trying to find more dangerious toys for pentesting.

trying to find more dangerious toys for pentesting.

https://github.com/washal/pentest/commit/949cab2793e57f083e365a493fa9bb5e6060a9e2

Been trying to fodder up a good repo of scripts.

Advertisements

Chuchhill Honeypot Dameon Concept

“A lie gets halfway around the world before the truth has a chance to get its pants on.”
Winston Churchill

“The truth is incontrovertible. Malice may attack it, ignorance may deride it, but in the end, there it is.”
Winston Churchill

In wartime, truth is so precious that she should always be attended by a bodyguard of lies.

Winston Churchill

(Concept is a Work in progress)

anyhow from that above quote …. comes the Cyberwarfare concept….

you networks are under AssaultLie.. stall buy time. and yes for the attacker make them think They or your PC are Toking /smoking something on one bad Trip of LSD.

Psychological Warfare & Lies & Dis-information : if the Honeypot trap triggers…

attackers on port # (start Filibustering lies , pile on the Bull-shit)

lie about the connection times….

Lie about the host-name welcome to : Enterprise.nc1701d.lcars.star-fleet.stb and they though they had some-victum-bank.com.… (their head must be swimming spinning doing double takes and picking their jaw off the floor or mildly amused…. next few tries will start to make them irritated…)

or use historical pc o/s from the bygones. and fake the o/s signatures. or futuristic sounding o/s  Linux kernel 25.0.99 on AMD -193 Trit– Quantum 50 core Trinary CPU

Windows 25 , and “time travel them”  today is Dec 25 2525 (todays gift for you Mr C’hacker is you guess it more lies to sift through….)

uses Sci-FI pc concepts historical. its a Linux box lie to em say its windows nt 3.51 one minute then say they got Babylon 5 mainframe the next.

hell use some ascii art and put friggen Klingon out who cares..any of the fortune cookies that provide dis-information ….. to keep them guessing what your doing or confused enough…

spin the fortune cookies fake the o/s packets…

Bamboozle them, fake them , utterly befuddle them , make them so utterly confused

they will move on or slow their attacks to the point you have time to respond and block them ..

by confusing them after a thresh-hold trigger has been reached , this wont deter professionals or the most determined crackers…. mal-hackers….

but it will get rid of the script-kiddies , as if the more automated means , the outputs will for a time garble up their NMAP scans etc. with useless data….

make them have a physiological meltdown , at least they wont be attacking your pc’s or networks anytime soon again, they will move on to other weaker less defended constructs.

WWII , lights magic , not many defended some targets , by outright out-witting the Axis forces…. with far-less inflatable tanks… amusing yet simple tricks.  however the enimies were less than amused …. but from a historical perspective how the chickens outwitted the foxes is a useful tidbit…

your network has EGGS of information the foxes want , they will “eat you alive too”…. if they can “Catch you” would be a good analogies…

I figured putting a few magic tricks will at first amuse an attacker then slowly simmer their anger and will to the point of “self-cremation ”  for most a few hours of Psi-warfare

data directed back at them , they will explode in anger to were they are just burring mad.  (and they asked for it , they tried to hack you , so they brought it on themselves…)

Thus if your target system is attended by a bodyguard of lies., and confuses attackers ,  it is simple and inexpensive concept. and modular in ideas.

if they get past the 10,000 Cisco firewall , a more expensive system will not do, so the  bodyguard of lies will buy you time to get at them and or kick them…

it should give you more time
of which: you can program your IDS to respond to them by drooping their connections. trace thier ip .

analyze them in kind. etc.

Developers Wanted : (unfortunately I lack the skills I thought this to be an interesting concept. )

© Michael R. Lawrence , http://www.Michaellawrenceit.com 2013

And the Sabayon Linux Foundation (of which I chose to help out when I can)

Creative Commons License
Chuchhill Honeypot Dameon Concept by Michael R. Lawrence is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Based on a work at https://sabayonzoroproject.wordpress.com/2013/05/23/chuchhill-honeypot-dameon-concept/.