Banned countries (was Re: [oclug]why firewall?)
Gordon Dey
Gordon.Dey at basement.igs.net
Sat Nov 30 08:40:30 EST 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On November 30, 2002 01:34, Francis J. A. Pinteric wrote:
[edited]
> is there any way to attract an attack? In the wild there are certain
How about responding to a scan with the fingerprint of a dos or windows 95
machine?
Try nmap (or nmapfe for the graphical front-end) from your linux box, have it
guess the os-type of the "victum" machine. Arrange it so that it comes back
with the desired fingerprint. I recall there was an article in a Linux
Journal not that long ago about how to use netfilter to mislead. Also, via
freshmeat, is the honeyd project. Again, it makes it look like there's a
machine on your network, that attracts attention because it appears to have
it's front door open.
- --
73 Gord.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE96L/VtsJ/KnFPttMRAqtTAKCvfS1og32bPjBAwHsZYhM9+4Ex+ACfVN9J
3TNKfNwPnU9clt2HU6SEIQg=
=HG4q
-----END PGP SIGNATURE-----
More information about the OCLUG
mailing list