[TriLUG] illegal logon question

sholton at mindspring.com sholton at mindspring.com
Thu Mar 9 13:42:26 EST 2006


WA Brown <brownwa at ftc-i.net> writes:

>Is there something that could be done with people who try to login to your 
>machine?

If you don't have a need to let people log-in from the internet, you
could always turn off that capability. But even if you must let people 
attempt to log in, there's no requirement that you be nice about it. ;-)

While I don't have a turn-key solution to offer you, one option would
be to key off the provided account name. If there isn't even an account 
with that name, you could customize the handshake from that point
on. For example a very slow "password" replay, or allowing them to
log in, but only to a jail account. Let them waste their time. It might 
be interesting to learn where they point .forward at or what they would
do in response to a "Welcome New User, Please Register..." script.

A lot of work, little gain, but fun to contemplate.

-- 
Steve Holton
sholton at mindspring.com
"Convenience causes blindness. Think about it."




More information about the TriLUG mailing list