PaulDotCom mailing list archives

F'ing with SSH Goons

From: tkrabec at gmail.com (Tim Krabec)
Date: Tue, 9 Dec 2008 13:51:17 -0500

denyhosts is pretty nice, I've been using it for a few years.  It just runs
:)

2008/12/9 Strzelec, Wally <wally at tamu.edu>

 I suspect that the hosts that you would be F'ing with are simply
compromised machines.  Since the administrators don't know that they have
been compromised, it is also unlikely that they will notice any retaliation.



http://denyhosts.sourceforge.net/



Work for me.

 -Wally



*From:* pauldotcom-bounces at mail.pauldotcom.com [mailto:
pauldotcom-bounces at mail.pauldotcom.com] *On Behalf Of *Dimitrios Kapsalis
*Sent:* Tuesday, December 09, 2008 12:03 PM

*To:* PaulDotCom Security Weekly Mailing List
*Subject:* Re: [Pauldotcom] F'ing with SSH Goons



hehe some war games

2008/12/9 Nathan Sweaney <NSweaney at tulsacash.com>

setup a VM and name it something like NORAD-CENTRAL.  Have the intro
message explain that this is a back up server for NORAD Central Command and
that only authorized individuals are allowed access.  Spend some time & make
it look really good.  Then create some really tempting PDF files that are
preconfigured metasploit exploits... you can probably figure it out from
there.


 ------------------------------

*From:* pauldotcom-bounces at mail.pauldotcom.com on behalf of Karl Schuttler
*Sent:* Mon 12/8/2008 10:11 PM
*To:* PaulDotCom Security Weekly Mailing List
*Subject:* Re: [Pauldotcom] F'ing with SSH Goons

You could always figure out a way just to have ascii starwars play for
them.

On Mon, Dec 8, 2008 at 9:49 PM, adese <adese0 at gmail.com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hej all



So for fun yesterday I put ssh back on port 22 from my usual obscure
port. Within 5hrs I had someone dictionary attacking my box from the UK
(surprise surprise it wasn't China).

Now I'm all about defense and generally not into inviting trouble,
however, I was wondering if there is anything fun you can do with those
types.

I was thinking of creating a common user name with a blank passwd and
then sending a tty message to them after they went interactive, because
honestly it would make me smile a lot just to see them logoff in fright
after seeing me see them.

That is fun and all but does any one know of other fun stuff for
screwing with these jokers?




all the best




_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com




-- 
Tim Krabec
Kracomp
772-597-2349
smbminute.com
kracomp.blogspot.com
www.kracomp.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081209/b9d768fd/attachment.htm

Current thread:

F'ing with SSH Goons adese (Dec 08)
- F'ing with SSH Goons Karl Schuttler (Dec 08)
  - F'ing with SSH Goons Aaron Moss (Dec 08)
  - Message not available
    - F'ing with SSH Goons Nathan Sweaney (Dec 09)
    - F'ing with SSH Goons Dimitrios Kapsalis (Dec 09)
    - F'ing with SSH Goons Strzelec, Wally (Dec 09)
    - F'ing with SSH Goons Tim Krabec (Dec 09)
    - F'ing with SSH Goons Nathan Sweaney (Dec 09)
- F'ing with SSH Goons Matt Hillman (Dec 09)
- F'ing with SSH Goons Chris Merkel (Dec 09)
- F'ing with SSH Goons Mad Marv (Dec 09)
  - F'ing with SSH Goons Aaron Moss (Dec 09)
    - F'ing with SSH Goons Mad Marv (Dec 09)
    - F'ing with SSH Goons Joshua Wright (Dec 09)
    - F'ing with SSH Goons iamnowonmai (Dec 09)
    - F'ing with SSH Goons Nils (Dec 10)
    - F'ing with SSH Goons Jim Halfpenny (Dec 12)

(Thread continues...)