Re: Re: Password hacker killer


Just another Perl shrine
	PerlMonks

Re: Re: Password hacker killer

by Corion (Patriarch)

on Sep 07, 2003 at 14:27 UTC ( [id://289574]=note: print w/replies, xml )

Need Help??

in reply to Re: Password hacker killer
in thread Password hacker killer

This method leads the way for an effective DOS - if I want to prevent you from logging in, I just write a script that repeatedly tries to log in as you, with a wrong password. You won't be able to ever get at your account again.

You need to block at least only a certain IP address, then only AOL users can block AOL users ...

perl -MHTTP::Daemon -MHTTP::Response -MLWP::Simple -e ' ;    # The  
$d = new HTTP::Daemon and fork and getprint $d->url and exit;#spider
($c = $d->accept())->get_request(); $c->send_response( new   #in the
HTTP::Response(200,$_,$_,qq(Just another Perl hacker\n))); ' #  web
[download]

Comment on Re: Re: Password hacker killer Download Code

Replies are listed 'Best First'.
Re: Re: Re: Password hacker killer by allolex (Curate) on Sep 07, 2003 at 15:51 UTC
Yes, thanks for pointing that out. It would therefore be logical to block the IP instead of the user for the same time period, or better yet block the combination of user/IP. -- Allolex	[reply]
Re: Re: Re: Re: Password hacker killer by waswas-fng (Curate) on Sep 08, 2003 at 18:48 UTC
this does not work, most of the automated cracking tools will use huge proxy lists to change the source IP of the attack after X attempts. You chase your own tail by limiting the user/ip block. -Waswas	[reply]

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://289574]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others examining the Monastery: (2)

As of 2024-04-20 03:12 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found