tarpit - anti-scan software

fateswarm admin at www0.org
Sat Mar 29 22:10:04 EET 2003 

e ne more, yparxoun 1002 tropoi na kaneis security. to portsentry kanei
mia douleia. koitaei ports gia connections. mono auto kanei, mh
mperdeuesai apo kapoia pou lene. settareis pies ports 8es na prosexei,
an kapoia tin aggiksei kati, amesws tou les ti kanei, p.x. na balei
to ip sto hosts.deny h' na to perasei se DROP list me to iptables. 8elei
prosoxh se pia ports 8a baleis na koitaei.

p.x. to eixa na balei na koitaei kai ti finger kai ekana drop tous
misous irc servers.

pera apo ta fingerprints kai ta portsentry ta mono pou menoun einai ta
settings tou IPTABLES kai ta genikotera net settings mesa sto /proc

exei diafora pragmata na dokimaseis, opws p.x. to icmp flood, pou
ginetai sinithos me ping -f. Ta perissotera apo auta ta mikra pou einai
endiksh epi8eshs - exei apodiksh omws - mporoun na ginoun LOG me to
IPTABLES.

Kati pera apo autade mporw na skeftw tora, alla fantazomai 8a einai
eukolo me liges gnoseis se c kai ligo diabasma sto networking tou linux
kernel na kaneis dika sou tools.

On Sat, Mar 29, 2003 at 03:05:09PM -0500, Alexandros Papadopoulos wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Saturday 29 March 2003 14:36, fateswarm wrote:
> <snip>
> > ase pou, 8a arxisei o kosmos na anarwtietai, "ti diaolo, trexei
> > apache se spectrum zk? POY?" 
> 
> HAHAHHAHA! :-)
> 
> Loipon eimaste ektos 8ematos - to 8ema *den* einai to IP personality 
> patch. 
> 
> To 8ema einai to sok tou na eisai attacker pou psaxnei ena isxno fwtaki 
> gia na tou epite8ei, kai na sou parousiazoun ena katafwto 
> xristougenniatiko dentro. Ayto 8elw na dokimasw.
> 
> O Giwrgos eipe oti to portsentry mporei na to kanei ayto, alla den blepw 
> kati tetoio sta reviews (ase pou den briskw to portsentry to idio, ma 
> ti egine, agorase h Cisco thn Psionic kai skotwse to project? 
> Katarameno proprietary sw!)
> 
> Oso gia to restriction pou anaferei o V13, (na briskeis ka8e stigmh ta 
> unused ports), oxi, den einai 8ema. Ftanei kai perisseyei na exeis kati 
> pou parousiazei ola ta well-known ports (otidhpote sto /etc/services 
> dhladh) open.
> 
> Etsi anoigeis "a can of worms" bebaia (SYN flood kaneis?), kai den 8a 
> synistousa me tipota na mpei tetoio systhma se server pou exei 
> pragmatikh douleia na kanei (px web/mail/DNS server), alla se ena 
> client machine pou 8elei na peiramatistei / sylleksei stoixeia network 
> activity, 8a htan poly endiaferon.
> 
> - -A
> - -- 
> http://andrew.cmu.edu/~apapadop/pub_key.asc
> 3DAD 8435 DB52 F17B 640F  D78C 8260 0CC1 0B75 8265
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
> 
> iD8DBQE+hfx1gmAMwQt1gmURAov8AJ9HVFqGRXcQ9G7AUMLDIopccLVUuQCfdAZu
> kYZeEhvUP7NS/20p9HxAROg=
> =tG84
> -----END PGP SIGNATURE-----

More information about the Linux-greek-users mailing list