[naturalmovement]

I front all my honeypots with the IIS landing page precisely because it attracts black hat jagoffs.

Nothing makes me happier than knowing I've wasted hours of their time chasing their own tails.

[p1necone]

Why stop there? Front the honeypot with a real IIS server, build a matryoshka doll of honeypots and see how far people get.

[DaSHacka]

Unless you're honeypotting in the IP range of an established organization, all you're doing is getting bot traffic.

High-tier blackhats focus on big targets, and low-tier ones focus on low-hanging fruits they find off shodan or application 0days they've found.

[bitwize]

"Guys, guys, guys, listen, listen, listen. So I'm in this computer, right? So I'm lookin' around, lookin' around, throwing commands at it, I don't know where it is or what it does or anything..."

[stavros]

Where's that from?

[amenghra]

It's from Hackers: https://www.scifiscripts.com/scripts/hackers.txt#:~:text=Any...

[fragmede]

You'know, there ought to be a way to deep link into a tortent file.

[enlightens]

Yarn is usually the next best thing but there seems to be something off with the video in this case

https://memes.getyarn.io/yarn-clip/e9d8176d-e936-4224-a1d1-f...

[bryanrasmussen]

I think it's from hackers, Joey the youngest hacker found the bad guys computers, not sure if it's an accurate quote since it's been years since I saw it.

[egil]

"They're trashing! They're trashing our rights!"

[giancarlostoro]

"HACK THE PLANET!"

[forgetfreeman]

Some ATM in bumsville Idaho spit $700 into the middle of the street.

[wildlogic]

joey, is that you!?

[themafia]

Noise is a really underrated security layer.

[YeahThisIsMe]

That's just security by obscurity, which is rated pretty appropriately.

[close04]

Obscurity is a perfectly adequate layer of security. It shouldn't be the only layer but those who argue against adding it heard at some point "security through obscurity is not security" and never dug deeper.

[loneboat]

... those who argue against adding it heard at some point "security through obscurity is not security" and never dug deeper.

Ironically, that makes them the exact type of person who would be successfully deterred by a layer of obscurity.

[seethishat]

I agree. Hiding from a grizzly bear is a good strategy. But if that fails, you will need pepper spray and maybe a shotgun.

Bear Defense Plan: Hide, Non-lethal, Lethal.

[Alphanymous]

You've said it just like it is, prevention + preparation.

[raverbashing]

Sounds like creating an url like aspnet_client/admin.php returning a WebObjects header might be a good hobby

[kreyenborgi]

Add in a zip bomb or two?

[MrDrMcCoy]

Now you have me wondering how badly http gzip content compression can be abused along those lines.

[wil421]

Tell me more…I opened a plex and Nintendo switch port, the scans were out of control. I’d love to screw over port scanner over.

[fragmede]

What does shodan.io run?

[wil421]

Not sure but the IPs don’t come back as Chinese and the dns registries, domains, and other data I could find was generated using US address data. Lots of stuff like 123 stree, where half the address was truncated.