Danny Rosseau / file-canary · GitLab
gitlab.com
GitLab.com

I wrote a dead simple file canary tool that will install an eBPF program that drops all outgoing packets if a canary is touched. I wrote this in response to the current trend of supply chain attacks that try to harvest credentials

  • CameronDev@programming.dev
    3·
    6 hours ago

    Okay, so not for protecting actual creds then. Makes sense, although would be nice to have a way to protect actual creds. No idea how that would be achievable though.

    • lemmyuser@programming.devOP
      5·
      6 hours ago

      Right it’s just for things you don’t use but a credential harvester would find interesting.

      I’ve been working a lot on containing the blast radius with some careful LXC usage, but this was a quick way to get some real value without a ton of thought.