home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.security.misc
- Path: sparky!uunet!zaphod.mps.ohio-state.edu!cs.utexas.edu!torn!skule.ecf!steve
- From: steve@ecf.toronto.edu (Steve Kotsopoulos)
- Subject: Re: Am I being hacked?
- Message-ID: <BzEr1p.5w2@ecf.toronto.edu>
- Organization: University of Toronto, Engineering Computing Facility
- References: <1frfh9INNil3@network.ucsd.edu> <1992Dec7.163849.11779@Princeton.EDU> <1gk5p8INN8i9@uniwa.uwa.edu.au>
- Date: Thu, 17 Dec 1992 14:32:12 GMT
- Lines: 35
-
- In article <1gk5p8INN8i9@uniwa.uwa.edu.au> craig@ec.uwa.oz.au (Craig Richmond - division) writes:
- >subbarao@fc.hp.com (Kartik Subbarao) writes:
- >
- >>In article <1frfh9INNil3@network.ucsd.edu> mbk@lyapunov.ucsd.edu (Matt Kennel) writes:
- >
- >>Well, the /etc/passwd probably wouldn't be of any use, since it most likely
- >>has '*'s in the place of the password. At least I hope so, in your case.
- >
- >I wanted to create a bogus password file with passwords like
- >
- >have
- >you
- >cracked
- >every
- >password
- >yet
- >
- >so that you got a nice message when you unscrambled it after running crack
- >on the password file :)
- >
- >Alternatively you set up a dummy account with a crackable password in the
- >ftp passwd file and when the account is logged into, you record the IP,
- >finger the machine and set of alarms on your local machine. That way, you
- >catch the potential hackers.
-
- You should read Bill Cheswick's excellent "An Evening with Berferd ..."
- paper, in the conference proceedings from the January 1992 Usenix.
-
- He had a bogus password file, and many other amusing booby-traps
- (fake smtp DEBUG hole and chroot login environment).
- --
- Steve Kotsopoulos mail: steve@ecf.toronto.edu
- Systems Analyst bitnet: steve@ecf.UTORONTO.BITNET
- Engineering Computing Facility uucp: uunet!utai!ecf!steve
- University of Toronto phone: (416) 978-5898
-
