Looking to have some fun with obnoxious 'net users and slow down their antics...? If so, I'm looking for a beta tester (or two or three :^) of my very simple HoneyPort which is a sticky port for those scumbags... :^)
Pierre Tired of getting spam retries after setting up anti-spam features? Got a spammer with a broken mailer who tries every 30 SECONDS to deliver the spam? Put in an IPTABLES filter, only to find the spammer won't go away; just keeps on wasting your bandwidth? YUP!! I experienced all the above... :^P So... I came up with the idea to create a "HoneyPort"... Inspired by Tom Liston's LaBrea TarPit; but only on the local host, and only for specific attackers. The idea is to shunt tiresome spammers/attackers and other network ne'er-do-wells to a HoneyPot Port (hence "HoneyPort"). Not looking to protect a subnet as Tom's LaBrea TarPit does; rather, slow down these jerks in a similar manner on the attacked host. For example, on March 7 & 8, 2002, a RedHat Linux box at 207.191.79.6 began an *incessant* attempt to deliver spam... Normally this would not be a problem; but this idiot box retried EVERY 30 SECONDS!! Even after add an iptables filter: iptables -A INPUT -s 207.191.79.6 -p tcp --dport 25 -j DROP this machine continued to try... I've had enough of this crap, so I thought about Tom Liston's LaBrea TarPit and wondered if the concept could be used to slow down this spammer too... see http://pfortin.com/Linux/HoneyPort/ for the code and setup... Not for the faint of heart... I still need to create a support script or two... besides, I made some changes and did not test them cuz it's late and I'm going to bed... :^)
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
