Category Archives: Announcement

My first banned IP!

While I realize IP banning is of limited use, I just banned my first IP thanks to a new comment on this post. Feel free to join me in banning 210.204.103.1, and if you really care it has some interesting open ports:

hermes:/home/god# nmap -P0 210.204.103.1 -p 1-    

Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ )
Interesting ports on  (210.204.103.1):
(The 65505 ports scanned but not shown below are in state: closed)
Port       State       Service
79/tcp     open        finger                  
80/tcp     open        http                    
98/tcp     open        linuxconf               
111/tcp    filtered    sunrpc                  
135/tcp    filtered    loc-srv                 
137/tcp    filtered    netbios-ns              
138/tcp    filtered    netbios-dgm             
445/tcp    filtered    microsoft-ds            
513/tcp    open        login                   
514/tcp    open        shell                   
588/tcp    open        cal                     
666/tcp    open        doom                    
707/tcp    filtered    unknown                 
1024/tcp   open        kdm                     
1067/tcp   open        instl_boots             
1099/tcp   open        unknown                 
3127/tcp   filtered    unknown                 
3406/tcp   open        unknown                 
3456/tcp   open        vat                     
4444/tcp   filtered    krb524                  
5000/tcp   open        fics                    
5800/tcp   filtered    vnc                     
5900/tcp   filtered    vnc-http                
6665/tcp   filtered    unknown                 
6667/tcp   filtered    irc                     
8080/tcp   open        http-proxy              
8282/tcp   open        unknown                 
9996/tcp   filtered    unknown                 
33571/tcp  filtered    unknown                 
51257/tcp  open        unknown                 


Nmap run completed -- 1 IP address (1 host up) scanned in 765 seconds

For instance, I know that on that machine root has been logged in for 8 days without any activity. Aheh.

Frickin’ spambots.