[de / en] 42.org, Homepages, Stefan `Sec` Zehl, Berichte, CCC-Camp 1999
Friday, Saturday and Sunday have not been translated to english (We found nobody willing to do it)
If you speak german you can read the other parts here.


CCCamp - part I: Wednesday - The Arrival from Munich

(thanks to Christoph Moder <cmoder@bigfoot.com> for the initial translation)

On the first day before starting I had to get up early (8:30 :-) and
then pack hecticly. 'This thing is necessary, and this one, oh yes and
this one too...'. The bag was becoming fuller, also the second one, and,
gosh, how will all this fit into the car? Well, at half past ten a trip
to Kreilling was to be made to get Fabian's Laptop which had been
repaired. Great, lots of lorries on the road, and one can't move very
quickly. Then, a short chat with Fabian's mother who asks if I really
want to drive to the camp with the 'Ente' (Citroen 2CV) (no, of course
not, how could we accomodate 3 people and 9 computers in it?). At 12
back home, Ray, the driver, should also be there... well, soon he was
indeed there. After packing hecticly some last items (light bulbs!) and
we could start loading it all into the car. It looked better than
expected, unexpectedly everything really could fit in the car. A short
stopover at the workplace and there we have one more UPS. Then to the
third of us, namely Pnose. He has also heaps of baggage and also a SLC
with Monitor. But we succeed in getting everything stored into the car.
Then a stopover at ray's home who wants to fetch another bag and some
Jolt. Our storing talent doesn't fail here, too, so everything fits
tightly into the car. Ray's mother invites us all for lunch, so we miss
our scheduled start (at 2:00 pm on the highway) by half an hour. But the
baked Brezenknoedel with mushroom sauce (where the mushrooms could alo
be taken out btw.) were well worth the time. Then a stopover at a
filling station to buy a forgotten toothbrush, and we are finally on the
way. The GPS is packed out and plugged in (we are logging the whole way
on Pnose's Libretto), and we spend the first time in having a look to
the great features of the GPS. And realize that the towns' names in it
match to those on the signs on the highway, that the highway does not
follow the ideal way to the camp etc. All McDonalds and highway
crossroads are stored as relevant waypoints for the return. Some more
than 4 hours later the libretto's accu and also Ray's driving endurance
becomes weaker, and a stop at a filling station is used for refreshment
and exchange of the accu and the car driver. Now we try to keep our
deadline 'before 8:00 pm on the camp site', and hurry even more. From
the highway exit on, there are wonderful camp signs which show us the
way (which has many bends), but destroy our average speed. Then we meet
the nice people at the reception who explain us everything that we
already know either from the camp-announce mails or from the signs
around, and give us a litter bag (though we already have some ourselfs).
But I liked the idea anyway. Just in front of the parking lot we are
again stopped, even people from Munich, who have not shown up at the
MUCCC-meeting yet (hope this will change). They are also responsible
that we didn't arrive before 8:00 pm :-) We needed 5h30, actually quite
a good average speed.  We are also really excited that the camp radio
has RDS (of course 'chaos'), which we can only admire in the car,
because we have only a travel radio alarm clock with us. We'll see if
the audio multicasting will work - later. Now we meet Manuel, Fabian and
Mel, check in (Ray must fill in a trouble ticket because his remittance
has been lost), walk randomly around, and talk then to the pepole at the
entrance to achieve that we may bring in our stuff by car. After we are
driven away from our desired place ('there will be put a 7-m-truck'), we
build up our house tent (ca. 30 square meters) next to Fabian's bus.
Then we drive the rest to the hacking tent, but we want to set it up
later.  Because it is getting dark, we try to build up the tent ( this
can be quite complicated), in which we only succeed when we realize that
'on the right' is the _other_ 'on the right' :-). To get lighting we
sacrivice a computer cable from Manuel ('I can't see this!') and create
with a remote controlled socket and a light bulb in a socket a wonderful
tent illumination. Some confusion later (and some trips to the hacking
tent and back - argh, is this far away ...) we have all cables to create
a music supply with mp3 and loudspeakers, Internet and current supply
work a bit later. Then we use Fabian's sandwich maker to make a great
dinner with the ingredients that Mel has bought by bike (thank you!).
Very interesting was, how you can see the sandwich maker switching on
and off in the change of the brightness of the light bulb. Meanwhile
everyone packs out his laptop and is being wired. A helpful neighbour
(well, he also wants something to eat from us) helps us out with his
toast bread, after which we are all satisfied. Just after terminating
the dinner we are afflichted by a series of current outages against
which we can't do much. Some time later we have established the perfect
configuration (everything without own accus is linked to the UPS, the
rest directly), but then of course the current is stable. Well, let's
see how it'll be tomorrow. And then it became slowly bright again, and
everybody went to bed, except Ray, who got another Jolt and is now
typing on his laptop, and me, who is yet finishing this report. And now
there is already such a stupid cock calling, so that's it for today.


