[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: OT : an end to script kiddies



Steven J Lamb wrote:
this may not be an end to script kiddies and in fact someone has probably already done this but I figured I would pass on this idea to people to see if there is anything like this out there.

lets make the assumption that when a script kiddie bangs on your machine that it uses the same set of passwords each time. or at least an expanded set of passwords. which means that once one has logged onto your machine you have the password to the machine it is attacking from.

lets also assume that a script kiddie is not what I will call a root script. which is the originating machine which has not been hacked.

lets also assume that there is a way to make a mock shell that will allow them to log in and dump their script kiddie files and attempt to execute it.

if all of those hold the following should be possible. a script kiddie attacks and logs into my very easily breakable machine root/password login. they transfer the kiddie, at this point we start a reverse attack. once we have logged in we identify the script kiddie process and kill it. we then delete the script and send an email to root notifying them that they were hacked, attacking our server and cleaned my our server. notify them of some online info on how to secure themselves. then we can kick back and call it beer thirty.

any thoughts.

But supposing:

Unfortunately, due to a couple of slight coding errors, the file that gets deleted isn't the script kiddie's script but the system password file or the kernel, and the amount of network traffic generated by the "good" program dwarfs the traffic caused by the kiddie script, hence making things worse than they were to start with. Police are called in, and the originator of the clean-up script finds himself sharing a cell with Bubba...

Paul.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]