[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [inbox] Honeypot?

To: "'James Lay'" <jlay@xxxxxxxxxxxxxxxxxxx>, "'Full-disclosure'" <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] [inbox] Honeypot?
From: "Exibar" <exibar@xxxxxxxxxxx>
Date: Sat, 30 Aug 2008 14:02:52 -0400

so do you work for Salsoft, or are you trying to break into a machine owned
by them?
 
If it's a network you monitor, meaning you have direct responsibility for,
wouldn't you already know if it's a honeypot?
 
  sounds fishy that you have to ask....  
 
 Exibar

  _____  

From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of James Lay
Sent: Saturday, August 30, 2008 1:26 PM
To: Full-disclosure
Subject: [inbox] [Full-disclosure] Honeypot?


So...one of the networks I monitor has this ip:

66.139.73.183

Doing netbios scans on it.  A cursory inspection shows it as a win2003
box...that's WIDE open.  Could this be a honeypot that's been compromised?

Curious

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Honeypot?
  - From: James Lay

Prev by Date: [Full-disclosure] x0x0x ? its a joke! a vendetta history..
Next by Date: Re: [Full-disclosure] [inbox] Honeypot?
Previous by thread: [Full-disclosure] Honeypot?
Next by thread: [Full-disclosure] x0x0x ? its a joke! a vendetta history..
Index(es):
- Date
- Thread