CCCamp - part II: Thursday - Relaxing ?

(thanks to Christoph Moder <cmoder@bigfoot.com> for the initial translation)

Already shortly after lying down the first wake up again, because it is
already at 9:00 am so hot that every move is a torture, especially lying
in a sleeping bag. Despite I could again sleep 1.5 more hours (without
sleeping bag), but then it was really too hot. Manuel and Fabian tested
the fantastic showers which have everything except hooks to store the
clothes on. To have some shadow we build up a tent in front of the
caravan (which belongs to Manuel and not Fabian as I was told). That was
in fact a bit more difficult than the house tent because we have not
practised it before and - very evil - an important bar was missing. Then
Mel proposes to go into the lake instead of using the showers. Manuel
and Mel inflate the 'floating device', a red (with white hearts)
armchair. Finally we got through to the lake, passing by the
Heart-of-Gold shuttle that actually should land tomorrow. The water is
cold, but with these temperatures it is really refreshing. *aaaah* My
personal tip: sitting on the armchair, drift  out on the lake and then
jump into the water. With our pumpguns the 'passive' spectators are
soaked, before we go back again. The planned tidying-up of the tent is
adjourned, and we surf the internet with our laptops. Meanwhile Pnose
defends as lonely knight our place in the hackcenter. Where they also
sell drinks, which seem a bit to expensive. Later, some
shopping must be done, but only 4 persons (there is not more space in
the car). This opportunity was welcome by me to sleep another 1.5 hours.
The sun has partly moved behind some clouds (some even said that it
would rain) and a breeze went enjoyable through the tent (of course only
if you open all the doors). I was woken up by the guy that explained me
the electro-policy (wrap plugs in plastic bags, no fire etc.) wich was
actually not new to us. And he was very impressed by the bus with the
19"-rack and the 50 port hub ('Who makes something like _this_?'). But
unfortunately there was no air conditioning. :-) And right then, as if
by command, the shoppers came back, which had very interesting stories
about purchasing spoons in Altlandsberg to tell. But somehow the
interest in a spoon for 5.- DM without yoghurt was not as big as
expected from them. After a quick tidying-up and securing the tents with
some extra anchors (in case it rains) and wrapping the plugs in litter bags
we walk to the hackcenter to set up a working network there. Slowly
everything gets ready, and there is also a chaosradio live stream to be
heard. A bit later we bring an IRC-Server online, but the name server
script is too limited to give us our desired names. Well, resolving is
for softies, anyway :) In the net there are lots of portscans, exploits
ans DOS-attacks. The perhaps most interesting was the clown who
overwrote the ARP-address of the default router. Well, with /sbin/arp
also this can be solved, if you guess the right one of both (which went
wrong, according to murphy). Later in the evening we go back into the
tent for dinner, where we can a bit later experience that the UPS works.
(Laptops with accus are lucky. Finally a portable power supply :-) After
the wonderful meal we could admire interesting midnight interviews in
the chaos radio. Mel has finally succeeded with X on her laptop, but
therefore compiles the kernel for the third time (no, ELF support should
not be a module if init and the module loader are ELF :-). Then we
admire the camp programme for friday as a .pdf (ugh yuck bleargh, please
next time in a readable format. The acroread-linux-binary is still
crashing with a coredump from time to time). With our united forces we
convert it to postscript yet and print it out on Manuel's  Laserjet 6M.
(it was my idea to take it with us, and I'm happy about it :-) Unlike
yesterday it is still earlier, and there is no cock yet to be heard, but
in order to experience the workshops tomorrow it is time to go to bed.


CCCamp - part III: Friday -

Not translated yet.


CCCamp - part IV: Saturday

Not translated yet.


CCCamp - part V: Sunday

Not translated yet.


DeathMatch

From: ray@core.ray.org (Ray)
Translated-by: mel@muc.de (Mel)

It may be easier to describe the deathmatch if you did not take
part in it, but I can try to write a bit about it from my subjective
perspective...

