Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

RE: RE: (atl: Legitimate uses) RE: Echo off in IO::Sockets

by isotope (Chaplain)
on Aug 15, 2000 at 04:20 UTC ( #27850=note: print w/replies, xml ) Need Help??


in reply to RE: (atl: Legitimate uses) RE: Echo off in IO::Sockets
in thread Echo off in IO::Sockets

This is probably a stretch, but it could be used as a honeypot that not only keeps a script kiddie busy, but also gives the administrator some idea of what kind of attack is being attempted (raw brute force, dictionary attack, etc). That being said, I also feel uneasy about the original question. Just my thoughts...
  • Comment on RE: RE: (atl: Legitimate uses) RE: Echo off in IO::Sockets

Replies are listed 'Best First'.
(Ozymandias) RE: RE: RE: (atl: Legitimate uses) RE: Echo off in IO::Sockets
by Ozymandias (Hermit) on Aug 15, 2000 at 07:06 UTC
    I thought about that, but if it were to be used as a honeypot security system, it would be reasonable to log the hostname and username - not the password.

    - email Ozymandias
      Like I said, logging the password would give the sysadmin a better idea of what kind of attack is underway -- are the passwords just incremental alphanumerics, or a dictionary list, or a list of usernames? Does it look like the work of a well-known rootkit? Things like that...

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://27850]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (8)
As of 2020-06-04 17:46 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Do you really want to know if there is extraterrestrial life?



    Results (35 votes). Check out past polls.

    Notices?