I know why I have never been (knowingly) cracked

[Tiger Shark]

No-one gives a rats A$$ about me or my network....

Since implimenting a policy that strips all potentially harmful file extensions at the firewall in SMTP inbound mail I am forced to open an FTP server to allow needed files of a questionable nature in, (something I have resisted because it has always seemed to me to be the most abused system by the biggest group, script and warez kiddies). So off I went, created an FTP site in the DMZ, tested it, told no-one it was there but opened it up with and allow any -> ftp server firewall rule.... A honeypot if you will. Any traffic going there right now has to be suspicious.......

Well.... It's been "swinging out there in the breeze" for 48 hours. Logging is turned to full... not even a connection attempt except when I, (in disbelief), test it. An IDS rule is in place to pick up any SYN on port 21 from the internal or external network..... again, it has only fired when I test it..... Searching the firewall logs for any port 21 inbound also comes up with zip.....

It's almost wierd... I was scanned fairly regularly on port 21 for ever since I can remember.... My home box has had 8 hits during the same period. My work ISP filters nothing so it isn't that.....

So, I have only one conclusion..... The skiddies are "dis'ing" me....... Bastiges!!!!!!

I wanted some fun......

[Lansing_Banda]

If it makes you feel any better, give you your IP and I'll give you a quick portscan, or maybe a ping or two.

[HTRegz]

Originally posted here by Lansing_Banda
If it makes you feel any better, give you your IP and I'll give you a quick portscan, or maybe a ping or two.

I'll see your portscan and pings and raise you a complete vuln scan with nessus, and maybe a lil retina or Core Impact action as well....

Peace,
HT

[fourdc]

Let me know your address and I'll call the Homeland Security Agency and tell them you're providing intel to the Planned Parenthood terrorist league. They'll sieze all of your hardware and it will take months to sort it all out. God I love the Patriot Act.

[ZomBieMann77]

I'll see your portscan and pings and raise you a complete vuln scan with nessus, and maybe a lil retina or Core Impact action as well....

And ill see your nessus and raise you a trip to google to find an aproriate sploit like a good little skiddie would.

[Tiger Shark]

It really is a little surprising.... We can now add another 16 hours and still not even a "tickle".... I know it's just a probability issue but scans on port 21 have been far from rare even in recent history.

For the smarta$$es... The IP address is 127.0.0.1 please email your results to me.... <LOL>

[Zonewalker]

No-one gives a rats A$$ about me or my network....

I'll give you a rats a$$ for you and your whole network if you like Tiger - one of my cats bought me a freshly killed little rodent this morning. Do I get to keep you both forever?

Z

[neel]

When I read this thread I decided to dump the logs of incomming packets (of whatever kind) to closed ports. Withing a few minutes the list already was to long to be interesting. Most where to ports 80 and 135 and there was one portscan... You're just being lucky I guess.

[catch]

For the smarta$$es... The IP address is 127.0.0.1 please email your results to me....

You're the one that runs that kiddie porn site?!

You should be ashamed!

catch

[Tiger Shark]

Catch:

Yes I am....... I admit it......

And if there is a picture of me naked in the shower then _you_ have been "peeking".... Bad boy!!