top | item 42512398

(no title)

Laforet | 1 year ago

IMO this is still a passive type of security through obfuscation. Active defence would be more like returning zip bombs to known intruders in order to crash the process.

discuss

timschmidt|1 year ago

Or a tar pit: https://github.com/skeeto/endlessh

fastily|1 year ago

Endlessh seems to be abandonware. linuxserver.io used to maintain a docker image but deprecated it (https://github.com/linuxserver/docker-endlessh/pull/16) after endlessh didn’t get any new updates in over 3 years. I’ve started using endlessh-go instead https://github.com/shizunge/endlessh-go

orev|1 year ago

It appears it can be configured to actively return attacks:

> Portspoof can be used as an 'Exploitation Framework Frontend', that turns your system into responsive and aggressive machine. In practice this usually means exploiting your attackers' tools and exploits

pogue|1 year ago

I can't seem to figure out how this would work or what this mean. Most of the links to the documentation seem to be missing.

I'd actually be curious to know if this seemingly ~10 year old software still works. Also how much bandwidth it uses, CPU/RAM etc.

unknown|1 year ago

[deleted]