Your Fly Is Open

Netmenaces and Other Internet Stupidity

Welcome!

2016-05-06 2 min read

Welcome to my blog!

"‘Your fly is open?’ What’s that all about?"

We’ve all been there - either on the “giving” or “receiving” end. It’s something you do… because, well… because it’s how decent people behave. If you see someone walking around and, unbeknownst to them, the ol’ barndoor is open, you… well, you say something:

   “Hey…,” you whisper, “X-Y-Z!”
   (The universal code for “eXamine Your Zipper.”)

That’s sort of what I do… except I do it on the scale of the entire Internet…

I run several honeypot systems on the Internet. A “honeypot” is a computer that appears to be running one or more services that look very much like they’re ripe for being hacked. Then, when a hacker comes along and tries to do something bad, the honeypot logs everything that they do. From those detailed logs, we can learn a lot of things about how hackers operate and how their attacks work.

The one thing that we don’t learn is who the attackers are… You see, for the most part attackers do their dirty work from systems that they’ve already hacked. So, generally speaking, the source of an attack against my honeypot isn’t the hacker’s computer… it’s usually just some poor, unsuspecting schmuck who got hacked first.

When my honeypot gets attacked, I try to contact the owners of the machine sourcing the attack. Sometimes I succeed, sometimes I don’t… but in many ways, I’m just tellin’ folks, “Hey… XYZ!”

With this blog, I intend to record some of the more interesting responses I receive when I tell folks that their “fly is open.” I’ll also explain some of the more interesting evil I see popping up on the ‘Net and I’ll throw in a case or two of “stooopid” when I come across it. Finally, I’ll probably do some ranting too… ‘cause that’s just how I am.

-TL
Tom Liston
Owner, Principal Consultant
Bad Wolf Security, LLC
Mastodon: @tliston@infosec.exchange
Twitter: @tliston
May 6, 2016