Honeypots: Re: what to do with a script kiddie

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Honeypots mailing list archives

Re: what to do with a script kiddie

From: carnack <carnack () gmx net>
Date: Sat, 4 Jun 2005 19:19:11 +0200


On 04.06.2005, at 19:08 Uhr, David Jiménez Domínguez wrote:

You shouldn't expose him, you are studying him (when you are studyingan animal for scientific proposes you don't expose the animal itself,you expose your work)... If you're going to use this information foryour thesis just use it. You could share it with the community likethe honeynet project does.


Dear David,

I will share if I find something interesting, but the incident wasnearly the same as told in the "Linux Compromise" chapter of "Know yourEnemy" by the Honeynet Project. So I see no further sense to share thatinfo. I recovered all the incident files, like the rootkit, a localroot exploit and an IRC bouncer, but they are nothing special and easyto come by.

yours
Christian

By Date By Thread

Current thread:

what to do with a script kiddie carnack (Jun 04)
- Re: what to do with a script kiddie David Jiménez Domínguez (Jun 04)
  - Re: what to do with a script kiddie carnack (Jun 04)
    - Re: what to do with a script kiddie Sebastian Garcia (Jun 06)
- Re: what to do with a script kiddie Damian Menscher (Jun 04)
- <Possible follow-ups>
- RE: what to do with a script kiddie Stejerean, Cosmin (Jun 04)
  - Re: what to do with a script kiddie ilaiy (Jun 04)
  - Re: what to do with a script kiddie Lance Spitzner (Jun 04)