Question for tech server peers who are reading: Any thoughts on active defense? I know that it's likely a zero-sum game, but I do tire of the constant barrage of poking for .SQL, .git, .vscode, .zip etc. files on my servers. Should I just continue to block and ignore? Or should I reward them with some sort of infinite-size quine ZIP file when it's an obviously malicious request? My guess is that most of these people are not very sophisticated, so messing up their day might help make mine.

@codeWhisperer If you serve them anything, wouldn't you pay for bandwidth?
There might be services out there that will receive redirections

Follow

@sjjh I was talking about sending them something like this (link). For example, the droste.zip file (which I might rename to something like (SQLDBBackup-20230328.zip) is only 28 K in size, so would be very minimal to transfer, yet when the user attempts to expand (or when their automatic virus scanner checks it out) it never stops expanding and takes up their entire drive (or CPU, if scanning it).
bamsoftware.com/hacks/zipbomb/

Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.