Executive Summary: (a) Nyx is a "good thing", even from a hacker's perspective, and is worth keeping around; (b) Nyx is not popular with the University's administration, hence very fragile; and (c) your friendly sys. admin. runs Nyx in his very limited spare time, as a hobby. These factors mean one thing: ANY CRAP AND DU **WILL** FORCE ME TO SHUT NYX DOWN!! (And YOU would be to blame.) This is NOT a joke. It has happened before, and I had to fight hard to get it back. Next time I may not be so lucky. So please, from a sys. admin who probably shares your beliefs in electronic freedoms, please avoid doing anything on Nyx beyond what Nyx promotes. Read on for an elaboration of this... Begin statement of hacking on Nyx: Because you're reading this, I presume you have some interest in hacking/cracking/pirating/etc. on Nyx -- in short, *any* "illegal" activity. Let's talk about this... First, allow me to introduce myself -- I'm Andrew Burt, system administrator of Nyx and professor in the Math & Computer Science department here at DU. To start, let me say I am not personally against hacking; indeed, I learned a lot of what I know about computer science as direct and indirect results of hacking (past tense -- consider me, shall we say, "retired"). It got me thoroughly interested in computer science, and look where I am now: I'm not your average incompetent system admin -- I've been a C/Unix guru since about 1980, am a fluent kernel programmer, teach graduate OS theory courses, and was editor of the Internet's "Unix Security Newsletter" for many years -- but don't drool, none of that stuff is on any DU machine any more :-) . It used to be that sys. admins were the most technically competent of the users; alas, as you know, that is no longer true in most cases. For my part, though, I enjoy chatting with hackers, helping hackers learn, etc.; so feel free to drop a line, ask for critiques (but like any good magician, I won't divulge any tricks you don't already know), etc. And while I have my personal quirks, like I have a low tolerance for stupid people, I think I'm basically a fair person (perhaps even a reasonably nice guy). PLEASE note, however, that I have extraordinarily limited time -- besides running Nyx (at most, a half hour a day) I teach, do research, other sys. admin'ing, consulting, writing, and beyond that try to lead a "normal" life. I and am thus unable to enjoy "the chase"; indeed, I do not want to chase anyone at all -- all the security measures on Nyx are a *direct* result of DU forcing me to implement them to save Nyx's life from the threats of prior hackers. DU, like most organizations, does have people who are paranoid about security, etc., and Nyx must exist within those constraints or not exist at all. I believe Nyx existence is worth it, and I ask your cooperation. Now, I know I am considered by some a "security guy", but believe me, I am far from the stereotypical paranoid system admin when it comes to security. Indeed, I believe in security for the sole purpose of protecting the freedoms we currently have. Thus there are two types of security in place on Nyx: (1) measures to keep DU happy so that Nyx doesn't get shut down; and (2) measures to protect the electronic society so that it doesn't get destroyed. I have a broad base of experience when it comes to security, and have formed my personal views of security from this. I don't have any desire at all to chase hackers off Nyx; as long as you don't threaten Nyx, or act stupid, hey, have fun. In fact, I don't like to waste my time chasing stupid people, it just ticks me off that I have to. In other words, I'll only go after you if you're being stupid, inconsiderate, obnoxious, destructive, etc. So note that if I am on your case, I'll be damn pissed about it, so don't expect me to be nice -- consider this document right here to be my nice request. If you ignore this, I won't be nice because I'll assume you are knowingly ignoring my personal request to stop and are therefore a danger to the system. I also have a tendency, when pissed, and particularly when busy or stressed out, to go after gnats with napalm. But this is only if you act like a retard. Next, I believe, most importantly, that each human being is entitled to personal privacy. Thus I disapprove strongly of any invasions of personal spaces -- houses, non-broadcast conversations, electronic mail, home directories, etc. All this can be summed up in a philosophy of "Don't mess with my stuff." Beyond this, I believe in freedom of information. However, Nyx must maintain a "clean record" for DU to sustain it (they own the hardware, pay the electricity, net connection, phones, etc.). Additionally, I believe in the philosophy of "don't be stupid", and I confess one very quick way to get me ticked off is to do something stupid. This includes any mistake made out of clumsiness, like accidentally changing someone's password or running programs that suck the life out of system performance. This is just dumb on your part, and I'll come down on you pretty hard for it. (Even worse is to be malicious -- just leave if you don't like Nyx, but don't vandalize it; I've put in a lot of work and don't like to have it jerked around.) Therefore, the policy described below should be understood to apply to ALL out of the