1 |
I'm very sorry for not describing what I'm doing in more detail |
2 |
resulting in all this wasted email. |
3 |
1. cat(1)ing /dev/urandom does not exploit any problems in an ssh |
4 |
client. Ssh is written well and the program will realize there is a |
5 |
problem on the TCP stream, describe the error and exit |
6 |
2. My goal is to discourage punk hackers from attempting to crack my |
7 |
networks. In order to do this, I'm experimenting with variations of |
8 |
invalid TCP streams on TCP port 22. |
9 |
3. I have no idea how people think this can hurt any network other than |
10 |
my own or any legitimate software product. |
11 |
|
12 |
I have to admit I'm angry at your attempt to argue a null issue. Your |
13 |
network shouldn't be connecting to my networks but, in case it does, the |
14 |
worse that can happen is a stream of random data will pass to your |
15 |
machine over one socket from a single host resulting in bandwidth usage |
16 |
on the lines of downloading a file. I postulated the hacking tool is |
17 |
not written well. |
18 |
|
19 |
Please lets forget about this thread because its going nowhere and once |
20 |
again, I apologize about all this spam. |
21 |
Brian Micek |
22 |
|
23 |
On Sat, 2005-11-05 at 16:41 -0500, Alec Warner wrote: |
24 |
|
25 |
> Brian Micek wrote: |
26 |
> > I don't think you understand what I'm proposing. I am currently cat |
27 |
> > (1)ing /dev/urandom on TCP port 22 in hopes to discourage hackers who |
28 |
> > attempt to break into my system. Its beyond me how this is treading on |
29 |
> > dangerous ground, what systems I'll endanger or what is morally wrong |
30 |
> > with doing this. Brian Micek |
31 |
> > |
32 |
> > On Sat, 2005-11-05 at 15:19 -0500, William Yang wrote: |
33 |
> > |
34 |
> > |
35 |
> >>agenci |
36 |
> > |
37 |
> > |
38 |
> |
39 |
> How is what are you planning to do any different from me hosting a |
40 |
> website that attempts to exploit vulnerable web clients? Am I not |
41 |
> responsible for hosting what could be considered hostile content? Are |
42 |
> you responsible for damages to my machine if your /dev/urandom causes me |
43 |
> undo downtime? |
44 |
> |
45 |
> You may think that this situation is different than the web example |
46 |
> above, but in reality they are quite similar. You can't know with 100% |
47 |
> certainty that the person requesting resources is a hacker and |
48 |
> attempting to crash their client is what most would consider a hostile |
49 |
> action. |
50 |
> |
51 |
> We all realise that there are people who do dumb crap like ssh scanning. |
52 |
> However, I seriously doubt doing anything like this is going to help |
53 |
> your situation; or hinder theirs. In the end you will waste bandwidth |
54 |
> and cpu cycles and as the other poster mentioned, if they are smart |
55 |
> enough to realize what is going on they can probably DoS your machine |
56 |
> with it. |
57 |
> |
58 |
> Just keep your ports closed, or keep them open and monitor the activity. |
59 |
> No need to go pissing the scanners off and give them a reason to spend |
60 |
> more time on your systems anyway. |
61 |
> |
62 |
> -Alec Warner (Antarus) |