[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-disclosure] Honeypot?
From: James Lay <jlay () slave-tothe-box ! net>
Date: 2008-08-30 17:25:36
Message-ID: C4DEDEB0.38CF7%jlay () slave-tothe-box ! net
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
So...one of the networks I monitor has this ip:
66.139.73.183
Doing netbios scans on it. A cursory inspection shows it as a win2003
box...that=B9s WIDE open. Could this be a honeypot that=B9s been compromised?
Curious
[Attachment #5 (text/html)]
<HTML>
<HEAD>
<TITLE>Honeypot?</TITLE>
</HEAD>
<BODY>
<FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'>So...one of the \
networks I monitor has this ip:<BR> <BR>
66.139.73.183<BR>
<BR>
Doing netbios scans on it. A cursory inspection shows it as a win2003 box...that’s \
WIDE open. Could this be a honeypot that’s been compromised?<BR> <BR>
Curious</SPAN></FONT>
</BODY>
</HTML>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic