your pathetic .. ----- Original Message ----- From: "Dave Korn" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Friday, March 03, 2006 4:59 PM Subject: [Full-disclosure] Re: reduction of brute force login attemptsviaSSHthrough iptables --hashlimit
> GroundZero Security wrote: > > Oh well...as i said its a QUICK script > > and not a PERFECT solution to the problem. > > The fact that you threw together this booby-trap in a few minutes does not > get you off the hook for the fact that it is a booby trap that you were > offering to other people. Given that the script is a deadly threat to > anyone's security who runs it, offering it around to them just is NOT "being > helpful" or "better than nothing". Remember, anyone who doesn't run this > script has no problem worse than annoying noise in their log files. Your > script solves the problem of annoying noise in the logs at the expense of > opening a massive remote execution vulnerability. That is NOT a worthwhile > tradeoff EVER. > > >I made it for personal > > use originally and it does its job..sofar i NEVER had problems with > > it and usually > > an attacker wont know you run it (i know thats not an execuse). > > HEY EVERYONE! SK IS RUNNING A VULNERABLE SCRIPT ON HIS BOX! LAST ONE TO > PWN HIM IS A SUXXOR! > > > cheers, > DaveK > -- > Can't think of a witty .sigline today.... > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
