Re: OT : an end to script kiddies
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Steven J Lamb wrote:
this may not be an end to script kiddies and in fact someone has
probably already done this but I figured I would pass on this idea to
people to see if there is anything like this out there.
lets make the assumption that when a script kiddie bangs on your machine
that it uses the same set of passwords each time. or at least an
expanded set of passwords. which means that once one has logged onto
your machine you have the password to the machine it is attacking from.
lets also assume that a script kiddie is not what I will call a root
script. which is the originating machine which has not been hacked.
lets also assume that there is a way to make a mock shell that will
allow them to log in and dump their script kiddie files and attempt to
execute it.
if all of those hold the following should be possible. a script kiddie
attacks and logs into my very easily breakable machine root/password
login. they transfer the kiddie, at this point we start a reverse
attack. once we have logged in we identify the script kiddie process and
kill it. we then delete the script and send an email to root notifying
them that they were hacked, attacking our server and cleaned my our
server. notify them of some online info on how to secure themselves.
then we can kick back and call it beer thirty.
any thoughts.
But supposing:
Unfortunately, due to a couple of slight coding errors, the file that
gets deleted isn't the script kiddie's script but the system password
file or the kernel, and the amount of network traffic generated by the
"good" program dwarfs the traffic caused by the kiddie script, hence
making things worse than they were to start with. Police are called in,
and the originator of the clean-up script finds himself sharing a cell
with Bubba...
Paul.
[Index of Archives]
[Current Fedora Users]
[Fedora Desktop]
[Fedora SELinux]
[Yosemite News]
[Yosemite Photos]
[KDE Users]
[Fedora Tools]
[Fedora Docs]
