[NTLUG:Discuss] robots.txt / also Nimda & CodeRed fighting...
Darin W. Smith
darin_ext at darinsmith.net
Thu Mar 27 07:48:46 CST 2003
On Wed, 2003-03-26 at 17:50, kbrannen at gte.net wrote:
> OTOH, since you care about bandwidth, check out the LeBrea Tarpit
> program/suite. It goes thru all but the last step of the SYN/ACK connection
> steps, thus holding a connection open but doing nothing. So the attacker is
> slowed down, and nothing gets transmitted...though you'll probably need to
> increase the max number of children it can spawn. See
> http://www.threenorth.com/LaBrea/. Originally written for CodeRed, I see no
> reason it wouldn't work for others.
>
> From the webpage:
> LaBrea is a program that creates a tarpit or, as some have called it, a
> "sticky honeypot". LaBrea takes over unused IP addresses on a network and
> creates "virtual machines" that answer to connection attempts. LaBrea answers
> those connection attempts in a way that causes the machine at the other end to
> get "stuck", sometimes for a very long time.
>
>
> HTH,
> Kevin
Hmmm...that looks appealing. Thanks for the tip!
--
D! (Darin W. Smith)
AIM: JediGrover
Gig 'em Ags!
http://www.ebb.org/ungeek/
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT/E d? s:+ a- C++ UL++++ P--- L++++ E++ W+ N- o-- K- w--- O- M-- V
PS-- PE+ Y+ PGP+ t+ 5 X+ R tv+ b+ DI+++ D+ G e+++ h+ r !y+
------END GEEK CODE BLOCK------
More information about the Discuss
mailing list