Slashdot Mirror


WormRadar Node Volunteers Help Graph Attacks

zoombat writes "NTBugtraq has a post looking for volunteers to run WormRadar nodes. The nodes are essentially honeypots that watch for suspicious activity. Its purpose is to both measure the frequency of known, current worms and to alert us all when something new becomes active. A graph (updated every 30 minutes) shows what was detected. Currently it looks like only a Windows client is available, though."

2 of 159 comments (clear)

  1. Graph shows u137unk exploit by Dark+Lord+Seth · · Score: 5, Interesting

    And, as it says in the article, u137unk is aimed at port 137 using UDP. NetBIOS request en masse. Over the internet? Why does this not make sense? Maybe all those exploits are Messenger spams? However, iirc, Messenger spam uses a different port and TCP. So if this is not Messenger spam... Then what?

  2. Re:IINAL by Anonymous Coward · · Score: 5, Interesting

    I thought honeypotting is being considerd as not-so-legal.

    Why would you say that? It certainly isn't entrapment. If you leave your house windows open, it doesn't give thieves permission to steal.

    And a burglar can't complain that you have video cameras all over the house recording them while you call the cops.

    In Texas & many other states, you could blow them away with a shotgun and get cheers in the local paper.