- Aug 18, 2003
- 493
- 0
- 0
i have a cisco router and win server behind it hosting sites.
someone has been tryin to DOS me and get into my SSH. Im wanting to setup a SSH honey put, once they connect send them a worm virus just to teach a lesson
obviously when they connect they have a port listening back for what they think is ssh, only itll be something else.
i was going to nat forward the ssh to the server instead of the router and run a fake ssh on teh server with very limited access to a subfolder with no permissions accept read on ntfs and share permissions.
in there i would have a few data files that are nothing maybe some a pdfs..lol to keep him connected and then have a worm waiting on that port too..
any ideas?
thanks
someone has been tryin to DOS me and get into my SSH. Im wanting to setup a SSH honey put, once they connect send them a worm virus just to teach a lesson
obviously when they connect they have a port listening back for what they think is ssh, only itll be something else.
i was going to nat forward the ssh to the server instead of the router and run a fake ssh on teh server with very limited access to a subfolder with no permissions accept read on ntfs and share permissions.
in there i would have a few data files that are nothing maybe some a pdfs..lol to keep him connected and then have a worm waiting on that port too..
any ideas?
thanks