Ok, it was saturday evening, I was standing in the (2nd ?)
reengineering tent and wanted to play a bit with my 9110 when somebody
told me that the deatchmatch is about to start. Oh well, I wanted to
go there anyway and FeFe is fun, too - so I went to the hackcenter,
grabbed a chair and got a nice place next to Sec near the screen - but
it didn't start yet anyway. Sec told me that there was still a team
missing and FeFe was eplaining the rules to someone behind us.  Then
Sec said something about having no idea about Linux and that he would
not do it on his own - and somehow I must have missed to say "no" with
enough force and then there was no more missing team.  We took a third
man into the team (Frank first, but before the start we exchanged him
for Manuel :), more than three people doesn't make sense on one
console anyway. Mel then brought us some coke, well, somehow we'd
survive this...

So we sat down at the last empty machine, Debian 2.1 was supposed to
be installed (uarg, nothing against Debian but none of us had used
that before) and I had read the rules diagonally, at least in some
older version. Since the hardcopy promised by FeFe was not yet there,
and thanks godness there was enough D2 through the roof of the tent, I
tried to get the rules with the 9110 via the Web.  This worked somehow
- now we knew at least which services we had to implement. A proxy-CGI
  and IDS sounded "hard", but we didn't care about that at the moment.

The machines were already up, papers were handed out with some
information on them (IP, netmask, gateway, gameserver, username
password and a domain that we would have to explain to our named later
on) and then it started. Here we ran into the first problem as we
tried to login with user and password - the idea was that you had to
login as root without any password and create the user from the
information sheet later on. I had expected we had to hack the root
account on the machine :).

First thing after login in as root was to change the passowrd (looking
back that would not have been so urgent, but better safe than sorry :)).
Now I can tell it, "secure[1]" was the first thing that came to my
mind and we didn't change it during the deatchmatch anymore. Then a ps
-axf and we killed everything we didn't absolutely need at the moment
(oh my, what a lot of stuff was running on that machine...  postgres,
lpd,...).  After that, we found out that the network was not
configured so there was no reason to be afraid of attacks yet. But
lost time means lost points, (ping was the easiest test of the
gameserver) so we started, after being reasonably sure to be secure,
to get the ethernet up and running. I had decided from the beginning
that I would not try to find out how Debian did this so we did it the
direct way via ifconfig eth0. Oh, eth0 was not there - but luckily
that was not the first test, as there was an announcement at that same
moment that there were pcnet32 ethernet cards in the machines. So we
insmoded the corresponding module and there was the ethernet. After
that the configuration was easy. And oh, have a look, ping was working
- but another team had been faster and had already some more points in
the nice bar chart.

When we had killed the services in the beginning, we had seen a
junkbuster which we considered suitable to implement the requested
webproxy with. So we configured it to use the required port 3128,
emptied the blockfile and had our first real service up and running.

The next, in our opinion easy to start service, was the nameserver
(to get points for the web, ftp would have to be running first and
for mail pop), but no there was no bind installed. Easiest way to get
it seemed to me to fetch it from home, so I started scp - oh no,
there was no ssh installed. Ok, ftp to get a ssh from somewhere, but
all of a sudden the net was not working anymore. "Yes, there is a problem
with the gameserver" we were told and since it was the
router, too, there could not be a net. But then the gameserver was rebooted
and still nothing was working. A suspicion, a tcpdump and it was clear:
one of the other teams had already started a TCP connection resetter
which terminated every TCP connection we started, immediately. Annoying,
we should have had something like this, too, but who carries that around
with oneself all the time[5]? FeFe just came around, found this very
funny but then decided that at least resetting the connections
from the gameserver was forbidden since otherwise no services could be
tested. That changed nothing about the fact that we could not get any
software from the internet (the idea to send us files via UDP from the
outside did not work out since the DeathMatch net was masqueraded. Ok,
there are still ways to do something but not now, not in a hurry).

Anyway, we first created the required user with a "wrong" password (it
would have been possible that anyone had sniffed the "right" password
and do some annoying stuff with the newly created user), broke his
shell (well, we set it to /dev/null and wrote this into /etc/shells
such that the ftpd still allows the user to login :) ) and edited
inetd.conf (so much stuff in there... yuck... ftp survived, the rest
was not so lucky), and set the password correct. Ok, now ftp should
work. The promised file-uploads from the game server did not happen.
So we went on, looking what we had on board to work with.  At least
exim was installed as MTA, we decided that this version was secure
enough and started it after a short discussion (come on, let's install
a postfix, no, sendmail, aeh - we have no net, ah, ok).

