2006-01-06 23:23:57.466053+01 by Dan Lyke 3 comments
Fascinating: Sean Conner has been looking at port scans with the La Brea tar pit software:
...And it seems, from these results, that simply blocking the ports used by Microsoft Windows will stop 87% of these scans...
[ related topics: Microsoft ]
comments in ascending chronological order (reverse):
#Comment Re: made: 2006-01-08 09:19:58.091208+01 by: spc476
The information on actually running LaBrea is scant, and I'm learning as I go along. I found out on Friday that I may have been improperly running the software and not actually tarpitting anything. Anyway, I have an update on the situation, along with information on changing the MAC address LaBrea uses for tarpitting.
#Comment Re: made: 2006-01-08 09:21:39.438522+01 by: spc476
Oh, and the number of Microsoft port scans dropped to 63% in the next twelve hour (and hopefully proper) run.
#Comment Re: made: 2006-01-08 13:26:27.811844+01 by: meuon
Sean, if you are interested in stats on such things: DShield.org is an interesting collector of such things as well.