30-05-07

Do the right thing - participate in this honeypot project

Honeypots are essential for securitypeople because they give you the opportunity to receive malware or spambots before or at the same time normal websites do and the security firms still have to write (or add) protection against it. But honeypots cost money so this initiative wants you to give them parts of servers or emaildomains. To get the latest attackers and scammers. If you participate you get access to their instantly updated database of IP adresses of hosts that were caught. It is just some lines of code to include or a small script to include in your servers. The results can be made public or kept private.

 

It would be smart for Vlaanderen.be to participate as they know will receive a lot of bad traffic at their mailserver because of the incident (once caught, always tried again). It would be interesting for many Belgian sites to participate and hope that by publishing this list we not only get better protected, but also will activate the so-called e-cops at doing something about it.

 

http://www.projecthoneypot.org 

 

These are Belgian hosts that try to harvest emailaddresses. You have the Ip address, the number of incidents with the first and the last date.

217.136.254.79 132007-04-06  2007-05-22 
213.224.83.4 332005-04-05  2007-05-19 
195.138.218.19 42007-05-14  2007-05-14

 

These are Belgian hosts that try to test if emailaddresses work at emailservers (Directory attacks)

213.189.169.135 132007-05-28  2007-05-28 
212.68.237.75 32007-05-28  2007-05-28 
81.246.100.111 62007-05-24  2007-05-24 
213.189.182.202 42007-05-24  2007-05-24 
81.242.6.150 62007-05-21  2007-05-21 
85.27.120.182 172007-05-17  2007-05-17 
85.201.35.20 52007-05-15  2007-05-15 
87.244.143.159 302007-05-14  2007-05-14 
87.244.167.98 432007-05-14  2007-05-14 
194.78.217.138 212007-05-09  2007-05-11 

 

These are Belgian IP's that send spam and were identified as such and sent out most of the spam caught the last month

194.78.181.130 632006-06-17  2007-05-18

62.166.195.234 222006-11-22  2007-05-26

81.243.251.87 192007-03-05  2007-05-19

87.244.165.192 182007-02-23  2007-05-20

212.68.250.110 172007-04-15  2007-05-26 

213.177.169.67 172006-12-03  2007-05-27

213.246.202.226 162007-03-06  2007-05-29

85.27.5.120        152007-05-17  2007-05-26 

 217.136.253.164 142007-04-04  2007-05-30 

213.213.202.66 132007-02-23  2007-05-15 

195.244.163.5 132007-01-09  2007-05-28

213.49.135.135 132006-12-19  2007-05-29

 

I think any big network operator should need it owns network of honeypots and this is a simple, coordinated and free way to do it.

 

23:20 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

De commentaren zijn gesloten.