Funnypots and Skiddy Baiting:Shmoocon submission idea

[irongeek at irongeek.com (Adrian Crenshaw)]

Thanks, I'd totally forgot about the classic Teergrube attack. ")

On Wed, Oct 21, 2009 at 3:43 AM, Jim Halfpenny <jim.halfpenny at gmail.com>wrote:

> 1. Listen with an apparently vulnerable service on a standard port
> that's actually a dumb banner server
> 2. Ignore any exploit attempts and let skiddies keep retrying ad infinitum
> 3. ????
> 4. PROFIT!
>
> Kind of like la brea but instead of a TCP tar pit send a response that
> look like a sucessful exploit but is a pre-crafted packet. Head meets
> brick wall. Repeat.
>
> Jim
>
> On 21/10/2009, Adrian Crenshaw <irongeek at irongeek.com> wrote:
> > Oh, I just thought of another one, when they attempt to hack your site
> and
> > fail, have clippy pop up and offer advice. I implemented that on my site
> > awhile back just for kicks and to learn about PHP-IDS:
> >
> > http://www.irongeek.com/i.php?page=%27%20or%201=1%20--
> >
> > Adrian
> >
> >
> >
> > On Tue, Oct 20, 2009 at 9:34 PM, John Strand <strandjs at gmail.com> wrote:
> >
> > > Dear god.....
> > >
> > > Go with it.
> > >
> > > john
> > >
> > > On Wed, Oct 21, 2009 at 5:55 AM, Adrian Crenshaw
> > > <irongeek at irongeek.com>wrote:
> > >
> > > > I'm wanting to go to Shmoocon next year, but the only way I can see to
> > > > afford it is to be a speaker. That, and being able to get ticks can be
> > > > tough. I've submitted some talks a few months ago, but I just submitted
> > > > this
> > > > one today, let me know if you have ideas to add:
> > > >
> > > > Title/Abstract/Details:
> > > > Funnypots and Skiddy Baiting
> > > > Ever wanted to screw with those that screw with you? Honeypots might be
> > > > ok
> > > > for research, but they don?t allow you to have fun at an attacker?s
> > > > expense
> > > > the same way funnypot and skiddy baiting does. In this talk I?ll be
> > > > covering
> > > > techniques you can use to scar the psyche or to have fun at the expense
> > > > of
> > > > attackers or people invading your privacy. Some of the topics to be
> > > > covered
> > > > are:
> > > >     Fun with DNS and Loopback
> > > >     SWATing for Packets
> > > >     Lemonwipe your drive
> > > >     Robots.txt trolling
> > > >     And more?
> > > >
> > > > More details:
> > > > ?Fun with DNS and Loopback? is about making people attack their own
> host,
> > > > but doing it in a way that is less obvious than telling them ?my IP is
> > > > 127.0.0.1?.
> > > >
> > > > ?SWATing for Packets? is similar to the above, but you set the DNS
> entry
> > > > to point to an NSA/FBI/Whitehouse IP address.
> > > >
> > > > ?Lemonwipe your drive? why wipe your drive with all zeros or random
> data
> > > > when you can have a million copies of lemon party for an examiner to
> > > > find.
> > > >
> > > > ?Robots.txt trolling? go look at the one at irongeek.com, you will get
> > > > the idea.
> > > >
> > > > I hope to add more items as I think of them.
> > > >
> > > > Previously presented at: This would be the first time.
> > > >
> > > > Facilities: Power and a projector that accepts VGA input.
> > > >
> > > > _______________________________________________
> > > > Pauldotcom mailing list
> > > > Pauldotcom at mail.pauldotcom.com
> > > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > > Main Web Site: http://pauldotcom.com
> > >
> > >
> > > _______________________________________________
> > > Pauldotcom mailing list
> > > Pauldotcom at mail.pauldotcom.com
> > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > Main Web Site: http://pauldotcom.com
>
> --
> Sent from my mobile device
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091021/d68e375c/attachment.htm