Script Kiddie tarpit wanted
From: Alan Frisbie (Usenet02_REMOVE_at_Flying-Disk.com)
Date: 03/31/05
- Next message: Colin Butcher: "Re: TCPIP SHOW ROUTE"
- Previous message: Paul Sture: "Re: cloning a system disk"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 31 Mar 2005 08:45:45 -0800
Since I like to have remote Internet access to my VMS system,
I have my firewall forward SSH packets to it.
However, every day or so, I am alerted by the beeping of
OPCOM messages that someone is making repeated login attempts.
I am not worried about them getting in, but I find their
feeble attempts annoying.
I am thinking of creating captive accounts that these script
kiddies would be likely to try (root/<null>, guest/guest,
god/god, etc.). The captive procedure should appear to be
some variant of Unix, appear to sort-of work, while wasting
as much of their time as possible. Meanwhile it should
log everything to a file for my later amusement. (Yes, I'm
that sick!)
I seem to recall that someone created such a DCL procedure
years ago, but I can't seem to find it. Can anyone point
me to something that would give me a start on this project?
Along the same line, is there any way I can find out what
username/password combinations these kiddies are trying?
Accounting doesn't seem to provide anything.
Thanks,
Alan
- Next message: Colin Butcher: "Re: TCPIP SHOW ROUTE"
- Previous message: Paul Sture: "Re: cloning a system disk"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