ordinary activities on Nyx and elsewhere at DU. Such as: - Software piracy (storing files here for others) - Running programs that are not allowed (such as telnet, personal IRCs) - Rummaging through other people's files In essence -- anything you can't do via the menu's -- DON'T!!! So, I'm basically tolerant of hacking. However! Nyx is not a machine that should be hacked, used for piracy, etc. Let me give you some motivation for that, to convince you not to hack anything here. Nyx is unique on the Internet -- a completely free public access system (like a BBS) but with complete access to "The Internet" (unlike most BBSs). I started Nyx because I wanted to help repay "society" for the start I got on computers, partially as a result of BBSs and the electronic freedom they represent. I believe eventually everyone will have an internet connection, i.e., that e-mail and news at home will be as common as VCRs -- and I hope it will be a pure and free cyberspace. But that isn't here yet, and Nyx is about close as it gets (Nyx also helps people "see the light" and speed the time when everyone is on the net). So far, Nyx has (as of 5/92) over 4000 signed up users -- who would all be rather upset if Nyx... Went Away. "Went away", you ask? Well, let's just say that there are those at DU who aren't sure Nyx is a Good Thing. People who would look for ANY reason to shut Nyx off, permanently. In fact, when Nyx moved from a PDP that wasn't on the internet (no ethernet card) to a Pyramid that was on the internet, Nyx *WAS* shut off. The Net Police cried, "Oh no! You're letting THE PUBLIC access the net!" (At that time, everyone got a shell just by picking the menu option for one; anyone could ftp and telnet.) They were afraid, as Net Police are, that hackers could dial up, who otherwise had no network connection, and start hacking the internet from Nyx. I fought *hard* for Nyx to remain completely open, and was told "no way". We compromised, with the somewhat obnoxious shell authorization form (in /nyx/lib/menus/info/net.rules) being the result. I don't like it a whole lot, but I like it more than Nyx being killed. So *any* mention of hacking, with respect to Nyx -- into Nyx, on Nyx, or from Nyx (particularly to other systems at DU) -- runs the very high risk of getting Nyx shut off again. Nyx has been shut down on several occasions as a result of hacking, and each time it gets harder and harder for me to get it back alive. Eventually, maybe even next time, it will be permanent -- have no doubt. So I am making a personal request to you, as system admin of a unique system and in the spirit of hacking, not to hack on Nyx, or on any system at DU (they always point the finger at Nyx when someone breaks in elsewhere). I have no objection to you having an account -- but make it your OWN account, not someone elses. Even if they have a lousy password, and even if they haven't used their account for months -- get one of your own (by logging in as 'new'). Pick a name that won't arouse suspicion; your own name is good, but I can understand if you choose something a little different (but don't pick something like "ahacker" or "motherfu", -- at least make it look like a normal person; I am forced by DU to disable such bogus accounts). As far as doing things on Nyx, you are free to do whatever others can. Please don't try to break into root -- there's almost NOTHING on here that you can't get to as a normal user (most of the system is readable). What is protected is stuff to keep the system running smoothly and other people's accounts with their private files (which you shouldn't be nosing around in anyway -- it's THEIR stuff -- and there's usually not much of it). Not to mention that if, as root, you make a typo... I don't want ANYONE going in as root without my blessing. Note that Nyx is not the fastest hardware in the world. Thus I request that you do NOT consume lots of cpu time or disk space (this is true for everyone), nor otherwise draw attention to yourself. In particular: - Do NOT run "find / ....." -- it really kills performance - Do NOT run password cracking programs; they too eat cpu like mad - Do NOT store huge amounts of files -- all users share a small partition, hence 100K (yes K!) is the requested maximum. If you need more TEMPORARILY, use /nyx/tmp. - Don't be obnoxious. Don't create more than one account, don't publish this address as "how to reach hacker XXX", don't send people annoying mail, don't upload pirated software... indeed, you should behave like a really nice user so you don't get noticed. - Breaking out to the shell. It's far from impossible; yes I know of various ways to do it; I fix them when I get VERY spare time, which is not often, or when DU gets on my case (which is thus a *waste* of my time). Note that when I see phony logins I will shut them off; and when I see evidence of hacking in an account, I will shut it off too. This is nothing personal, I'm just protecting the system from shut down. Killing Nyx would make thousands of users unhappy, and would help give hackers a really bad reputation. So be nice. Anyway, I'd be interested in talking more with you -- drop me a note detailing your exploits; but I have to ask that you please quit any hacking on/to/from Nyx immediately. Thanks. Andrew Burt, aburt@nyx.cs.du.edu