25. January 2012 19:48
I fix some issues and created some new goodies to play with.
12. December 2011 23:00
I have just added another tool to my collection. Which is a fake sshd for linux. It can be used to capture login attempts. It is used for doing the following.
- Profiling password attack atempts on servers.
- Setting up a honey pot so you can invite the "kids" in
- Stealing the dictionary's used by attackers to test against your own password hashes.
Here is an example of the log output from an attack.
Dec 11 14:02:04 debian fake-sshd.exe: IP: 220.127.116.11 USER: root PASS: edityahoo.no
Dec 11 14:02:06 debian fake-sshd.exe: IP: 18.104.22.168 USER: root PASS: edityahoo.org
Dec 11 14:02:07 debian fake-sshd.exe: IP: 22.214.171.124 USER: root PASS: 68b329da9893e34099c7d8ad5cb9c940
Dec 11 14:02:09 debian fake-sshd.exe: IP: 126.96.36.199 USER: root PASS: 7hur@y@t3am$#@!(*(
Dec 11 14:02:10 debian fake-sshd.exe: IP: 188.8.131.52 USER: sysgames PASS: qwertycosmin
Dec 11 14:02:12 debian fake-sshd.exe: IP: 184.108.40.206 USER: bin PASS: diana4ever
Dec 11 14:02:13 debian fake-sshd.exe: IP: 220.127.116.11 USER: bin PASS: bostanel
more information / download
8. December 2011 21:09
So I have been busy digging and moving tech recently as I switched jobs. So I went for a rummage way back to when I learnt to program which would have been in the mid 90's and found some of the following things. To my surprise almost everything I found still compiled and I have decided to dump some of the short programs I have onto my software page. Most were created for the purpose of learning at the time. All of them are written in C and will compile on debian / lenny. There will probably be more to follow as well!
The following have been added
More will probably follow later!
14. April 2011 22:55
Recently I seem to be running into a little bit of a spamming problem with backlink's being submitted to the blog. It looks like the way .net blog engine does post is really easy for the spammer to be able to post lots and lots of comments with bots (I guess the spammers are getting good at this now). This sounds quite bad but everything is being caught by the spam filters so its really not so bad. So this is a bit of a guide to attempt to protect a website from such action coming from abusive computers around the internet. More...