http://smackdown.blogsblogsblogs.com/2010/03/03/dont-think-if-you-will-get-hacked-or-even-when-think-in-terms-of-how-often/ Smackdown! Fri, 10 Feb 2012 01:20:31 +0000 hourly 1 http://wordpress.org/?v=3.2.1 http://smackdown.blogsblogsblogs.com/2010/03/03/dont-think-if-you-will-get-hacked-or-even-when-think-in-terms-of-how-often/comment-page-1/#comment-39163 Daniel J. Dick Sun, 21 Mar 2010 22:04:53 +0000 http://smackdown.blogsblogsblogs.com/?p=518#comment-39163 I hear you. Some jerk from IP 188.72.213.44 threw some kiddie-script injection attacks against my personal website a little under an hour ago. Sometimes I like to throw the evidence over to the FBI just so that if they decide to wake up and knock off these guys, they'll have a little more evidence. Sometimes I throw out some honeypots in hopes of being a pain to them. Sometimes if you know a little about them, you can get them to help you harden your environment by insulting something precious to them--their country, their mother, their religion, their political beliefs, whatever they hold precious, and then when they rail at you with attacks, you can see what they do to tear into your system, apply backups and fixes, and wait again until they're too weak to find a way to break in. And then you can just leave them alone. That is if the website you're working on is worth the effort. If not you can just let them thrash it and get their jollies. At least then they're leaving someone else alone, and they get to go around like a bunch of idiots too stupid to realize they're not geniuses. I hear you. Some jerk from IP 188.72.213.44 threw some kiddie-script injection attacks against my personal website a little under an hour ago. Sometimes I like to throw the evidence over to the FBI just so that if they decide to wake up and knock off these guys, they’ll have a little more evidence. Sometimes I throw out some honeypots in hopes of being a pain to them. Sometimes if you know a little about them, you can get them to help you harden your environment by insulting something precious to them–their country, their mother, their religion, their political beliefs, whatever they hold precious, and then when they rail at you with attacks, you can see what they do to tear into your system, apply backups and fixes, and wait again until they’re too weak to find a way to break in. And then you can just leave them alone. That is if the website you’re working on is worth the effort. If not you can just let them thrash it and get their jollies. At least then they’re leaving someone else alone, and they get to go around like a bunch of idiots too stupid to realize they’re not geniuses.

]]> http://smackdown.blogsblogsblogs.com/2010/03/03/dont-think-if-you-will-get-hacked-or-even-when-think-in-terms-of-how-often/comment-page-1/#comment-36399 CJ Thu, 04 Mar 2010 06:32:34 +0000 http://smackdown.blogsblogsblogs.com/?p=518#comment-36399 I would love to see some kind of best practice on dealing with detected hack attempts. There was a time when I would look up the IP’s and report the hack attempt details to the ISP that owns the IP address, but after being totally ignored for a few months, I gave up on that. I would love to see some kind of best practice on dealing with detected hack attempts. There was a time when I would look up the IP’s and report the hack attempt details to the ISP that owns the IP address, but after being totally ignored for a few months, I gave up on that.

]]>