On Fri, 24 May 2002 20:06:23 -0600 Femme <[EMAIL PROTECTED]> wrote: > On Fri, 24 May 2002 17:53:02 -0800 > civileme <[EMAIL PROTECTED]> wrote: > > > FemmeFatale wrote: > > > > >Pierre Fortin wrote: > > > > > >>On Thu, 23 May 2002 23:15:52 -0800 civileme > > >><[EMAIL PROTECTED]> wrote: > > >> > > >>>Load up the honeyport for Nimda and the shutdown script for > > >>>codered and see what happens.... > > >>> > > >>Civileme, > > >> > > >>Where can I find the tools you're referring to...? I have my own > > >>(http://pfortin.com/Linux/HoneyPort -- needs updating ) and am > > >>interested in anyone else's defense mechanisms... > > >> > > >>As to reflecting/responding to an attack, here's my position: > > >>http://pfortin.com/Linux/MSVTS/ -- in a nutshell: SELF-DEFENSE! > > >>:^) > > >> > > >>Thanks, > > >>Pierre > > >> > > > > > >BTW, fwiw I found most of these kids are trying to get to my > > >NETBios* i do share a HDD with my g/f* and ssh/unix ports. Makes > > >me wonder if it isn't someone on one of the lists..cause this > > >started not long after i posted the info on the ftp. :\ > > > > > >*hopes i'm wrong...sigh* > > > > > > > > >------------------------------------------------------------------ > > >------ > > > > > >Want to buy your Pack or Services from MandrakeSoft? > > >Go to http://www.mandrakestore.com > > > > > Hmmm, I seem to recall Microsoft had an "anti-spoofing" feature for > > ISPs using NT that hit port 139 and shut you down if the response > > wasn't what the program thougt it should be (shut down linux > > workstations all over the parts of Alaska served by a cable modem > > company for a while, at intervals of 4 hours, and then a reboot into > > windows was necessary to get the link activated), but this sounds > > like lots more queries aimed at 139. > > > > Civileme > > > > *nods* Got those ports being attacked too, as well as looking for SSH > ports & Some other obscure ports Unix/linux uses. I don't know why > though... whats 139???? Sorry i'm sorta half-aware/educated on > security(hangs my head sheepishly). >
NetBios-ssn .... do what I do cat /etc/services | grep xxx ...... fast way to find out what's what... *grin* James > Help? > > Femme > > > > > > > > > >
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