But there were no mails arriving, too, stupid gameserver. Locally, via
telnet localhost 25, sent mails arrived so we assumed that we had done
everything correctly. Hmm, we remebered something, the webserver had
to be running on an alias-ip that you had to get via nslookup from the
gameserver. Maybe that was important for the ftp services as well? But
the kernel had somehow no ip-aliasing built in and before I could
think whether that could be insmodded somehow, Manuel grabbed the
keyboard and did it "the BSD way" - a dummy0, an arp entry, a route
and the alias-ip was there. But the requests from the gameserver were
still missing, no ftp uploads, no mail. So we read a bit of TCPdump
und suspected another team to reset connections, ok, another complaint
to FeFe who forbid them to do that at least for the connections of the
gameserver. We actually liked the second resetter since now the team
that had started the first one had no internet, too - now the game was
fair again. Ahh, and now the first anonymous-ftp-gets to the "ip" file
were coming in. Nice, this second color on the score screen, where
previously only the different bars for the "ping" service had been
(one team had a fewer points btw, since it selfLARTed by plugging in a
PS/2 mouse (which was completely unneeded) on the running system and
was occupied some time to get the machine up and running again).

Ok, there was still the question about how to get additional software,
when we discovered the flat cd-rom drive. CD's, a kingdom for CDs.  A
RedHat 6.0 CD was in my machine back there in the hackcenter but would
that be of any help? Sec had Pnose get him his FreeBSD-3.2 CDs in the
end (we were known as the "BSD Team" anyway :). There should be
sources on it somewhere. This was right and we managed to compile a
qpopper 2.53. (Which was better than the other team that had a qpopper
2.3 running. Which should be root exploitable, but we did not manage
to find an exploit or just the right offset for this during the whole
match, well, not so easy without net, which shows that we're just not
good skript kiddies :)

A short discussion, whether we should not replace exim via postfix,
a even shorter discussion about replacing the whole Linux with BSD
but then we just went on as before.

The next thing we wanted to do was to build sniffit, because it would
be nice to have the passwords of the other teams, maybe they would
overlook something, but there was no yacc. Sec was somehow on his "I
don't care" trip and installed the bison sources. That was the moment
when I remembered that I read something about terminals in the initial
announcement, but there were no terminals anywhere. More due to the
coolness-factor I decided to attach my 9110 as a serial terminal (I've
had that idea before, and I had always wanted to try this anyway :), I
already had the serial cable there, because of idea to go online via
GSM and to have internet that way, but first things first, a getty.
Short discussion whether that would mean to bend the rules of the
match too much, but since on the neighbour table Floppy-discs were
brought from somewhere the whole time, and using the 9110 as a
terminal for the deatchmatch is somehow just for fun anyway, we did it
in the end. It was a positive surprise for me that in the Debian
inittab there was a ready to use entry that you just had to be
uncommented, done.  Aeh - doesn't work though, does the terminal send
the wrong line ends or something like that? Ah no, just allow root to
use the serial console in /etc/securettys and I could log in, nice.

Meanwhile Sec was fed up with the german, gray on black labeled,
unergonomical keyboard (oh well, I type on a 20x5cm handy keyboard and
he complains about that) and he was brought a better one. This one was
a US one and he as our most confident BSD user did not manage to
change the keymap all of a sudden, but after some experiments (loadkezs
&usr&lib^H^H^H loadkez^H loadkey... [2]) this worked out fine as well.
Additionally Mel even brought us some snacks.

While Sec and Manuel were somehow fighting with sniffit and bison,
I tried again to get an apache from the FreeBSD CD, found the source
somehow, unpacked it and compiling did not work because of libcrypt.
Oh yes, there had been something. Out with the whole authentication stuff,
again, now it worked (yes, a -lcrypt in the Makefile could have done it
too, but why?). FeFe arrived suddenly with Debian cds but when he saw that
we already had FreeBSD CDs he gave them to the neighbour team. Shit :)
Ok, I somehow tried to get the apache configs right, no fun with a 9110
keyboard, the comiled-in paths were rather unusable and I was creating
a wild mass of symlinks when FeFe arrived and stated that we would flood
something. We? Flood? Pfft. We had no time for that.

