this post was submitted on 25 Jun 2026
51 points (98.1% liked)

Linux

14168 readers
367 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 3 years ago
MODERATORS
 

I wrote a dead simple file canary tool that will install an eBPF program that drops all outgoing packets if a canary is touched. I wrote this in response to the current trend of supply chain attacks that try to harvest credentials

you are viewing a single comment's thread
view the rest of the comments
[–] lemmyuser@programming.dev 11 points 1 week ago* (last edited 1 week ago)

Right it's just for things you don't use but a credential harvester would find interesting.

I've been working a lot on containing the blast radius with some careful LXC usage, but this was a quick way to get some real value without a ton of thought.