Monday, March 23, 2015

What's in the honeypot? Banner Information Gathering System by gatech.edu

I have been watching for a while the IP Address of 128.61.240.66 which would appear in the logs almost everyday as shown in the picture below:

Noticing the URL or what appears to be a URL in the banner.  I wanted to know more about this scan or these scan occurrences.  First I googled and then I visited the site and this is what you see upon visiting "http://netscan.gtisc.gatech.edu":

I find this project intriguing that they are collecting the banners and then monitoring them as they change.  This would provide information of patches that are deployed to webservers, up-time, and change amongst the web servers.  I thought I would go a little further and try and find if they release this information on their website at https://gtisc.gatech.edu/index.html.

From the links provided at this site I could not find this information but I did find the following links to be of interest:

Emerging Cyber Threats Report 2015 

2014 Georgia Tech Cyber Security Summit






1 comment:

  1. I have subscribed to your posts and feed. As a finance research associcate I must say that I found the post relevant to my subject area. Thanks for the insight, Steve

    Finance Dissertations

    ReplyDelete

Powershell - Gather Mapped Drives from a List of Computer Names

I created the following Powershell script to gather remotely the mapped drives that users had in their profiles.  I had to create the script...