From: Vik Bajaj
Newsgroups: sci.techniques.xtallography Subject: Re: STX: Securing Crystallographic computers from electronic intruders/hackers?? - Deception Toolkit (http://www.all.net/dtk/)?? Date: 11 Nov 1998 21:40:21 GMT Organization: Science and Technology Wing Xref: daresbury sci.techniques.xtallography:5136 Lachlan Cranswick wrote: > The program consists of both a TCP-Wrapper - and Perl scripts > that emulate fack buggy deamons/services on un-used ports. > The strategy being to disable as many un-needed network services > as possible and put as many fake deamon scripts up as feasible. > (and the TCP Wrappers on used services). (On a network, this > would be installed on as many computers as possible). This is a generally bad idea; there are far better ways to do intrusion detection! Installing fake daemons may provide some limited information, but it also opens up your system to a host of attacks. A better solution is to secure your system and utilize a comprehensive intrusion detection and management system. At the network-level, this implies control and logging of connections and connect attempt; at the host leve, it implies binary checksums and distributed system event logging. Crystallography labs are becoming well-known targets for script hackers as of late.