While I realize IP banning is of limited use, I just banned my first IP thanks to a new comment on this post. Feel free to join me in banning 210.204.103.1, and if you really care it has some interesting open ports:
hermes:/home/god# nmap -P0 210.204.103.1 -p 1- Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ ) Interesting ports on (210.204.103.1): (The 65505 ports scanned but not shown below are in state: closed) Port State Service 79/tcp open finger 80/tcp open http 98/tcp open linuxconf 111/tcp filtered sunrpc 135/tcp filtered loc-srv 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 445/tcp filtered microsoft-ds 513/tcp open login 514/tcp open shell 588/tcp open cal 666/tcp open doom 707/tcp filtered unknown 1024/tcp open kdm 1067/tcp open instl_boots 1099/tcp open unknown 3127/tcp filtered unknown 3406/tcp open unknown 3456/tcp open vat 4444/tcp filtered krb524 5000/tcp open fics 5800/tcp filtered vnc 5900/tcp filtered vnc-http 6665/tcp filtered unknown 6667/tcp filtered irc 8080/tcp open http-proxy 8282/tcp open unknown 9996/tcp filtered unknown 33571/tcp filtered unknown 51257/tcp open unknown Nmap run completed -- 1 IP address (1 host up) scanned in 765 seconds
For instance, I know that on that machine root has been logged in for 8 days without any activity. Aheh.
Frickin’ spambots.
May 25, 2004 @ 3:29 pm
May 25, 2004 @ 3:32 pm
May 25, 2004 @ 4:18 pm
September 20, 2005 @ 6:16 pm