LinuxSA Mailing list archives

  From: James Leone <linuxcpa@netscape.net>
  To  : <linuxsa@linuxsa.org.au>
  Date: Wed, 16 Apr 2003 10:22:49 -0700

Re: Honeypots get stickier??

linuxcpa@netscape.net wrote:

> glen.turner@aarnet.edu.au wrote:
>
>> Related, the number of Internet-visible HP LaserJets is
>> astonishing.  The one thing you'd think should be
>> on a unrouted 10.0.0.0 network. 
>
>
>
> Is there a way to disguise a server as being a HP LaserJet so hackers 
> move on? 

That is, fake the responses to an ICMP scan.

>
>
> I also had another idea...hardware related to rooting.  Is there a way 
> to embed commonly "rooted" applications in embedded firware 

firmware

> so that commonly rooted applications such as sudo cannot be 
> overwritten with a trojaned version?
>
> Or could a server setup be 100% embedded?
>
> James Leone
>
>
>
Sorry...to clarify....can parts of a Linux installation be read only? 
 That is, could, for example, the /bin directory be placed in its own 
partition, and this partition would be a CDROM or some other read only 
hardware device.  The goal being the the application cannot be deleted 
or otherwise altered by an attacker.  

Could this be a reason for a hardware/software partnership?

I also wantd to know if any of the technologies shown at Jason Nunn's 
arafuraconnect site could be used to create such a setup?



Is there a "PGP" for wireless?  That is, the ip addresses are encrypted 
preventing intrusion, but decrypted by the router?
Or would I need red tinted windows and an aluminum hat to accomnplish 
such a feat? :-)

Just curious

James Leone

-- 
LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on irc.freenode.net
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject