| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: Batch File Question |
From: John Beckett Chris Robinson wrote in message news:: > I just wanted to set something up with an open share so I know if anything > like this happens again. Yes, but on NT4, if you don't enable Guest with a blank password, then if there is a network-share-probing virus, your honeypot will probably NOT detect it. These kinds of viruses are pretty primitive so far. They are looking for shares that can be written by an anonymous (Guest) user, or by Administrator with one of a limited number of guessed passwords (e.g. "admin" or "password"). Probably a more scientific approach would be to run Snort (which detects any suspicious network activity), or enable auditing on your NT machine. Log failed logon attempts and failed write attempts to the shared folder. Attempts to access the share with an unknown user or incorrect password would appear in the Security log of Event Viewer. John --- BBBS/NT v4.01 Flag-4* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 270 @PATH: 379/45 1 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.