Security github.com

Endlessh – an SSH tarpit that slowly sends an endless banner  ↦

The idea here is you put your real SSH server on a different port and let Endlessh lock up the script kiddies for hours and even days.

Since the tarpit is in the banner before any cryptographic exchange occurs, this program doesn’t depend on any cryptographic libraries. It’s a simple, single-threaded, standalone C program. It uses poll() to trap multiple clients at a time.

I’m not sure if this is actually a good idea or just fun to put into practice like those people who dedicate their precious free time scambaiting.


Discussion

Sign in or Join to comment or subscribe

0:00 / 0:00