Flutterby™! : port scans

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

port scans

2006-01-06 22:23:57.466053+00 by Dan Lyke 3 comments

Fascinating: Sean Conner has been looking at port scans with the La Brea tar pit software:

...And it seems, from these results, that simply blocking the ports used by Microsoft Windows will stop 87% of these scans...

[ related topics: Microsoft ]

comments in ascending chronological order (reverse):

#Comment Re: made: 2006-01-08 08:19:58.091208+00 by: spc476

The information on actually running LaBrea is scant, and I'm learning as I go along. I found out on Friday that I may have been improperly running the software and not actually tarpitting anything. Anyway, I have an update on the situation, along with information on changing the MAC address LaBrea uses for tarpitting.

#Comment Re: made: 2006-01-08 08:21:39.438522+00 by: spc476

Oh, and the number of Microsoft port scans dropped to 63% in the next twelve hour (and hopefully proper) run.

#Comment Re: made: 2006-01-08 12:26:27.811844+00 by: meuon

Sean, if you are interested in stats on such things: DShield.org is an interesting collector of such things as well.