The second report of Sombria provides a more succinct and focused overview of the main events “witnessed” by the honeypot system during the months of August, September and October 2003.
Once again, unskilled hackers or script kiddies carried out most of the attacks against Sombria. Despite of this fact, this second report fortifies its position that it does not take a computer pro to cause wanton mayhem in our systems. Wannabe hackers are willing to invest a lot of work and devote their time looking for weaknesses to exploit. While it’s inevitable to undermine the risk that “script kiddies” may pose, one may not forget that these are the same amateurs who have been practicing and “polishing” their low skills on vulnerable systems. The approach here is simple: although most of the attackers are still in their “infancy,” every system that does not follow good security practices could be seen as an opportunity for hacking improvement.
Download the paper in PDF format here.