OT : an end to script kiddies

[Paul Howarth]

Steven J Lamb wrote:
> this may not be an end to script kiddies and in fact someone has 
> probably already done this but I figured I would pass on this idea to 
> people to see if there is anything like this out there.
> 
> lets make the assumption that when a script kiddie bangs on your machine 
> that it uses the same set of passwords each time. or at least an 
> expanded set of passwords. which means that once one has logged onto 
> your machine you have the password to the machine it is attacking from.
> 
> lets also assume that a script kiddie is not what I will call a root 
> script. which is the originating machine which has not been hacked.
> 
> lets also assume that there is a way to make a mock shell that will 
> allow them to log in and dump their script kiddie files and attempt to 
> execute it.
> 
> if all of those hold the following should be possible. a script kiddie 
> attacks and logs into my very easily breakable machine root/password 
> login. they transfer the kiddie, at this point we start a reverse 
> attack. once we have logged in we identify the script kiddie process and 
> kill it. we then delete the script and send an email to root notifying 
> them that they were hacked, attacking our server and cleaned my our 
> server. notify them of some online info on how to secure themselves. 
> then we can kick back and call it beer thirty.
> 
> any thoughts.

But supposing:

Unfortunately, due to a couple of slight coding errors, the file that 
gets deleted isn't the script kiddie's script but the system password 
file or the kernel, and the amount of network traffic generated by the 
"good" program dwarfs the traffic caused by the kiddie script, hence 
making things worse than they were to start with. Police are called in, 
and the originator of the clean-up script finds himself sharing a cell 
with Bubba...

Paul.