Inviting access might be considered an "attractive nuisance", but simply
setting up a stock install without locking down everything in inetd,
updating older versions of software, etc. is another matter. Hard to argue
that you used a deliberately inexpensive lock instead of a good deadbolt
vs. publicizing a weak system and inviting attention.
I think bait systems are a good idea; anything that delays an intruder
without giving them any additional foothold increases your chances of
catching them before they do real damage. Setting up a fake password file
in a chroot jail, using CRACK-able passwords, and then logging the failed
uses of the fake passwords works like a charm, and downloading, cracking,
and using a password file IS trespass, as oppossed to port scans, which
may not be interpreted as such.
I haven't set up a BO'd system as bait yet; anyone have any experiences to
share there?
-r.w.
On Wed, 21 Jul 1999, Bryan Andersen wrote:
> Rabid Wombat wrote:
> >
> > This is why setting up a "bait" system with a chroot "jail" is a good
> > idea. If you can't nail them for probing, you get a chance to nail them
> > for hacking into the (deliberately weakened) system, and have logs to show
> > what they try to do from there. Probing may be akin to rattling the
> > doornob to see if it's locked, but hacking the bait system is B&E.
>
> I've always wondered how these would fair under the socalled
> "attractive nuisance" laws. As an example, in many municipalities
> it's against the law to leave your home or building unlocked while
> it is unoccupied. This is to remove "attractive nuisances" so
> burglers are less likely to come visiting in the area. I wonder
> how this fits in with the net? Is not setting up security
> infrastructure like firewalls and passworded access construable
> as providing an attractive nuisance?
>
> My personal opinion is that bait machines are there for crackers
> to trip over and reveil themselves. Once you've spotted them,
> Let the cops follow them to the real systems that they are breaking
> into.
>
> --
> | Bryan Andersen | [EMAIL PROTECTED] | http://softail.visi.com |
> | Buzzwords are like annoying little flies that deserve to be swatted. |
> | -Bryan Andersen |
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
