[Dshield] little experiment

simon raven simon at nuit.ca
Tue Mar 1 20:08:27 GMT 2005

Le Mon February 28, 2005 20:41, Paul Marsh a écrit:

> I setup a little experimental site that tries to do a couple simple
> security checks based on browser id and such, and a portscan. I do need
> a couple more people to see if it works / is helpful.
> http://www.amihacked.com is the URL. Let me know if it works or where it
> breaks. One of the goals is also to make some of the dshield information
> a bit more accessible. We already have the 'are you hacked' banner, but
> its a bit limited when it comes to the next step ("Why is the banner
> flashing at me?").
> thanks for any feedback.

woohoo, snort lighting up like an x-mas tree, and my firewall log filling up 
like it was hungry for the stuff. yes i did the port scan ;). worked well. 
gotta give 5 points for grsec:

No OS matches for host (test conditions non-ideal).
TCP/IP fingerprint:

not even close. it's not a redhat box, it's not an x86 box. oh, and i'd 
consider upgrading the version of nmap there, if "SInfo(V=3.48" is an 
indication (i have 3.75 installed here).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 652 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20050301/d4608cd8/attachment.bin

More information about the list mailing list