Meanwhile Sec had given up on sniffit and built a tcpshow instead - a
tool that makes tcpdump packet output human readable. So we had a
primitive sniffer consisting of tcpdump | tcpshow up and running that
was to get us some passwords of the other teams - and even did. The
first thing that we thought of to do with them - the other's had no
ftp server running yet - was a little shellscript with netcat, that
connected every second to their pop3d and sent "DELE 1". This should
delete eventually arrived mail before the gameserver could get it -
but unfortunately the server did not send any mail. Neither to us nor
to the other teams. Our qpopper was immune to that attack of course -
it did not know DELE anymore, we had replaced that with the help of
vim -b (the true and only binary editor, or what do you use to patch
your cookies out of your netscape?) with ____, in the ftp server with
__X_ btw - if somebody found out one, he would not have known the
other one. :))

Just as we wanted to start to compile named from the FreeBSD CDs, we
were given the Debian binary cd (We didn't want the source cds we were
offered before, we had enough sources :), and installed the bind
package from there (Debian? I typed dpgk and threw an asking look to
the audience when someone told me the paramter -i :), and since it was
so nice, the apache as well (which showes that the bending of the
rules using the serial handy console did not help us in the end - but
I had almost finished installing apache ;). The configuration of bind
was done fast (after the clarification on another question about the
rules) and we were the first to have the third service up and running.
With ping, ftp and named our score chart was growing (too seldom
visible at that time of the match in my opinion :)) faster than any
one of the other teamsm, and we calmed down a bit - at least the goal
not to embarrass ourselves was reached :)

Somewhen around then we implemented our "IDS" as well - ok, we wrote
'*.* /tmp/allog' into syslog.conf and started a tail -f on it on one
of the virtual consoles. Actually less to recognize attacks but in the
hope to finally get some logs from our stupid exim - /var/log/*mail*
was actually rather empty and nobody of us knew exim :) But it did not
help, at least we saw named-xfers from the gameserver and things like
that from time to time.

Now, since there was a bit of time, we took care of the apache who
was already logging requests of the gameserver to a file /ip -
ok, we created it and wrote our ip into it. Then we realized that this
was not documented in the rules[6], the gameserver should have ftp-ed
a file into the home dir of the user and gotten it later on via http,
but nothing of that happened. Instead after a while we had somehow a
whole bunch of apache processes running, what the heck? :) Yep, from a
spoofed ip as well. Hm, our ftp was not working anymore, too, somebody
must have started to like DoS attacks, how evil, but the name
DeatchMatch does imply that somehow :)

The principle of the DoS was obvious, our ftpd was started by inetd
and this one stops the service when used too much. After reading a bit
in the manpage we increased the values that wouldn't have helped
against a fierce attack, but this one was not that evil and our ftp
was running well again - we had been lucky :). In order to give an
adaequate answer, Sec wrote something like that as a shellscript
consisting of while true and netcat - and really, the ftpd of the
agressor was down for 5 minutes each time we ran it. The fun we got
from that was not that big, since their ftpd did not score anyway, it
seemed to be not running correctly yet. The other running ftpd was not
impressed by this primitive mass connecting, well, that would have
been too easy.

For the apache the same thing was true, the attacker connected so many
times that the configured max_connections were reached and then the
gameserver had no chance to get its file anymore. This could have been
all the same to us since we had not gotten a single point for http
even though it was running correctly, in our opinion. The gameserver
was just not behaving according to the documentation. But we changed
the maximal values in the httpd.conf. Ok, a HUP to the server and
let's look what this did.  Hmm, I should better not tell what happened
then, but it was actually rather funny and one should not hide the
mistakes one does. Ok, anyway, the machine was getting slower and
slower and before we could do something, we got "no more processes"
and "unable to load interpreter" and things like that on the screen.
Oh oh. Sec had selected a maximum 1500 processes, I had not stopped
him and that was actually a /bit/ to much for the machine. So we
unplugged the ethernet cable, waited a bit, pressed the power switch -
Oh, ATX - pressed the powerswitch a bit longer, ah, machine down,
powerswitch again, oh, it resumed - power plug pulled. Ok, now we
selfLARTed ourselves really.  fsck. When the machine then said
"deleting files in /tmp", Sec's face got a surprised look and he told
me that he had compiled our tcpshow there - I don't say anything about
that now, but that was the end of our primitiv sniffer - at least we
had some usernames and passwords written down on paper :), and Sec got
the tcpshow source sometime later from the FreeBSD-CD again and
compiled it this time unter ~root/ :)

When the machine was up again, we had to do some restaurating first.
Load the ethernet module, run the ifconfig script, create the ip alias
again... We were just doing that when one of the game leaders came...
"Show me your ipfwadm rules" (Firewalling was strictly forbidden).
"Huh? We don't have something like that". "They over there say you
would firewall them". Hmm. Oh. Ahh. Oh sure. We showed the unplugged
ethernet cable to the game laeder, he showed it to the team that had
complained about us and this team showed us an expression on the face
that you cannot describe with words. Ever so funny. At least that was
worth all that. But anyway, after having changed the apache config to
more sensible values, we plugged the ethernet back in, our nice lead
had suffered enough from this action, especially since another team
had his named running by now - but no ftpd yet, so we were still the
only team with 3 running services.

