I front all my honeypots with the IIS landing page precisely because it attracts black hat jagoffs.
Nothing makes me happier than knowing I've wasted hours of their time chasing their own tails.
I front all my honeypots with the IIS landing page precisely because it attracts black hat jagoffs.
Nothing makes me happier than knowing I've wasted hours of their time chasing their own tails.
Why stop there? Front the honeypot with a real IIS server, build a matryoshka doll of honeypots and see how far people get.
Unless you're honeypotting in the IP range of an established organization, all you're doing is getting bot traffic.
High-tier blackhats focus on big targets, and low-tier ones focus on low-hanging fruits they find off shodan or application 0days they've found.
"Guys, guys, guys, listen, listen, listen. So I'm in this computer, right? So I'm lookin' around, lookin' around, throwing commands at it, I don't know where it is or what it does or anything..."
Some ATM in bumsville Idaho spit $700 into the middle of the street.
Where's that from?
It's from Hackers: https://www.scifiscripts.com/scripts/hackers.txt#:~:text=Any...
You'know, there ought to be a way to deep link into a tortent file.
Yarn is usually the next best thing but there seems to be something off with the video in this case
https://memes.getyarn.io/yarn-clip/e9d8176d-e936-4224-a1d1-f...
I think it's from hackers, Joey the youngest hacker found the bad guys computers, not sure if it's an accurate quote since it's been years since I saw it.
"They're trashing! They're trashing our rights!"
"HACK THE PLANET!"
joey, is that you!?
Tell me more…I opened a plex and Nintendo switch port, the scans were out of control. I’d love to screw over port scanner over.
What does shodan.io run?
Noise is a really underrated security layer.
That's just security by obscurity, which is rated pretty appropriately.
Obscurity is a perfectly adequate layer of security. It shouldn't be the only layer but those who argue against adding it heard at some point "security through obscurity is not security" and never dug deeper.
I agree. Hiding from a grizzly bear is a good strategy. But if that fails, you will need pepper spray and maybe a shotgun.
Bear Defense Plan: Hide, Non-lethal, Lethal.
You've said it just like it is, prevention + preparation.
[dead]
Sounds like creating an url like aspnet_client/admin.php returning a WebObjects header might be a good hobby
Add in a zip bomb or two?
Now you have me wondering how badly http gzip content compression can be abused along those lines.