| 1 |
Brian Micek wrote: |
| 2 |
> I don't think you understand what I'm proposing. I am currently cat |
| 3 |
> (1)ing /dev/urandom on TCP port 22 in hopes to discourage hackers who |
| 4 |
> attempt to break into my system. Its beyond me how this is treading on |
| 5 |
> dangerous ground, what systems I'll endanger or what is morally wrong |
| 6 |
> with doing this. Brian Micek |
| 7 |
> |
| 8 |
> On Sat, 2005-11-05 at 15:19 -0500, William Yang wrote: |
| 9 |
> |
| 10 |
> |
| 11 |
>>agenci |
| 12 |
> |
| 13 |
> |
| 14 |
|
| 15 |
How is what are you planning to do any different from me hosting a |
| 16 |
website that attempts to exploit vulnerable web clients? Am I not |
| 17 |
responsible for hosting what could be considered hostile content? Are |
| 18 |
you responsible for damages to my machine if your /dev/urandom causes me |
| 19 |
undo downtime? |
| 20 |
|
| 21 |
You may think that this situation is different than the web example |
| 22 |
above, but in reality they are quite similar. You can't know with 100% |
| 23 |
certainty that the person requesting resources is a hacker and |
| 24 |
attempting to crash their client is what most would consider a hostile |
| 25 |
action. |
| 26 |
|
| 27 |
We all realise that there are people who do dumb crap like ssh scanning. |
| 28 |
However, I seriously doubt doing anything like this is going to help |
| 29 |
your situation; or hinder theirs. In the end you will waste bandwidth |
| 30 |
and cpu cycles and as the other poster mentioned, if they are smart |
| 31 |
enough to realize what is going on they can probably DoS your machine |
| 32 |
with it. |
| 33 |
|
| 34 |
Just keep your ports closed, or keep them open and monitor the activity. |
| 35 |
No need to go pissing the scanners off and give them a reason to spend |
| 36 |
more time on your systems anyway. |
| 37 |
|
| 38 |
-Alec Warner (Antarus) |
| 39 |
-- |
| 40 |
gentoo-security@g.o mailing list |
Archives