Actually, no one has resumed their "hacking" after I launch my anti-hacking script.
I'm happy with my method.
sampsa <sampsa at mac.com>
mobile +44 7961 149465
On 8 Jan 2014, at 23:08, Sampsa Laine <sampsa at mac.com> wrote:
They can try, none have succeeded so far. They're script kiddies / bots anyway.
sampsa <sampsa at mac.com>
mobile +44 7961 149465
On 8 Jan 2014, at 23:01, "Brian Schenkenberger, VAXman-" <system at TMESIS.COM> wrote:
Sampsa Laine <sampsa at mac.com> writes:
On 8 Jan 2014, at 22:30, Bob Armstrong <bob at jfcl.com> wrote:
I've seen idiots attacking ... via the SSH connection,=20
=20
FWIW, I've put all my public SSH ports on non-standard port numbers. =
It's
pretty much eliminated all the attacks.
=20
I think most of these attackers are bots and script kiddies, and they =
only
try the well known ports.
=20
Bob
=20
=20
=20
I personally run sshd in pubkey auth mode only, and when I see login =
attempts, I bombard the source IP with packets using nmap. Tends to stop =
them in about 30-90 secs.
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
Well I speak to machines with the voice of humanity.
On Wed, 8 Jan 2014, Brian Schenkenberger, VAXman- wrote:
Cory Smelosky <b4 at gewt.net> writes:
On Wed, 8 Jan 2014, Brian Schenkenberger, VAXman- wrote:
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
So long as that's not the only method of "security" used. Auto portscan
and quick telnet probe can find SSH on port 1337 instead of 22 with ease.
It's no security! It does, however, keep the persistent port scanners from
consuming system resources. On VMS, touching the ssh port will initiate a
process to handle the authentication and create a pseudo-terminal for each
instance of a possible ssh session. This wastes process slots and carves a
lot of memory from the NPP.
Ahhhhh. I get what you're saying. I wasn't thinking in a VMS sense.
That is certainly sensible.
--
Cory Smelosky
http://gewt.net Personal stuff
http://gimme-sympathy.org Projects
Cory Smelosky <b4 at gewt.net> writes:
On Wed, 8 Jan 2014, Brian Schenkenberger, VAXman- wrote:
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
So long as that's not the only method of "security" used. Auto portscan
and quick telnet probe can find SSH on port 1337 instead of 22 with ease.
It's no security! It does, however, keep the persistent port scanners from
consuming system resources. On VMS, touching the ssh port will initiate a
process to handle the authentication and create a pseudo-terminal for each
instance of a possible ssh session. This wastes process slots and carves a
lot of memory from the NPP.
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
Well I speak to machines with the voice of humanity.
They can try, none have succeeded so far. They're script kiddies / bots anyway.
sampsa <sampsa at mac.com>
mobile +44 7961 149465
On 8 Jan 2014, at 23:01, "Brian Schenkenberger, VAXman-" <system at TMESIS.COM> wrote:
Sampsa Laine <sampsa at mac.com> writes:
On 8 Jan 2014, at 22:30, Bob Armstrong <bob at jfcl.com> wrote:
I've seen idiots attacking ... via the SSH connection,=20
=20
FWIW, I've put all my public SSH ports on non-standard port numbers. =
It's
pretty much eliminated all the attacks.
=20
I think most of these attackers are bots and script kiddies, and they =
only
try the well known ports.
=20
Bob
=20
=20
=20
I personally run sshd in pubkey auth mode only, and when I see login =
attempts, I bombard the source IP with packets using nmap. Tends to stop =
them in about 30-90 secs.
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
Well I speak to machines with the voice of humanity.
On Wed, 8 Jan 2014, Brian Schenkenberger, VAXman- wrote:
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
So long as that's not the only method of "security" used. Auto portscan
and quick telnet probe can find SSH on port 1337 instead of 22 with ease.
--
Cory Smelosky
http://gewt.net Personal stuff
http://gimme-sympathy.org Projects
Sampsa Laine <sampsa at mac.com> writes:
On 8 Jan 2014, at 22:30, Bob Armstrong <bob at jfcl.com> wrote:
I've seen idiots attacking ... via the SSH connection,=20
=20
FWIW, I've put all my public SSH ports on non-standard port numbers. =
It's
pretty much eliminated all the attacks.
=20
I think most of these attackers are bots and script kiddies, and they =
only
try the well known ports.
=20
Bob
=20
=20
=20
I personally run sshd in pubkey auth mode only, and when I see login =
attempts, I bombard the source IP with packets using nmap. Tends to stop =
them in about 30-90 secs.
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
Well I speak to machines with the voice of humanity.
On 8 Jan 2014, at 22:30, Bob Armstrong <bob at jfcl.com> wrote:
I've seen idiots attacking ... via the SSH connection,
FWIW, I've put all my public SSH ports on non-standard port numbers. It's
pretty much eliminated all the attacks.
I think most of these attackers are bots and script kiddies, and they only
try the well known ports.
Bob
I personally run sshd in pubkey auth mode only, and when I see login attempts, I bombard the source IP with packets using nmap. Tends to stop them in about 30-90 secs.
I've seen idiots attacking ... via the SSH connection,
FWIW, I've put all my public SSH ports on non-standard port numbers. It's
pretty much eliminated all the attacks.
I think most of these attackers are bots and script kiddies, and they only
try the well known ports.
Bob
Hello!
The few times I've seen idiots attacking (or even trying to attack) my
(What else?) Linux setup via the SSH connection, I imagine them being
forced to walk across a desert, with limited supplies.
It definitely should be legal. I'm thinking defenestration.
-----
Gregg C Levine gregg.drwho8 at gmail.com
"This signature fought the Time Wars, time and again."
On Wed, Jan 8, 2014 at 1:52 PM, Brian Schenkenberger, VAXman-
<system at tmesis.com> wrote:
Dave McGuire <mcguire at neurotica.com> writes:
Yep...some little fucker hosed my network with exactly that bug
yesterday, but against a UNIX box.
It should be legal to kill these people.
... slow and painfully too!
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
Well I speak to machines with the voice of humanity.
