Is it possible to have ipchains accept everything to make it look like you have services running (when in fact you don't have any running), to provoke attacks?

My thinking behind this is that an attacker runs NMAP, sees a whole list of open ports, goes to attack and then the target doesn't respond because those services aren't infact running. Would this cause someone to abandon or get them determined? (script kiddies would move on, I think)

I've never tried to crack other people's computers, but I'd assume that a cracker would have some kind of program to auto-scan the millions of IP addresses out there, and have it report back when it finds something interesting. I'm sure a 'completely open' computer would be like a dream come true. I don't think someone would spend lots of time on a reasonably secure computer, unless they knew there was something there worth all the effort. So, instead of your computer being passed over, you'd probably receive the full treatment. And trying to access your computer isn't the only thing a cracker can do. If I was serious about messing with you, I'd either keep at it until I had access to your machine, or I'd get so annoyed that I'd try to retaliate in some way (flood your IP maybe?).

While your idea would certainly be entertaining to watch, you might be asking for more trouble than you really want.

Script kiddies would probably just move on. A determined cracker might try to investigate more. I would imagine that the Cracker would end up viewing the falsely open computer as either a honey pot, a challenge, or an improperly configured computer that meant to be closed but is giving an erroneous feedback. Some might retaliate, some might actually crack it, and probably most will just move on.

------------------
Just a Tuna in the Sea of Life