Is this possible??

fenris · Aug 17, 2001

With all the hype in the news about code red 1 & 2, I decided to write a VB program that sits and listens on port 80. When a connection is made it logs the ip address of the computer that made the connection, then it does a reverse dns lookup to get its name. So far I have logged about 15 hits an hour. This is pretty high for someone whose internet access is a dial-up account!

What I was wondering is there a way for this program to detect stealth type scans? That is scans coming from nmap or similar programs?

Troy Williams B.Eng.
fenris@hotmail.com

JohnYingling · Aug 17, 2001

Go to

http://WWW.ZONELABS.COM

for free "personal" firewall.

http://WWW.VBCompare.Com

fenris · Aug 17, 2001

Thanks for the tip, I already run zonealarm. What I am doing is setting a decoy for infected machines so that I can log them and do some stats! Troy Williams B.Eng.
fenris@hotmail.com

JohnYingling · Aug 17, 2001

I have a site on a web host. I just download the log.The extra hits are against DEFAULT.IDA

http://WWW.VBCompare.Com

visualJay · Aug 17, 2001

fenris,

Yes this is possibible, I have seen programms that listen to every port and log all activities including a simple ping, hitting the pc. I am sorry I do not know how this is done, but I know it can be done.

Dzidze · Aug 17, 2001

I know of a site that will scan all your ports online and give you a detailed report. Maybe you'll find some usefull hints there:

http://www.grc.com

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Is this possible??

fenris

Programmer

JohnYingling

Programmer

fenris

Programmer

JohnYingling

Programmer

visualJay

Programmer

Dzidze

Programmer

Similar threads

Part and Inventory Search

Sponsor