Then finally there was an answer to our complaint that the gameserver
was not doing the promised http-checks - which said that our apache
would not answer. Could not be. Oh. Oops. Maybe we should have
restarted it after the reboot :). But did not change the fact that the
promised requests were still not coming, instead again and again the
/ip file and the spoofed requests of the DoS attacks.

Hm, when we looked at our "IDS" console after that, we realized that
there had been no named-xfers to the gameserver anymore, and when
looking at the chart we saw that our advantage was getting a bit
smaller. Hmpf. The named had died. According to the log someone had
flooded it with request but we thought that should not really make it
terminate and we decided that we had to look closer at this later on
but that for the moment, a restart would do it. Which was right, the
attack was running again but it took a rather long time for the named
to die again, so we just restarted it from time to time.

And then the same thing happend to us like to me now while writing the
article - it was getting a bit boring :)). We were mainly killing the
ftpd of the first team with our shell script and watching our named.
We could keep our advantage that way but it was not increasing since
another team hat now the three services running at well - unfortunately
the team whose ftpd we could not kill :)
Apart from that we thought that we had all required services implemented,
but nobody was getting any points for mail/pop, user-ftp/http and samba
(ugh yuck). The proxy was a bit pointless since no connections to the
outside were possible due to the resetter and the gameserver could not
test it that way. Even the requested CGI was roughly finished by Manuel
on a sheet of paper, but since the gameserver had never requested it we
didn't bother to type it in.

Sometime later Sec went to the mach leader and asked how long this was to
continue - and found out, that the duration was 5:23h - really, that
was even written down somewhere (had FeFe not said something about
2 hours? What a trickster). Anyway, we were approaching the end
and someone of the match leaders went around and asked, who wanted to
go on with the match. We found it a nice moment to stop, since we were
still leading :)

So this was the official end, everybody left it's place and looked
around to the other teams and talked a bit about the details. For
example we learned that the second connection resetter was no resetter
but a self-made SYN|ACK spoofer which is even nicer actually, since the
connected machine does not realize at once that something is going
wrong and keeps his connection table occupied with the finished
three-way-handshake up to the next timeout. Neat idea...

Manuel then still looked around a bit on our machine and finally found
out where the exim logfiles were hidden - and in them the most remarkable
attack to our system. Somebody hat uploaded via our user-ftp a .forward
for the user containing something like:

| perl -e 'while(1){fork;}'

...if perl had been in the PATH of the exim-environment, this would
have been /really/ bad and I'm not sure how fast we would have found
that under stress. .forward! This one we could have thought about!
But since the others all had their user-ftp not really running (or
in the case of the first team rather against the rules forbidden for
the others), we had not been in the situation to use that kind of
attack und had not thought enough about what it is possible to do
with uploaded files in the user home.

Anyway, it was getting light outside and all we wanted was to get
in our tent and sleep a bit before it was too hot to do so, as a
radio reporter of the camp radio stopped us :) I hope that nobody
has listened to this :-%. For those, who have heard it though: that
was the second try, the first one went wrong somehow due to a wrongly
connected cable to /dev/null and was much better :)

OK, so long and thanks for all the fish, r@y[3][7]

[1] the story to that: I entered a password and Debian complained
that this was too easy. Sec looked sternly at me and I told him,
the password was "secure", but that would do for the moment and was
better than none at all :) After having read that article, Sec said
something like "aaaargh" - he had understood that as the statement
that the password was secure :). Now I understand why he has always
handed me the keyboard for the opening of new consoles even though
I had told him the password :)))
[2] As we have learned now, another team had even more problems with
that - due to international members they had to change the keymap
according to the person who used it over and over.
[3] and Sec, who was so nice to have read and corrected this a bit[4]
[4] most possibly there are still some spelling errors in there but
at least the run of events should match reality :)
[5] Manuel actually always carries a disc with postfix with him since
the deathmatch
[6] Actually a nice idea to have the gameserver do tests that the
players have to find out themselves by reading the logs :)
[7] And Mel who has translated it into English [3]

Stefan `Sec` Zehl 25.Aug.1999, 21.Jan.2003