|Main Archive Page > Month Archives > full-disclosure-uk archives|
The network I monitor was getting scanned by the below IP. It stopped now though :)
On 8/30/08 12:02 PM, "Exibar" <email@example.com> wrote:
> so do you work for Salsoft, or are you trying to break into a machine owned by
> If it's a network you monitor, meaning you have direct responsibility for,
> wouldn't you already know if it's a honeypot?
> sounds fishy that you have to ask....
> From: firstname.lastname@example.org
> [mailto:email@example.com] On Behalf Of James Lay
> Sent: Saturday, August 30, 2008 1:26 PM
> To: Full-disclosure
> Subject: [inbox] [Full-disclosure] Honeypot?
> So...one of the networks I monitor has this ip:
> Doing netbios scans on it. A cursory inspection shows it as a win2003
> box...that¹s WIDE open. Could this be a honeypot that¹s been compromised?