On Fri, 4 Jan 2002, Benjamin Scott wrote: > Worse still, if you do something wrong, you risk discovery and/or further > compromise of the system, including the attacker doing something nasty, like > zeroing your partition table.
True... But I just want to see something like this scroll past his screen... $ telnet comrpomised.machine.foo 999 Password: ****** [EMAIL PROTECTED]:Linux$ ls Error: insufficient privelages [EMAIL PROTECTED]:Linux$ whoami root [EMAIL PROTECTED]:Linux$ echo $SHELL /bin/bash [EMAIL PROTECTED]:Linux$ cd / Error: insufficient privelages [EMAIL PROTECTED]:Linux$ huh? BUSTED. NO CARRIER. Ahh... but I can dream, can't I? Especially if my trap is emailing the logs to an off-site location and as soon as the script executes successfully, it adds the intruder's IP to /etc/hosts.deny..... > The only safe way to create a "honey pot" or "fly trap" is by creating a > duplicate system, with all important data removed or replaced, and isolated > from other systems. True... but I don't have the hardware for that. > Read _The Cuckoo's Egg_ by Clifford Stoll. I think I will after I catch up on the list I already have... <G> Brian --------------------------------------------------------------- | [EMAIL PROTECTED] Spam me and DIE! | | http://www.datasquire.net | | Co-Founder & Co-Owner of | | Data Squire Internet Services | --------------------------------------------------------------- ***************************************************************** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *****************************************************************
