Honeypots mailing list archives

Previous By Date Next
Previous By Thread Next

Request for testing on a new telnet service for honeyd

From: giannis_pag () yahoo com
Date: 24 Apr 2006 18:09:30 -0000
IP address changed to 62.38.146.214

so now you can try by
telnet 62.38.146.214 2323

You are absolutely right to be suspicious about this request. It is very possible such a request is coming from a 
hacker.  However this is not the case. Just read the comments of the people that have tried it or try it yourself and 
you will understand. I can only tell you that a predefined (small) number of login attempts, with bogus un/pwd pairs 
and un != root, will get you logged in.

Thanx.
------
How can we verify that this IP/port is not a real service that a hacker wants us to attack? So please do not try 
password attacks on this address but only provide coding help for how to make this telnet service appear "real".

-----Original Message-----
From: giannisSec [mailto:giannis_pag@...]
Sent: Sat 4/22/06 11:55 AM
To: honeypots@...
Subject: Request for testing on a new telnet service for honeyd
 

I ve been developing a new telnet service for honeyd and i would greatly
appreciate some testing and comments at this time. The service is running on
port 2323 due to some isp filtering problems i had on default port 23.
Although it might not seem so at a first glance, you can successfully login
if you try hard enough. I would appreciate it very much if you could try it
out and comment as you feel or make any suggestions. You can try it by

telnet 62.38.146.219 2323

I know that password should not echo but....

http://groups.google.com/group/comp.os.linux.networking/browse_thread/thread/d1528c548d0cb9d4

any help on this is welcomed.

Thanx in advance.
Previous By Date Next
Previous By Thread Next

Current thread: