1 |
Brian Micek wrote: |
2 |
> I don't think you understand what I'm proposing. I am currently cat |
3 |
> (1)ing /dev/urandom on TCP port 22 in hopes to discourage hackers who |
4 |
> attempt to break into my system. Its beyond me how this is treading on |
5 |
> dangerous ground, what systems I'll endanger or what is morally wrong |
6 |
> with doing this. Brian Micek |
7 |
> |
8 |
> On Sat, 2005-11-05 at 15:19 -0500, William Yang wrote: |
9 |
> |
10 |
> |
11 |
>>agenci |
12 |
> |
13 |
> |
14 |
|
15 |
How is what are you planning to do any different from me hosting a |
16 |
website that attempts to exploit vulnerable web clients? Am I not |
17 |
responsible for hosting what could be considered hostile content? Are |
18 |
you responsible for damages to my machine if your /dev/urandom causes me |
19 |
undo downtime? |
20 |
|
21 |
You may think that this situation is different than the web example |
22 |
above, but in reality they are quite similar. You can't know with 100% |
23 |
certainty that the person requesting resources is a hacker and |
24 |
attempting to crash their client is what most would consider a hostile |
25 |
action. |
26 |
|
27 |
We all realise that there are people who do dumb crap like ssh scanning. |
28 |
However, I seriously doubt doing anything like this is going to help |
29 |
your situation; or hinder theirs. In the end you will waste bandwidth |
30 |
and cpu cycles and as the other poster mentioned, if they are smart |
31 |
enough to realize what is going on they can probably DoS your machine |
32 |
with it. |
33 |
|
34 |
Just keep your ports closed, or keep them open and monitor the activity. |
35 |
No need to go pissing the scanners off and give them a reason to spend |
36 |
more time on your systems anyway. |
37 |
|
38 |
-Alec Warner (Antarus) |
39 |
-- |
40 |
gentoo-security@g.o mailing list |