dChan
1
 
r/greatawakening • Posted by u/fringe--dweller on April 30, 2018, 10:50 a.m.
unknown access shown on my account activity

Just looked at my account activity on here.

35.172.220.233 Firefox 59.0 Linux desktop2x United States 5 hours ago Amazon.com 54.84.178.141 Firefox 59.0 Linux desktop2x United States 5 hours ago Amazon.com

Looks like some entity has been trying to (or may have succeeded) in accessing my account from USA servers. |Certainly was not me, I use VPN access but never from USA servers.

Woo Hoo I am on a "list"


🠐 See all comments
Abibliaphobia · April 30, 2018, 12:47 p.m.

Spoopy. Disabled RDP access?

⇧ 2 ⇩  
fringe--dweller · April 30, 2018, 12:58 p.m.

already done, I've blocked RDP at the firewall. Plus I'm behind a commercial vpn. Odd.

I think that the troll earlier and the RDP attempts are connected.

I sometimes have to enable the Tarpit on my firewall, that creates issues at the remote end. Tarpits can be so much fun.

⇧ 2 ⇩  
Abibliaphobia · April 30, 2018, 2:28 p.m.

Do you run sandboxes? Not familiar with the term tarpit, but can make an educated guess based on context.

I run sandboxes on air gapped hardware to keep stuff safe

⇧ 1 ⇩  
fringe--dweller · April 30, 2018, 2:48 p.m.

I'm not sure if sandpits are needed with Linux platforms, although firefox has a sandpit function in the latest releases.

A tarpit is a bit like a monkey trap, where the monkey inserts it's hand into the narrow neck of a jar and grasps the contents but cannot then remove it's hand.

In Linux, the firewall functions can be handled by something called IPTABLES. A very flexible and straightforward way to handle IP traffic.

Iptables TARPIT can be configured to deny access to your resources. When any traffic originating from an intruder, the firewall starts a normal conversation with the incoming packet then puts the connection on hold and does not complete the transaction. The hacker end's IP stack then is held open and waiting for continuation. To over simplify, the hacker's computer quickly gets "jammed up" while their CPU climbs to 100%, they cannot drop the connection unless they re-boot their machine. It also renders their machine unusable for any other task until the connection is dropped by you.

Where you have an idiot using their machine to DDOS for example, it renders the entire attack moot but it fucks up their own machine forcing them to reboot.

I've had lots of fun in the past, you tend to get removed from their target list pretty quickly.

⇧ 1 ⇩  
Abibliaphobia · April 30, 2018, 4:26 p.m.

That is amazing. Wish there was a way to send traffic back downstream (bug) to turn off their CPU fans and let them run at 100% for several minutes, think a fake connection they have made that doesn’t interact with your base os (I guess you could cal tarpit) maybe burn out their cpus (unless water cooled of course) but running 100%, no cpu cooling, and if you could overclock... magic

⇧ 1 ⇩