Eggheads: Feature requests

Dariusz Kulinski takeda at eggheads.w.pl
Sat Sep 14 21:41:01 CST 2002


Hello Andri,

Thursday, September 12, 2002, 11:42:41 AM, you wrote:

> Thank you all for a good response.
> There are infinite ways of being paranoid of regards of security.

> And of the regards of commercial shells being more secure, well... not in my
> experience. I simply want to minimize the damage to my botnet if one shell
> goes down.

maybe you should implement some protections on other bots (i.e. bot won't trust
other bots too much, if one bot do something malicious then other bots will
disconnect that other bot and remove flags)?

Also you could do some kind of crc checking, I know that somebody can bypass
that protection, but if that person wouldn't have source code it would be
pretty hard. I know this would protect from most abusers (they're script kiddies
who really don't know how to use debugger) but if similar feature would be
implemented in eggdrop, I'm sure that after some time there would be tool to
bypass that protection.

That's why this kind of protections is best when you create by yourself
otherwise the wouldn't protect much.

> And for the possibility of simply reading the passwords through a debugger
> is always an option too. But the thing is. Most of the kids who root these
> machines dont even know what a debugger is. They simply use some tools given
> to them and the fact of the matter is that there are alot of tools to
> decrypt the current userfile available to those sort of people.

I agree, in most situations this is true, but what you mean by decrypting
userlist? eggdrop userlist isn't encrypted, if you want to encrypt you need to
write your own code, and I don't belive there is tool to decrypting userlist
from your code :)

-- 
Best regards,
 Dariusz                            mailto:takeda at eggheads.w.pl





More information about the Eggheads mailing list