I know why I have never been (knowingly) cracked
Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: I know why I have never been (knowingly) cracked

  1. #1
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197

    I know why I have never been (knowingly) cracked

    No-one gives a rats A$$ about me or my network....

    Since implimenting a policy that strips all potentially harmful file extensions at the firewall in SMTP inbound mail I am forced to open an FTP server to allow needed files of a questionable nature in, (something I have resisted because it has always seemed to me to be the most abused system by the biggest group, script and warez kiddies). So off I went, created an FTP site in the DMZ, tested it, told no-one it was there but opened it up with and allow any -> ftp server firewall rule.... A honeypot if you will. Any traffic going there right now has to be suspicious.......

    Well.... It's been "swinging out there in the breeze" for 48 hours. Logging is turned to full... not even a connection attempt except when I, (in disbelief), test it. An IDS rule is in place to pick up any SYN on port 21 from the internal or external network..... again, it has only fired when I test it..... Searching the firewall logs for any port 21 inbound also comes up with zip.....

    It's almost wierd... I was scanned fairly regularly on port 21 for ever since I can remember.... My home box has had 8 hits during the same period. My work ISP filters nothing so it isn't that.....

    So, I have only one conclusion..... The skiddies are "dis'ing" me....... Bastiges!!!!!!

    I wanted some fun......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  2. #2
    Senior Member
    Join Date
    Sep 2003
    Posts
    500
    If it makes you feel any better, give you your IP and I'll give you a quick portscan, or maybe a ping or two.
    You shall no longer take things at second or third hand,
    nor look through the eyes of the dead...You shall listen to all
    sides and filter them for your self.
    -Walt Whitman-

  3. #3
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Originally posted here by Lansing_Banda
    If it makes you feel any better, give you your IP and I'll give you a quick portscan, or maybe a ping or two.
    I'll see your portscan and pings and raise you a complete vuln scan with nessus, and maybe a lil retina or Core Impact action as well....

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  4. #4
    Disgruntled Postal Worker fourdc's Avatar
    Join Date
    Jul 2002
    Location
    Vermont, USA
    Posts
    797
    Let me know your address and I'll call the Homeland Security Agency and tell them you're providing intel to the Planned Parenthood terrorist league. They'll sieze all of your hardware and it will take months to sort it all out. God I love the Patriot Act.
    ddddc

    "Somehow saying I told you so just doesn't cover it" Will Smith in I, Robot

  5. #5
    Dead Man Walking
    Join Date
    Jan 2003
    Posts
    810
    I'll see your portscan and pings and raise you a complete vuln scan with nessus, and maybe a lil retina or Core Impact action as well....
    And ill see your nessus and raise you a trip to google to find an aproriate sploit like a good little skiddie would.

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    It really is a little surprising.... We can now add another 16 hours and still not even a "tickle".... I know it's just a probability issue but scans on port 21 have been far from rare even in recent history.

    For the smarta$$es... The IP address is 127.0.0.1 please email your results to me.... <LOL>
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #7
    Senior Member Zonewalker's Avatar
    Join Date
    Jul 2002
    Posts
    949
    No-one gives a rats A$$ about me or my network....
    I'll give you a rats a$$ for you and your whole network if you like Tiger - one of my cats bought me a freshly killed little rodent this morning. Do I get to keep you both forever?

    Z
    Quis Custodiet Ipsos Custodes

  8. #8
    Kwiep
    Join Date
    Aug 2001
    Posts
    924
    When I read this thread I decided to dump the logs of incomming packets (of whatever kind) to closed ports. Withing a few minutes the list already was to long to be interesting. Most where to ports 80 and 135 and there was one portscan... You're just being lucky I guess.
    Double Dutch

  9. #9
    Banned
    Join Date
    May 2003
    Posts
    1,004
    For the smarta$$es... The IP address is 127.0.0.1 please email your results to me....
    You're the one that runs that kiddie porn site?!

    You should be ashamed!

    catch

  10. #10
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Catch:

    Yes I am....... I admit it......

    And if there is a picture of me naked in the shower then _you_ have been "peeking".... Bad boy!!
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •