Funny approaches to the computer security

Funny theoretical approaches to the computer security

Photo by Scott Webb from Pexels

The other day I was thinking about funny theoretical approaches to the computer security. You know, usually the defense means passive things: passwords, keys, logging and sometimes security through obscurity, firewalls and different anti-tampering means and stuff. The defense is usually pretty much passive. You sit and wait, well prepared and ready to defend yourself from the attacker. But it makes it funnier when it’s little bit different. Disclaimer: we will be talking only about theoretical lawful-good approaches.

Imagine following scenarios:

• The server pretends that the attack succeeded and then attacks the foe. The reverse attack could be a phishing to steal attackers’ password (simply by asking it politely or by pretending to be a attackers’ SUDO prompt and then maybe SSH’ing back), confusing the attacker to force him to reveal their real IP (by printing non-existent error codes that will have them googling it and reading about it in a fake manual). One more example is when you have real SSH hidden by the means of port knocking (see https://en.wikipedia.org/wiki/Port_knocking) and a fake SSH server that responds on the standard port. The fake server may be doing a lot: providing the attacker with fake info, revealing fake network details and providing fake tools to do all this stuff explained here before.
• The server makes it hard to brute force it by brute forcing back. The server can use the same data that was used to bruteforce it for such response.
• The server makes it hard to attach to it by running a DDOS attack towards the attackers’ client.
• The server has custom VIM scripts, which may confuse the unauthorized person by making it impossible to use VIM (this one happened to me, except that I was authorized and my teammate installed his VIM scripts to the server, making it impossible to use VIM for me. I love VIM)
• One can use a robot to physically detach the server from the network during idle time
• Fake server may be attached during the idle time
• The robot can be triggered by suspicious actions being performed on the server
• Machine learning (training to be precise) could be used to identify the attacker (using just set of terminal commands being performed on the server). Then again it could be physically detached by the robot.
• Okay, you can just use a firewall or a balancer instead of a robot, but the robot is just funnier
• Attackers network characteristics could be used to identify the attacker
• The server may identify the bot-infused DDOS and may try to use similar vulnerabilities that were used to steal them, but instead of stealing — to cure the bot by dispatching an anti-virus attack: deploy and run antivirus software on the bot who attacks the server. To keep this item on a good side — I’m assuming we only cure bots/computers that belong to the defense side.
• The server may confuse the attacker by displaying the obscure SSH message, pretending to be a fridge or something, which also could be leading the attacker to specially crafted manual pages or something like that in the internet
• The server maybe periodically saying that it knows that you are doing bad things and THE GROUP is checking you. Even if there is no GROUP whatsoever.
• The server may lie to the attacker, pretending to be a fake one. Lying is ok, especially when someone tries to rob you.

and

• You can also occasionally print S̡̯̯̺̥̘̫͓̬̟͎͐͂ͥ̿̂̂͋ͭ̓͛̾ͭ̾̅̐ͨͥ͑͂̕C̶͈̳̪̱ͭ͋ͫͭ̀̆̈́̌̅̏̀A̶̎ͮ̐ͫ̃́̅̓̓͑̓̀͏̵̖̥͍̲̠̘̖Rͯ͑͑ͩ͏̢̠̜̜͖͕͚̞̗̘̼̬̣̀͜Y̵̩̱͙̪̲͍̣̖̹̘̲̬̬̭͌̂͗̉͛̈̀͜͞ ̴̸͚͎̯̞̼͇̯̝̣̪͙͑̒ͥͩͯ̈̔̄͋̕ͅṲ͕͍͕͎̘̭̜̲͉̆͑̉ͧ̈́ͥ̄̐ͪ̕͟͝ͅN̶̛̠̖͕̟̹͇̅͑ͮ̑̊͂̃ͦͯ͛ͧͪ̓͗ͪ̽͑͜͢͟Ḯ̴̸̷̶̢̺̼̦̹̩̪̩͚͉̘̬̘̗͍̘͎̮̞̲̐̒̆̀ͭ̾̿̒̓ͣ̉̚C̷̺̭̯̳͎͕͕̻̻̖̺̽̓̒̎̄̆̓̑̉̎̑̌̏͋̔̂ͭ͡O̢ͬͮͣ͋̑ͤ͆̚҉̹͎̱̘̤͔̲̜͔͍͚D̷̙̺̝̫̣̣̞̱͎̫̼͈͚̼ͤ̍̾̒ͣͤͮ͐ͧ̀̀ͥͬ̐́͡ͅḚ̶͙̬̥͙̙̼̥̪̦̤̠̮͐ͮ̎̒ͥ̕͟͡ ̢̢̛̬̫̣͍̇̀ͨ͒͗̔̓M͚̳̱̮̹ͭ̊̈̽̐̅̽̊̊̄̒̽͋̏̚̕͟Ȩ̡͈̬̤̖̜̲̣̠̤̪̣̭͓͈͊͋ͯ̿̋͒̌̏̎ͪ̿ͭ̊͑ͫ͋͡͡S̡̝̟͇͔̺̲͎̝̖͗ͧͦ̍͋̈̑͑̔̃̂̈́́̆̐͊̎̚͜͜͢͝ͅS͕̣̮͍̄͗̓̊͐́̈͐ͫͪ̓̈ͩ̂͆̕͠͠A͗ͩ̀ͥ͊̃̈́̓̀̄ͤ͒ͭ͑̊҉҉͔̭̟̹̯̼̪̱̥̱̪̻͔͍̬͡ͅG̴̡̛͌̋͆̑̓͋̈̿ͬ̌ͨ́ͩ̎҉̠̙̯̥̩̺̟̞̦͎̘̝̣̰ͅẺ̢́̇ͦ͂ͮ́͏͔͚̫̪̯̯̯̼̞̹̖͉̣S̶͈̹̝̦̭͙͖̘̭̥̳̩̟͙̮̩͕̍͋ͣͧͤ̚͟.