Date: Wed, 09 Aug 2000 13:15:59 -0500 From: Jon <jon@state.net> To: David Daugherty <doc@wcug.wwu.edu> Cc: questions@FreeBSD.ORG Subject: Re: fake telnet Message-ID: <39919FDF.779F7BB4@state.net> References: <Pine.LNX.3.96.1000809103900.11190A-100000@sloth>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello David, There are 'honey pot' servers available for luring people into your system, but think about a couple things: > Has anyone written a configurable fake telnet program? The idea I had was > to copy my own version of telnet over the installed ver. so that I could > see what these system crackers are attempting on my system. Right now I > have telnet and ftp turned off and having portsentry notify me when > someone trys to access these ports. I only have an @home connection and 1) Even though the servers I've seen look benign, what if they had an exploit, which would open up your system, and really make it exploitable... 2) Why do you want the extra bandwidth being used by these people, unless you have bandwidth to burn? > I'm wondering where all these crackers are finding my IP from. 3) The IP is probably found by people that understand what bridge group IP ranges or PPP pools are available for DSL or dialup connections. This isn't that hard, since many ISP's use host names that usually have ppp, dialup, 33k, 56k, dsl, or some other indicator. Once that is found, they usually scan that subnet for holes, because, unlike many people on this list (there's probably a couple black hatters, though ;), they have way too much time on their hands :-) HTH Jon > > David > Software Engineer - NetManage > Work email: david.daugherty@netmanage.com > Home email: doc@wcug.wwu.edu > ICQ 21106703 > Washington State Resident > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39919FDF.779F7BB4>