I'm in the mood for playing games with the bad guys, and both MIRROR and TARPIT look like fun. However, I don't want to be a nuisance to people who merely make mistakes. So does anybody have any ideas for iptables commands that will make the script-kiddies (and *only* the script-kiddies) very upset?
Meanwhile, this might be *slightly* annoying for them:
/sbin/iptables -A INPUT -i eth0 -m state --state NEW -p tcp \\ --dport 22 -m recent --set /sbin/iptables -A INPUT -i eth0 -p tcp --dport 22 -m state \\ --state NEW -m recent --update --seconds 600 --hitcount 3 -j DROP /sbin/iptables -A INPUT -i eth0 -m state --state NEW -p tcp \\
--dport 22 -j ACCEPT