Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Alec Warner <warnera6@...>
Subject: Re: SSH probes
Date: Sat, 05 Nov 2005 16:41:58 -0500
Brian Micek wrote:
> I don't think you understand what I'm proposing.  I am currently cat
> (1)ing /dev/urandom on TCP port 22 in hopes to discourage hackers who
> attempt to break into my system.  Its beyond me how this is treading on
> dangerous ground, what systems I'll endanger or what is morally wrong
> with doing this.   Brian Micek
> 
> On Sat, 2005-11-05 at 15:19 -0500, William Yang wrote:
> 
> 
>>agenci
> 
> 

How is what are you planning to do any different from me hosting a
website that attempts to exploit vulnerable web clients?  Am I not
responsible for hosting what could be considered hostile content?  Are
you responsible for damages to my machine if your /dev/urandom causes me
undo downtime?

You may think that this situation is different than the web example
above, but in reality they are quite similar.  You can't know with 100%
certainty that the person requesting resources is a hacker and
attempting to crash their client is what most would consider a hostile
action.

We all realise that there are people who do dumb crap like ssh scanning.
 However, I seriously doubt doing anything like this is going to help
your situation; or hinder theirs.  In the end you will waste bandwidth
and cpu cycles and as the other poster mentioned, if they are smart
enough to realize what is going on they can probably DoS your machine
with it.

Just keep your ports closed, or keep them open and monitor the activity.
No need to go pissing the scanners off and give them a reason to spend
more time on your systems anyway.

-Alec Warner (Antarus)
-- 
gentoo-security@g.o mailing list


Replies:
Re: SSH probes
-- Brian Micek
References:
SSH probes
-- Brian Micek
Re: SSH probes
-- William Yang
Re: SSH probes
-- Brian Micek
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: SSH probes
Next by thread:
Re: SSH probes
Previous by date:
Re: SSH probes
Next by date:
Re: SSH probes


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.