[34185] in North American Network Operators' Group
Re: [NANOG] Re: sorry to ruin several of your evenings...
daemon@ATHENA.MIT.EDU (Pim van Riezen)
Tue Jan 30 16:38:57 2001
Date: Tue, 30 Jan 2001 22:25:11 +0100
From: Pim van Riezen <pi@vuurwerk.nl>
To: <bmanning@vacation.karoshi.com>
Cc: "Christopher L. Morrow" <cmorrow@UU.NET>, <nanog@merit.edu>
In-Reply-To: <200101302132.VAA21952@vacation.karoshi.com>
Message-ID: <Pine.SGI.4.30.0101302223360.50325-100000@jones.lab.madscience.nl>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 30 Jan 2001 bmanning@vacation.karoshi.com wrote:
>
> lets see... (from previous discussions on the usefullness of tweeking
> the version)
>
> wearing my blackhat, i have to decide which system is worthty
> of my talents... which one should I pick?
>
> version "bad-ass-bind";
> -or-
> version "9.1.0"
>
> of course I could be running 4.8.1 and simply recompile so it _reports_
> a bogus version but the profile of a 9.1.0 code base is -very- distinct
> from a 4.8.1 code base... esp on replies to queries.
>
> Pick your targets carefully.
However if I run a safe version of bind _and_ pay attention to my logfiles
I may actually catch a couple of nosy crackerjacks in the attempt and keep
an eye out before they find something which _is_ vulnerable.
Whether it's operationally sane to use such honeypot functionality on a
production server remains to be seen.
Pi
--
Live phase 1 <--> RJ45 pin 3 GND <--> RJ45 pin 8
Live phase 2 <--> RJ45 pin 6
Live phase 3 <--> RJ45 pin 2 Is this suitable?
Neutral <--> RJ45 pin 1 Or should we kill phones too?
