Re: Mail relay attempts
Jones, Steven wrote:
Ive found port sentry really good for detecting port scans and then routeing
the return packets to no where.
As an addition to that idea: would it be possible to cause similar
effects to HTTP-server worms with a modified tarpit? Maybe a modified
version of the kernel httpd: whenever a worm attack drops in the
response will be a normal website containing a bogus content (no 404),
coming over the line character by character with a huge delay. Comments?