[clug] Stopping them at the door
steve
steve at smartfab.com.au
Mon Feb 14 02:48:25 GMT 2005
On Mon, 2005-02-14 at 11:15, Nigel Cunningham wrote:
> .... and you shouldn't say how long the password is on a mailing list
> like this - if a malicious person is reading these posts, they'd know
> not to waste their time trying other lengths.
>
Unless of course the hint about the N-character password was deliberate
misinformation ;)
Paul,
Seems like you are mostly concerned about locking your own home machine
down, and are a little intrigued perhaps by the minds behinds these
anonymous break in attempts.
Slowinng down brute force attacks can be done with iptables - see the
-limit option, which requires the ipt_limit kernel module.
The best way to slow down or stop break in attempts is to present them
with what they are after - a successful login attempt.
Or a perceived successful login at least. You might be interested in
building a honeypot - its good fun and highly educational. There are 2
types of honeypot - the simplest being a deliberately vunerable but
isolated machine with extensive logging. Allow it to be taken over and
study what gets done. (Good article here about that ...
http://www.security.org.sg/gtec/honeynet/viewdiary.php?diary=20041102)
Another much more fun type of honeypot is a case of building a fake
shell experience for the hapless third party. They will be back time and
time again to work out what the hell they have stumbled on, and you can
get very twisted in messing with their minds.
Just a thought.
More information about the linux
mailing list