Monday, March 23, 2015

What's in the honeypot? Banner Information Gathering System by gatech.edu

I have been watching for a while the IP Address of 128.61.240.66 which would appear in the logs almost everyday as shown in the picture below:

Noticing the URL or what appears to be a URL in the banner.  I wanted to know more about this scan or these scan occurrences.  First I googled and then I visited the site and this is what you see upon visiting "http://netscan.gtisc.gatech.edu":

I find this project intriguing that they are collecting the banners and then monitoring them as they change.  This would provide information of patches that are deployed to webservers, up-time, and change amongst the web servers.  I thought I would go a little further and try and find if they release this information on their website at https://gtisc.gatech.edu/index.html.

From the links provided at this site I could not find this information but I did find the following links to be of interest:

Emerging Cyber Threats Report 2015 

2014 Georgia Tech Cyber Security Summit






1 comment:

  1. I have subscribed to your posts and feed. As a finance research associcate I must say that I found the post relevant to my subject area. Thanks for the insight, Steve

    Finance Dissertations

    ReplyDelete

Docker with Juiceshop - Focus on SQL Injection

In preparation for an ethical hacking class that I will be teaching, I wanted to work through a few of the Vulnhub or docker images to refr...