Re: Dealing with script kiddies

From: Joe Richards [MVP] (humorexpress@hotmail.com)
Date: 06/07/02

Next message: Joe Richards [MVP]: "Re: locked computer"
Previous message: Nick Ohanian: "Public Computer Security"
In reply to: Michael A. Covington: "Re: Dealing with script kiddies"
Next in thread: Jeff Cochran: "Re: Dealing with script kiddies"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Joe Richards [MVP]" <humorexpress@hotmail.com>
Date: Fri, 7 Jun 2002 17:55:50 -0400

"Michael A. Covington" <mc@deletethisword.uga.edu> wrote in message
news:ucos3mkDCHA.1436@tkmsftngp04...
> "Joe Richards [MVP]" <humorexpress@hotmail.com> wrote in message
> news:exaBasiDCHA.1108@tkmsftngp04...
> > As some others have said, this is mostly Nimda, not script kiddies. Your
> > chances of finding the "bad guys" is near zero. Last year I ended up
> writing
> > a program called fakeroot.exe which you could add to your scripts folder
> and
> > rename root.exe (or any other name of an executable people are trying to
> > run) and it will log the hits and fire off a script or program of your
> > choice.
> >
> > I, myself, set up a little perl script that would reach back and verify
> that
> > it was nimda by checking of the guest account was open and made an admin
> and
> > then would reach in and shut off IIS and reboot the box.
> >
> > You can get fakeroot.exe from my website if you want to use it with your
> > scripts or whatever.
> >
>
> Now that's an idea. Nobody is so easily manipulated as those who think
> they're successfully manipulating somebody else.
>
> If the program writes to standard output, will the crackers see it?
>
>

The INI file lets you specify what you send back. From nothing to a
customized message to a simple BAD REQUEST message. Generally no one will
ever see the message unless it is someone doing it by hand from a browser.

--
Joe Richards
www.joeware.net
---

Next message: Joe Richards [MVP]: "Re: locked computer"
Previous message: Nick Ohanian: "Public Computer Security"
In reply to: Michael A. Covington: "Re: Dealing with script kiddies"
Next in thread: Jeff Cochran: "Re: Dealing with script kiddies"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Dealing with script kiddies
... As some others have said, this is mostly Nimda, not script kiddies. ... > them to their ISPs whenever feasible. ...
(microsoft.public.inetserver.iis.security)
Re: Dealing with script kiddies
... As some others have said, this is mostly Nimda, not script kiddies. ... > them to their ISPs whenever feasible. ...
(microsoft.public.win2000.security)
Re: Dealing with script kiddies
... >> As some others have said, this is mostly Nimda, not script kiddies. ...
(microsoft.public.inetserver.iis.security)
Re: Dealing with script kiddies
... > As some others have said, this is mostly Nimda, not script kiddies. ... > chances of finding the "bad guys" is near zero. ...
(microsoft.public.win2000.security)
Re: Dealing with script kiddies
... > As some others have said, this is mostly Nimda, not script kiddies. ... > chances of finding the "bad guys" is near zero. ...
(microsoft.public.inetserver.iis.security)