[Full-disclosure] [inbox] Honeypot?
Exibar
exibar at thelair.com
Sat Aug 30 19:02:52 BST 2008
so do you work for Salsoft, or are you trying to break into a machine owned
by them?
If it's a network you monitor, meaning you have direct responsibility for,
wouldn't you already know if it's a honeypot?
sounds fishy that you have to ask....
Exibar
_____
From: full-disclosure-bounces at lists.grok.org.uk
[mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of James Lay
Sent: Saturday, August 30, 2008 1:26 PM
To: Full-disclosure
Subject: [inbox] [Full-disclosure] Honeypot?
So...one of the networks I monitor has this ip:
66.139.73.183
Doing netbios scans on it. A cursory inspection shows it as a win2003
box...that's WIDE open. Could this be a honeypot that's been compromised?
Curious
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080830/5a29f365/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.