OT : an end to script kiddies
Steven J Lamb
redhattedsheep at adiis.net
Mon Mar 20 16:40:02 UTC 2006
this may not be an end to script kiddies and in fact someone has probably
already done this but I figured I would pass on this idea to people to see
if there is anything like this out there.
lets make the assumption that when a script kiddie bangs on your machine
that it uses the same set of passwords each time. or at least an expanded
set of passwords. which means that once one has logged onto your machine you
have the password to the machine it is attacking from.
lets also assume that a script kiddie is not what I will call a root script.
which is the originating machine which has not been hacked.
lets also assume that there is a way to make a mock shell that will allow
them to log in and dump their script kiddie files and attempt to execute it.
if all of those hold the following should be possible. a script kiddie
attacks and logs into my very easily breakable machine root/password login.
they transfer the kiddie, at this point we start a reverse attack. once we
have logged in we identify the script kiddie process and kill it. we then
delete the script and send an email to root notifying them that they were
hacked, attacking our server and cleaned my our server. notify them of some
online info on how to secure themselves. then we can kick back and call it
beer thirty.
any thoughts.
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.2.5/284 - Release Date: 3/17/2006
More information about the fedora-list
mailing list