Comment on Do bots/scrapers check uncommon ports?
DarkAri@lemmy.blahaj.zone 4 days agoAlso doing basic things like running your webserver in a VM, and you can write some script or something to just block any IP that is port scanning I’m pretty sure. I would do that if I was hosting. Also remember to block port scanning in Firefox. It’s not enabled by default. This helps to keep you safe when you land on a scanning webpage.
derek@infosec.pub 4 days ago
Absolutely. VMs and Containers are the wise sysadmin’s friends. Instead of rolling my own ip blocker I use Fail2Ban on public-facing machines. It’s invaluable.
DarkAri@lemmy.blahaj.zone 3 days ago
Cool, I have some ideas as well, like maybe write a script that hashes configuration files that needs a secret password to put into edit mode, if the config changes without being out into edit mode first, disconnect the server. Maybe use a raspberry pi that’s hidden from the network to do this. I know that wouldn’t work for large websites maybe because they can’t afford to go down for hours at a time, but it would give you an additional layer of security for sensitive stuff. I’m more into game programming but I know how exploits work and stuff. I’m pretty sure many types of things like this already exist in the market. One idea I had was pretty neat. Basically in your eula you reserve the right to hack back people that try to hack you, and you have an automated system that uses some known exploits to get a ping or maybe install a rootkit on anyone who is trying to mess around in your system. Later you can just get on and deanonymize them. This requires you actually spend time researching your own zero days. People in defcon hacking competitions do this. They are sort of masters with decompilers and hex editors.