--- Brian <lxy at cloudnet.com> wrote:
> > bogusbogus was a backdoor account in WFTP.  I think WFTP
> > is a windows
> > program so you don't have anything to worry about.
> 
> I just love seeing script kiddies try this sort of stuff
> under linux.  Running Win nukes against my box, one guy was
> trying to log into my web email interface using NT defualt
> account names.  Oh well, at least it puts something
> entertaining into syslog. :-)

   Maybe now would be a good time to ask a question that I have been
wondering about for some time. Is there any way to have a box give a
false identity for its OS? For example, have Linux tell the outside
world that it is really NT4? That way, any s'kiddie that comes along
with his arsenal of l33t cracks sees, "Oh! NT! Let me try this..." and
gives the sysadmin something to chuckle about in the syslog.
   Is this even remotely a good idea? Of course, you wouldn't want to
build your entire defense around it, but just as an additional measure
to throw kiddies off. Or would it cause too many problems for regular
operations? I can't imagine that it would be too much of a problem for
a single computer connected to the net, such as mine. RFC, please.
   :Peter
(Who thinks that it would be interesting to identify his computer as
running CP/M or something like that...)

__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/