diff options
author | 53hornet <atc@53hor.net> | 2021-11-28 10:58:27 -0500 |
---|---|---|
committer | 53hornet <atc@53hor.net> | 2021-11-28 10:58:27 -0500 |
commit | 00ed9172015a034b003a9eb166e91e2021f051f5 (patch) | |
tree | de6e343cceb9def924be058d0212c03012b99628 | |
parent | c015aa115dedc0b9aac37ea1889f01369cf345a3 (diff) | |
download | 53hor-00ed9172015a034b003a9eb166e91e2021f051f5.tar.xz 53hor-00ed9172015a034b003a9eb166e91e2021f051f5.zip |
fix: description, attackers
-rw-r--r-- | posts/2021-11-28-write-your-own-ssh-tarpit-in-rust-with-async-std.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/posts/2021-11-28-write-your-own-ssh-tarpit-in-rust-with-async-std.php b/posts/2021-11-28-write-your-own-ssh-tarpit-in-rust-with-async-std.php index 54e2f83..1bce63d 100644 --- a/posts/2021-11-28-write-your-own-ssh-tarpit-in-rust-with-async-std.php +++ b/posts/2021-11-28-write-your-own-ssh-tarpit-in-rust-with-async-std.php @@ -7,7 +7,7 @@ include($_SERVER['DOCUMENT_ROOT'] . '/includes/head.php'); ?> <p class="description"> - A software tarpit is simple and fun. Long story short, it's sort of a reverse denial-of-service attack. It usually works by inserting an intentional, arbitrary delay in responding to malicious clients, thus wasting their time and resources. It's kind of like those YouTubers who purposely joke around with phone scammers as long as possible to waste their time and have fun. I recently learned about <a href="https://github.com/skeeto/endlessh"><code>endlessh</code></a>, an SSH tarpit. I decided it would be a fun exercise to use Rust's <code>async-std</code> library to write an SSH tarpit of my own, with my own personal <em>flair</em>. If you want to learn more about <code>endlessh</code> or SSH tarpits I highly recommend reading <a href="https://nullprogram.com/blog/2019/03/22/">this blog post</a> by the <code>endlessh</code> author. + A software tarpit is simple and fun. Long story short, it's sort of a reverse denial-of-service attack. It usually works by inserting an intentional, arbitrary delay in responding to malicious clients, thus "wasting their time and resources." I recently learned about <a href="https://github.com/skeeto/endlessh"><code>endlessh</code></a>, an SSH tarpit. I decided it would be a fun exercise to use Rust's <code>async-std</code> library to write an SSH tarpit of my own, with my own personal <em>flair</em>. If you want to learn more about <code>endlessh</code> or SSH tarpits I highly recommend reading <a href="https://nullprogram.com/blog/2019/03/22/">this blog post</a> by the <code>endlessh</code> author. </p> <h2>Goals</h2> @@ -36,7 +36,7 @@ include($_SERVER['DOCUMENT_ROOT'] . '/includes/head.php'); </ul> <p> - That's right. It's probably a waste of resources, but I want to be able to feed the attacker whatever information I want. For example, I want to be able to pipe a Unix Fortune across the network to the attacker very slowly. I want to relish in the knowledge that if the attacker manually debugs the data coming down the pipe, they'll see their fortune. + That's right. It's probably a waste of resources, but I want to be able to feed the client whatever information I want. For example, I want to be able to pipe a Unix Fortune across the network to the client very slowly. I want to relish in the knowledge that if the client manually debugs the data coming down the pipe, they'll see their fortune. </p> <h2>Implementation</h2> |