[Dshield] little experiment

Joel Esler esler at knology.net
Tue Mar 1 22:17:05 GMT 2005


Johannes,

Mac OS X running Safari was correctly identified.  Only problem I saw 
was that when the scan took place it went to my honeypot (which is 
where it's supposed to go), no fault of your code, and then, Nmap did 
not detect that the box being scanned was Fedora Core 3.  (again, not 
your problem...  tis nmap's fault)


Joel Esler
BASE Project Lead
http://secureideas.sourceforge.net
On Feb 28, 2005, at 18:53, Johannes B. Ullrich wrote:

> I setup a little experimental site that tries to do a couple simple 
> security checks based on browser id and such, and a portscan. I do 
> need a couple more people to see if it works / is helpful.
>
> http://www.amihacked.com is the URL. Let me know if it works or where 
> it breaks. One of the goals is also to make some of the dshield 
> information a bit more accessible. We already have the 'are you 
> hacked' banner, but its a bit limited when it comes to the next step 
> ("Why is the banner flashing at me?").
>
> thanks for any feedback.
>
>
>
> -------------- Sponsor Message ------------------------------------
> SANS Intrusion Immersion Training: Orlando, FL, February 3-9th
> http://www.sans.org/orlando05
>
> _______________________________________________
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see: 
> http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list