I haven't heard about the backdoor. Source code is provided, if it's the same one I know. But it's not going to be effective. If you tie up 1 thread that hits your site, there are 99 others happily hunting along. After a minute or two, the thread you tied up will time out, so it's happily humming along again. You need a whole lot of these tar pits to be effective. That's the plus side of this theory. Jimmy -----Original Message----- From: Mark To: crime@private Sent: 9/20/01 8:55 PM Subject: Re: Score one for the good guys This actually is reported to have a back door. Please do not use it. ----- Original Message ----- From: "Steven H Parker" <steve@private> To: <crime@private> Sent: Thursday, September 20, 2001 6:54 PM Subject: Re: Score one for the good guys > Maybe I should include the link: > > http://www.threenorth.com/LaBrea/ > > Steven H Parker wrote: > > > > Don't know is anyone saw this, but it looks quite cool. It's mentioned > > on incidents.org. It's method to slow down worm probes by holding their > > TCP connections open indefinitely. > > > > -SHP >
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:25:31 PDT