From 00ed9172015a034b003a9eb166e91e2021f051f5 Mon Sep 17 00:00:00 2001 From: 53hornet Date: Sun, 28 Nov 2021 10:58:27 -0500 Subject: fix: description, attackers --- posts/2021-11-28-write-your-own-ssh-tarpit-in-rust-with-async-std.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'posts') diff --git a/posts/2021-11-28-write-your-own-ssh-tarpit-in-rust-with-async-std.php b/posts/2021-11-28-write-your-own-ssh-tarpit-in-rust-with-async-std.php index 54e2f83..1bce63d 100644 --- a/posts/2021-11-28-write-your-own-ssh-tarpit-in-rust-with-async-std.php +++ b/posts/2021-11-28-write-your-own-ssh-tarpit-in-rust-with-async-std.php @@ -7,7 +7,7 @@ include($_SERVER['DOCUMENT_ROOT'] . '/includes/head.php'); ?>

- A software tarpit is simple and fun. Long story short, it's sort of a reverse denial-of-service attack. It usually works by inserting an intentional, arbitrary delay in responding to malicious clients, thus wasting their time and resources. It's kind of like those YouTubers who purposely joke around with phone scammers as long as possible to waste their time and have fun. I recently learned about endlessh, an SSH tarpit. I decided it would be a fun exercise to use Rust's async-std library to write an SSH tarpit of my own, with my own personal flair. If you want to learn more about endlessh or SSH tarpits I highly recommend reading this blog post by the endlessh author. + A software tarpit is simple and fun. Long story short, it's sort of a reverse denial-of-service attack. It usually works by inserting an intentional, arbitrary delay in responding to malicious clients, thus "wasting their time and resources." I recently learned about endlessh, an SSH tarpit. I decided it would be a fun exercise to use Rust's async-std library to write an SSH tarpit of my own, with my own personal flair. If you want to learn more about endlessh or SSH tarpits I highly recommend reading this blog post by the endlessh author.

Goals

@@ -36,7 +36,7 @@ include($_SERVER['DOCUMENT_ROOT'] . '/includes/head.php');

- That's right. It's probably a waste of resources, but I want to be able to feed the attacker whatever information I want. For example, I want to be able to pipe a Unix Fortune across the network to the attacker very slowly. I want to relish in the knowledge that if the attacker manually debugs the data coming down the pipe, they'll see their fortune. + That's right. It's probably a waste of resources, but I want to be able to feed the client whatever information I want. For example, I want to be able to pipe a Unix Fortune across the network to the client very slowly. I want to relish in the knowledge that if the client manually debugs the data coming down the pipe, they'll see their fortune.

Implementation

-- cgit v1.2.3