PaulDotCom mailing list archives

F'ing with SSH Goons

From: NSweaney at tulsacash.com (Nathan Sweaney)
Date: Tue, 9 Dec 2008 11:44:45 -0600

setup a VM and name it something like NORAD-CENTRAL.  Have the intro
message explain that this is a back up server for NORAD Central Command
and that only authorized individuals are allowed access.  Spend some
time & make it look really good.  Then create some really tempting PDF
files that are preconfigured metasploit exploits... you can probably
figure it out from there.   

________________________________

From: pauldotcom-bounces at mail.pauldotcom.com on behalf of Karl Schuttler
Sent: Mon 12/8/2008 10:11 PM
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] F'ing with SSH Goons



You could always figure out a way just to have ascii starwars play for
them.

On Mon, Dec 8, 2008 at 9:49 PM, adese <adese0 at gmail.com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hej all



So for fun yesterday I put ssh back on port 22 from my usual obscure
port. Within 5hrs I had someone dictionary attacking my box from the

UK

(surprise surprise it wasn't China).

Now I'm all about defense and generally not into inviting trouble,
however, I was wondering if there is anything fun you can do with

those

types.

I was thinking of creating a common user name with a blank passwd and
then sending a tty message to them after they went interactive,

because

honestly it would make me smile a lot just to see them logoff in

fright

after seeing me see them.

That is fun and all but does any one know of other fun stuff for
screwing with these jokers?




all the best

/adese
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (Darwin)

iEYEARECAAYFAkk93J8ACgkQSsV9wg1YVSIVOwCfYbEt0n7+LQUqQFpTbtIysFp0
REIAoL288FBwSm/UsHpvVDOq+aRGaFbm
=iriR
-----END PGP SIGNATURE-----
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com <http://pauldotcom.com/>

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com <http://pauldotcom.com/> 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081209/b66442dc/attachment.htm

Current thread:

F'ing with SSH Goons adese (Dec 08)
- F'ing with SSH Goons Karl Schuttler (Dec 08)
  - F'ing with SSH Goons Aaron Moss (Dec 08)
  - Message not available
    - F'ing with SSH Goons Nathan Sweaney (Dec 09)
    - F'ing with SSH Goons Dimitrios Kapsalis (Dec 09)
    - F'ing with SSH Goons Strzelec, Wally (Dec 09)
    - F'ing with SSH Goons Tim Krabec (Dec 09)
    - F'ing with SSH Goons Nathan Sweaney (Dec 09)
- F'ing with SSH Goons Matt Hillman (Dec 09)
- F'ing with SSH Goons Chris Merkel (Dec 09)
- F'ing with SSH Goons Mad Marv (Dec 09)
  - F'ing with SSH Goons Aaron Moss (Dec 09)
    - F'ing with SSH Goons Mad Marv (Dec 09)
    - F'ing with SSH Goons Joshua Wright (Dec 09)

(Thread continues...)