View Single Post
Old 21st May 2009
Mantazz Mantazz is offline
Shell Scout
 
Join Date: Oct 2008
Posts: 90
Default TarPits

I've seen some suggestions before that a TarPit http://labrea.sourceforge.net/labrea-info.html might be a solution worth looking into. The basic idea behind it, as explained to me, is to take the attempted connection and hold it open as long as possible, to slow down the hack attempt. Of course the thinking behind this is that a given host can only attempt a finite number of connections. The TarPits generally attempt to keep the connections open by sending junk data back to the host on the other end at the slowest rate possible, to minimize your own bandwidth consumption.

I haven not tried this yet myself, though I may go for it the next time my system is on the receiving end of a distributed attempt.
Reply With Quote