[wellylug] suppressing sshd connect string
michael at diaspora.gen.nz
michael at diaspora.gen.nz
Sat Sep 11 10:10:06 NZST 2004
Ewen McNeill writes:
>2. Script kiddies run the exploit attempt anyway, the version string
> is irrelevant. They'll run windows exploits against non-windows
> systems, etc, so they're not going to let a mere mismatched version
> string put them off. They're not even going to check the version
> string. The motto of a script kiddie is "it might work anyway".
In furtherance of this point, I recently helped clean up after an script
kiddie intrusion on a system; said script kiddie had tried to run an
i386 root kit on an Alpha system, and then spent some time trying to
make his i386 binaries for some IRC client work -- again, on an Alpha.
I think that the only lesson there is that non Intel platforms do indeed
raise the bar these days...
-- michael.
More information about the wellylug
mailing list