2009/10/21 Jim Halfpenny <[email protected]>: > 1. Listen with an apparently vulnerable service on a standard port > that's actually a dumb banner server > 2. Ignore any exploit attempts and let skiddies keep retrying ad infinitum > 3. ???? > 4. PROFIT!
I've been meaning to build something like this into my site. Have a sql injection page that return canned info. Was thinking of choosing a random db server per attacker so some would get mssql others mysql. Maybe even give different languages, see if people notice. > > Kind of like la brea but instead of a TCP tar pit send a response that > look like a sucessful exploit but is a pre-crafted packet. Head meets > brick wall. Repeat. > > Jim > > On 21/10/2009, Adrian Crenshaw <[email protected]> wrote: >> Oh, I just thought of another one, when they attempt to hack your site and >> fail, have clippy pop up and offer advice. I implemented that on my site >> awhile back just for kicks and to learn about PHP-IDS: >> >> http://www.irongeek.com/i.php?page=%27%20or%201=1%20-- >> >> Adrian >> >> >> >> On Tue, Oct 20, 2009 at 9:34 PM, John Strand <[email protected]> wrote: >> >>> Dear god..... >>> >>> Go with it. >>> >>> john >>> >>> On Wed, Oct 21, 2009 at 5:55 AM, Adrian Crenshaw >>> <[email protected]>wrote: >>> >>>> I'm wanting to go to Shmoocon next year, but the only way I can see to >>>> afford it is to be a speaker. That, and being able to get ticks can be >>>> tough. I've submitted some talks a few months ago, but I just submitted >>>> this >>>> one today, let me know if you have ideas to add: >>>> >>>> Title/Abstract/Details: >>>> Funnypots and Skiddy Baiting >>>> Ever wanted to screw with those that screw with you? Honeypots might be >>>> ok >>>> for research, but they don’t allow you to have fun at an attacker’s >>>> expense >>>> the same way funnypot and skiddy baiting does. In this talk I’ll be >>>> covering >>>> techniques you can use to scar the psyche or to have fun at the expense >>>> of >>>> attackers or people invading your privacy. Some of the topics to be >>>> covered >>>> are: >>>> Fun with DNS and Loopback >>>> SWATing for Packets >>>> Lemonwipe your drive >>>> Robots.txt trolling >>>> And more… >>>> >>>> More details: >>>> “Fun with DNS and Loopback” is about making people attack their own host, >>>> but doing it in a way that is less obvious than telling them “my IP is >>>> 127.0.0.1”. >>>> >>>> “SWATing for Packets” is similar to the above, but you set the DNS entry >>>> to point to an NSA/FBI/Whitehouse IP address. >>>> >>>> “Lemonwipe your drive” why wipe your drive with all zeros or random data >>>> when you can have a million copies of lemon party for an examiner to >>>> find. >>>> >>>> “Robots.txt trolling” go look at the one at irongeek.com, you will get >>>> the idea. >>>> >>>> I hope to add more items as I think of them. >>>> >>>> Previously presented at: This would be the first time. >>>> >>>> Facilities: Power and a projector that accepts VGA input. >>>> >>>> _______________________________________________ >>>> Pauldotcom mailing list >>>> [email protected] >>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>> Main Web Site: http://pauldotcom.com >>>> >>> >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >> > > -- > Sent from my mobile device > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
