> The next warning is stay off IRC or other places where "hackers" hang out. They think it's funny to hand you commands that can destroy your computer. The command rm -rf / is a classic that you must never type. Just avoid them. If you need help, make sure you get it from someone you trust not from random idiots on the internet.
I don't really agree with that. I know for sure that popular channels in OFTC and Freenode are monitored by very smart and responsible people that would never let this happen. In my many years on IRC I have not seen a single novice guy looking for help actually get had by someone intentionally trying to mislead/screw over.
I would instead encourage novices to read this:
http://catb.org/~esr/faqs/smart-questions.html#usefora ('How To Ask Questions The Smart Way: Web and IRC forums directed towards newbies often give the quickest response')
My first experience on IRC was looking for help with my first Linux install. Someone in the channel telnet'd into my computer and wiped my hard drive while I was chatting.
I was 9 or 10 years old at the time and my root password was one of those common strings (12345, abcde, I don't remember at this point). It had taken me 3 days to learn how to download Linux, make a stack of installation floppies, find and use partitioning tools, install Linux and set up a boot loader, etc. I cried when I realized what had been done to me.
This being more than a decade and a half ago, I doubt it was a drive-by script. I was dialed into AOL on a 4 letter screen name. I had just informed a channel of Linux users, who knew my public IP, that I had just installed Linux for the first time. The chances it wasn't someone from that IRC channel are near zero.
Yep, it was common to watch new folks join a help channel, and as soon as you saw that root@host identity, the level of shenanigans would jump through the roof.
I didn't say it wasn't. And given the malicious activity (most scripted attacks, especially today, prefer to make productive use of your system) that's a likely explanation.
But scripted or not, someone did you a favor.
For a reference point, a (very technical) friend at a large tech company had to fire up a fresh Windows VM in order to complete some Windows/IE-only internal web app form.
He was p0wned within 5 minutes. On the corporate LAN. Stats I've seen are that an unpatched WinXP box (pre-SP2) was getting p0wned within 15 seconds, on average by the mid/late oughts. Scripted attacks are that fast and easy.
Scanning an IP range for open telnet ports (n00b move #1) and attempting root logins on same (n00b move #2) with weak passwords (third strike) is pretty trivial. Could have been another AOL user, could have been someone's IRC bot / autoattack.
While not blaming the victim, you discovered (on a freshly installed, no-real-data-present-yet box, hence, very inexpensively) that You Don't Do That[tm].
So: stop crying over this and put on your Big Boy pants. That asshole did you a favor. Really.
I am saying that, yes, he did something stupid and got spanked for it.
I'm also saying (and in my highly downvoted follow-up providing additional examples of) that it's reasonably if not highly plausible that the attack was wholly scripted and automated.
I've been burned myself -- by systems stuff as well as meatspace events. Very often the key finding of a particular experiment is "don't do that".
I have seen on some IRCs people writing 'sudo rm -rf /*" etc. (not as advice, but as a joke,) but that person is always promptly kicked out and everyone in the channel tries to warn others.
The author's view is definitely too pessimistic. Most people on IRCs like Freenode aren't evil 'hackers' out to 'hack' you (this reminds me of an episode of Numb3rs.) Other smaller IRC servers can get rowdy, but I've yet to see that on Freenode et al.
I think much better advice would be to not randomly execute crap you see online without knowing what the program is and does, especially in root.
A few days ago I decided to pick up a bash book from O'reilly and, truth be told, the guys in a room in Freenode knew how to help me in any question I made, no matter how silly I might felt for even asking (specifically I remember asking them about case insensitive shell expanding of wildcards which ended up being a locale issue in my installation).
That doesn't mean that they're all saints, I just find it comforting that there are people out there who will gladly assist a complete stranger (in my case, me).
I think the exact opposite advice would actually be more proper. Newbies probably don't often even know about IRC, but it can be a great way to get exposed to some really cool stuff.
I don't really agree with that. I know for sure that popular channels in OFTC and Freenode are monitored by very smart and responsible people that would never let this happen. In my many years on IRC I have not seen a single novice guy looking for help actually get had by someone intentionally trying to mislead/screw over.
I would instead encourage novices to read this: http://catb.org/~esr/faqs/smart-questions.html#usefora ('How To Ask Questions The Smart Way: Web and IRC forums directed towards newbies often give the quickest response')