3d as possible while still providing users with functionality. Keep an eye on people and nuke their accounts when they are obviously trying to cause trouble.

Congratulations, you're officially a BOFH. Welcome to the club (-:. Now where did I put my etherkiller...
By pravus () on 2002-08-24 01:22

this is great! i too have wanted to do something like this, but bandwidth restrictions and the fear of having anonymous users rip it apart has kept me from implementing it. kudos to you for giving it a go.

i'm curious though... what measures have you taken to ensure that your users don't root the machine within a couple of days? i'm sure you have all the standard stuff in place (firewall, maybe an IDS, quota, etc...), but what other things have you done to make the system secure?
By Anonymous Coward () on 2002-08-23 14:49

Let your freak flag fly!

Best of luck. What's the liability if someone does evil things, like hacking .mil addresses from your box? Just a thought. Have fun.
By zil0g () on 2002-08-23 21:12

feels like this is a good place to talk about securing an OBSD shell server, right?
so how would you do it?

snortbridge;
chroot;
systrace;
freebsd syscalls^H^H^H^H^H^H^H^H^H^H^H^H^H
Stephanie/trojanproof;
hire Dug Song;
zonealarm^H^H^H^H^H^H^H^H
etc etc - yes/no?

I want to know, and I bet I'm not the only one.
just looking for experience.
By Pierre () pierre@userid.org on 2002-08-23 21:17 http://www.userid.org

Hi,

If any BOFH's want to trade shells for traceroutes and other network diagnostic utilities, mail me. I can also do sec. dns, mail caching and more.

Check out http://www.userid.org/config.txt for my dmesg info.
By Anonymous () on 2002-08-23 22:00

Great! Very generous! Don't let them scare you away;).
By Anonymous Coward () on 2002-08-24 05:14

i did not see any mention of a written "security policy"/"acceptable use policy". the only thing i saw was mention of "some rules".

if you don't have an AUP you have skipped a very important first step. you certainly want to set preconditions to account creation. user _must_ agree to the conditions set forth _BEFORE_ you ever give him/her an account. if you have not done this then you may find yourself in a major legal pickle if/when someone uses your host to attack another system.
By Chris Humphries () chumphries@drauku.net on 2002-08-24 06:57 http://drauku.net

Why? i dont get the point of it all... is it that hard for people to run their own servers? kiddies and other irc punks that just have to stay on the server 24 hours a day?

i think it is a waste, and it will get abused very quickly. you have to ask yourself what kinda person would be interested in shell accounts and jump on the first mention of it... not the kinda people i would want on my network/boxes.

but that is just me, sure i will get DoS'd in 15 seconds... oh ph33r...

--

times are different, lots of kids dont care of have ethics in this whole thing. shells accounting would be great if it actually was used as intended and not abused, but time and time and time again, it has shown that what is intended is not how it eventually gets used.

i am all for community and group growth in a unix environment, but i also know that alot of what i would like to happen, wont happen. not cause i think so, but from what has happened.

maybe it will be different this time, maybe slashdot didnt attract a bunch of linux redhat monkeys jumping for a place to run a eggdrop.

i could be wrong, but i am willing to bet that i am not... we'll see if the server(s) you have up for these shells accounts still exist in 6 months... if you still have hair and dont mind phone calls from other admins complaining about your user's actions...

just my opinion,
chris
By shaji () shajikv@fastmail.fm on 2002-08-24 08:46 mailto:shajikv@fastmail.fm

I ve been on shells for quite a while now. For two reasons: 1. My networks in the place that I live in, in Asia, does not have a network fat enough to do anything well. 2. to get around censorship rules/crowded corridors etc.. by port redirection. I dont know if I am doing something wrong by actually using a box like this for such purposes. Anyways, let us know.I really dont use shells for much else. Increasingly, one gets locked out for doing anything at all. Anyways, Kudos to you man. Great work. Wish I could do something like that.I would promptly put up something like that. :-). Static IPs are expensive, and so are the bloody rates for anything related to telecom. anyways,keep up the good work. And no, i dont have an account on your system yet. :-) Shaji
By foo () on 2002-08-24 11:22

You might want to check out http://freeshell.org/

They have NetBSD servers supporting a ton of users, and have been around for a few years.
By Anonymous Coward () on 2002-08-25 01:26

You can find a list at www.bylur.net/free/ , for instance...
By Chris Humphries () on 2002-08-24 17:19

friend has a site with alot of info, and one of the things she has a topic on is shells:

http://speedygrl.com/shells.html

sdf.lonestar has been around for a while.

Latest Articles

Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (13)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (2)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)
Tue, Mar 12
- 06:53 OpenSSH 9.7/9.7p1 released! (0)
Mon, Mar 11
- 11:28 Game of Trees 0.97 released (0)
Sun, Mar 10
- 09:06 LibreSSL versions 3.8.3 and 3.9.0 released (0)
Fri, Mar 08
- 06:46 OpenBGPD 8.4 released (0)
Mon, Mar 04
- 06:32 rpki-client 9.0 released (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]