The network I monitor was getting scanned by the below IP. It stopped now though :)
On 8/30/08 12:02 PM, "Exibar" <[EMAIL PROTECTED]> wrote: > so do you work for Salsoft, or are you trying to break into a machine owned by > them? > > If it's a network you monitor, meaning you have direct responsibility for, > wouldn't you already know if it's a honeypot? > > sounds fishy that you have to ask.... > > Exibar > > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of James Lay > Sent: Saturday, August 30, 2008 1:26 PM > To: Full-disclosure > Subject: [inbox] [Full-disclosure] Honeypot? > > So...one of the networks I monitor has this ip: > > 66.139.73.183 > > Doing netbios scans on it. A cursory inspection shows it as a win2003 > box...that¹s WIDE open. Could this be a honeypot that¹s been compromised? > > Curious
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
