Plans with Other Ideas

Document Introduction

This Series & Dataroom - Anti-Hack Jobs

This document belongs to the dataroom of, Anti-Hack Jobs, of which in turn, belongs to Australian based KangaBytes as the owner and author of all content within this document.

The Anti-Hack Jobs advisory, is to advise in respect to, how best to protect the data of your customers, from hacking events.

The use of these tips, requires a license. Please visit the online dataroom at www.kangabytes.tips/pass.html for this information.

This Document - Plans with Other Ideas

This document focuses on other ideas and activities, of which, are the domain of, the likes of moderators, and/or security officials, where they establish systems or features of which have the exclusive purpose of, to detect a hacking event.

None of your regular customers will ever take part in any of these tip activities.

TRIP ACCOUNTS - How it Works

The metaphoric idea is, much like having sheep-dogs, living within the herd of sheep.

As for our literal reality, you have yourself some trip accounts, registered in with the regular customer accounts.

Because, the only persons of who will ever attempt to gain access to any of these trip accounts, are in fact, the hackers of who, do not know any better as to which account is real, and which account(s) are fake.

Your trip accounts(s) shall act as an early warning system, alerting you to the activity of hackers of whom are trying to hack into your system.

Trip Accounts - Marketing & Pitching

There are two types of hackers of which we aim to tackle here.

First is,

The other one is,

Trip Accounts - Wordings and Meanings

Counter Hacker

Is a person, who, targets the hackers, by hacking into the systems of the hackers.

Trip Accounts - What you need

The Authenticator Script
• You need to have the ability to detect, when someone is trying to access a trip account.
• This portion of the script needs to be somewhere near the start of the Authenticator Script
• Your script needs to read the table column, of which is used to highlight trip accountss.
• You need to register any access attempt with a trip account, into a database table of which is specific to the registration of these events, and, to then run a script of which uses that table, to get a count of how many attempts there have been, in recent time.
• Based on whatever criteria, your website is set to, you need to then, trigger the alarm and response, as required in these moments of time.

Database Table for user accounts
• Add a new column, which matches this SQL keyword {ENUM('true','trip','test','admin') DEFAULT 'true'}, and ensure you set your trip accountss to 'trip'.
• The setting of 'true', is used for true user accounts. Whereas, 'test', is used by your webmaster/IT team, to test new features, without activating anything they do.

Database Table to register access attempts
• You need to register the date and time of the attempt, the IP address, and which account of which was being accessed.
• In SQL, you will need {TIMESTAMP} {CHAR(45)} and {TINYINT/INT or other __INT} columns.

Trip Accounts - The Customer/User

The True-Holder

None of your customers do anything to create, nor to use any of your Trip Accounts.

Your admin/moderator

This is the person, of who, you hire to create these trip accountss, on your behalf.

While, part of this advisory includes the use of, trip accountss being created for each nth customer you have joining up, there is still the option of, having your admin staff, create the odd one here and there, manually.

Your staff member, will use a special purpose form page, whos purpose is for manually creating trip accountss.

Trip Accounts - Alturnate Options & Ways

Summary of options include,
• Feed to the hacker, false account information, as though, the hacker has used a FakeSide word.
• Block that IP address.
• Blackmark that IP address.
• Shut down the server.

Should you have a mate or other contact of who is a Counter Hacker (A person who attacks/hacks those who do the real hacking), then, you can send to that contact, the IP address of, whoever trys to access these trip accountss.

Automatically add, one in nth

Your application script, should perhaps, create a new trip accounts each time that, you get the nth customer in a row. This is to ensure that, you will always have a reasonable strike rate ratio.

It is up to your own webmaster to determine how often these automatically extra Trip Account accounts are created, as well as to how many of Trip Account accounts are created each time too.

This creates trip accounts frequencies of which are all over the place, and, as a result makes it impossible for hackers to predict what accounts are going to be a Trip Account.

Set a quantity trigger

Set the system, to trigger an alarm, when there has been a certain quantity of attempts on trip accounts within a specific period of time.

Trip Accounts - Some Handy Tips

Should the website be shut down each time that, a Trip Account is accessed, then, the hacker world is sure to find out really quick as to which accounts are Trip Accounts, and know which ones they must avoid.

You need to ensure that, the hackers keep using these same Trip Account, to ensure they continu to be your alarm system for as long as is possible.

When Hackers are phishing around, and only accessing your Trip Accounts, you may say that, the only harm is to whatever fake data you have inside those accounts.

However, once, you detect that one of those hacker IP addresses are trying to access a true account, then, that is time for instant action.

Lastly, What you need to do includes the following;
• Create two or three of these trip accountss, near the time of your establishment.
• Where you use an email address as part of the authentication process, ensure the email address you use with a trip accounts, does in fact, really exist.
• Open up one more, each time you gain, another x amount of customer accounts. This will increase the chances of, a trip accounts being used by a hacker.

Trip Accounts - The Hacker

How the trap gets set

When the hacker has purchased a list of dark data, from the dark web, that hacker is going to purhcase the log in data for at least one of your trip accountss too.

Furthermore, as part of our Fake Darkies advisory, you have the option of, selling your trip accountss on the dark web, like they are stolen data of real value to the hacker world.

One option includes, send the hacker, fakeside information, just like when a hacker has used a FakeSide word, need I say any more here.

How this catches the hacker

How this hampers the hacker
• Hacker does not know which accounts are fake/trip and which are real/true
• You know that nobody should be accessing that account. No real person would be trying to do so, therefore, this MUST be a hacker trying to access your system.
• You choose how, the trap works with your system. This creates a random chance thing across the internet, and, will prevent the haker from learning a handy indicator of trip accounts.

Trip Accounts - Some Risks of Note

Once the dark world, has learned of, your Trip Accounts, and, which account numbers are your Trip Accounts, your early warning alarm system SHALL NO LONGER work.

The easiest way for this to happen, is, when the hacker detects that, particular event(s) always happen at the same time after they access a particular account.

Please Note: This list of risks may NOT be complete. You are advised by us, to seek your own, independent advice in respect to this.

Trip Accounts - Mitigating the Risks

As advised elsewhere, it is a better idea to be triggered, at random lengths of time after the access of a Trip Account, or, wait for a minimum quantity of access attempts within say, a five minute period of time.