2019-02-16

The Unsophisticated Purveyor of Exploits

binary skull    
The duties involved with the operation of public facing web and mail servers leaves me somewhat wanting. Those duties typically wax moronic with the common attack postures by those who would exploit my resources for their own use.

First of all, there is failure to learn from past mistakes. There are several individuals hitting my mail server in particular using the same failed approaches over time. This typically results in me escalating the limitation of access to the point that all they can do is 'hit it and quit it' because all else is blocked by those various subsystems at my disposal.

Logs are also somewhat amusing in these matters because I have them configured to tell the tale, however ridiculous it may be so I come to know who is the real threat and who is the poser trying to appear as if they have a clue.

By this point in time I have seen it all, done it all, and I'm to the point where cloning disk images is a weekly thing and conducting disaster recovery operations part and parcel of my weekend routine for quite a while now.

I also would like to point out that my most excellent tools are open source and free for anyone to use.

So in the gloaming hidden world of spammers out to deliver payloads and exploits hitting each rampart like some guided missile missing it's mark I try to remember: there by the grace of God go I. Were I the noob so many of these people appear I would want to hide my identity to a string of IP addresses too.

Stupid is as stupid does and alot of these people missed the boat somewhere.

Ports and protocols matter as do those blacklists and other filtration devices keeping the hounds at bay.

If you have business with me those servers are there for you. Otherwise, kindly just go bother someone else.